Clasper Core is built for regulated environments and audit-intensive workloads. Security is not a feature — it's the architecture.
Every read and write is scoped to the local workspace. Cross-tenant access is not part of Clasper Core.
No persistent sessions, no stored credentials, no agent memory. Your backend remains the source of truth.
Local, self-attested audit logs for all actions. Every agent decision is traceable, replayable, and explainable.
Agents operate through explicit API contracts. No shell access, no filesystem, no browser automation.
PII Redaction
Configurable patterns automatically redact sensitive data from traces and logs.
Retention Policies
Local retention controls with configurable cleanup enforcement.
Single-Operator Access
Clasper Core is designed for a single-operator environment with explicit API contracts.
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.
Report a vulnerability
[email protected]We aim to acknowledge reports within 48 hours and provide a detailed response within 7 days.