Clavis is designed for offline, local deployment: core analysis requires no outbound network calls, keeping sensitive documents inside your environment while outputs remain replayable and verifiable. LLM assistance is used to propose and interpret higher‑order topology – such as graph groupings and motif candidates – but proposed structure remains adjunct until it is converted into span‑backed, deterministic artefacts by verifiers.
Same input. Same output. If a result can’t be proven from artefacts that pass integrity validation, Clavis fails closed – no silent gaps, no best‑guess summaries, no unverifiable claims.
Sensitive documents stay local. Security is enforced through six explicit commitments—each mapped to a control you can verify.
Clavis runs locally and can operate fully offline: no required outbound network calls and no LLM calls in local mode. Documents don't need to transit external services to be processed.
Ownership is derived server‑side. Clients can’t supply tenant/owner IDs—closing off a common class of multi‑tenant privilege escalation failures.
Browser access uses provisioned accounts and server‑managed sessions. Cookies are HttpOnly with SameSite=Strict, and state‑changing requests enforce same‑origin—reducing exposure to common web attack paths.
Outputs are written as canonical bytes to a content‑addressed, append‑only store. Hash collisions are treated as hard failures, and readback re‑verifies canonical form to detect corruption or tampering.
Reviewer views are deterministic derivatives. If required artefacts are missing or fail integrity checks, rendering fails closed—no output is produced ‘anyway’. Projections do not inject timestamps, paths, or environment‑dependent metadata.
Exports are deliberately minimal and contract‑bounded: narrow inclusion, explicit exclusions (including EvidencePack), deterministic ordering, and fail‑closed validation. Export retrieval requires explicit operator intent.
From upload to controlled export—each stage enforces data minimisation, integrity checks, and accountable output boundaries.
Document bytes are staged transiently for processing and removed after job completion.
Analysis runs locally with no required outbound network calls and no LLM calls in local mode.
Outputs are stored as canonical, content‑addressed artefacts in an append‑only store—built for replay verification and audit.
Projections render only from validated artefacts and fail closed on invalid inputs—so reviewers see what is provable, and nothing else.
Exports are minimal by design and require explicit retrieval intent. EvidencePack is excluded from the export bundle by contract.
What Clavis enforces vs what your environment controls—so security teams can evaluate boundaries precisely.
Offline/local execution; no required outbound network calls; no LLM calls in local deployment mode
Network egress controls; air-gap/VPC segmentation
Content‑addressed, append‑only artefact store; canonical‑on‑read integrity checks; collisions treated as hard failures
Filesystem integrity, backups
Server‑derived owner scoping (no caller‑supplied owner identity); hardened sessions; same‑origin enforcement for state‑changing requests
TLS termination; SSO/IdP wrapping if desired
Contract‑bounded export bundle; deterministic packaging; fail‑closed validation; explicit export intent required
Secure channels for transfer
Supports encrypted deployments by recording encryption envelope metadata alongside audit artefacts (key control remains with your environment)
Encrypted volumes / hardware-backed keys
Security is enforced across every layer of the system. Computation is deterministic, data remains contained, infrastructure is isolated, and access and export boundaries are strictly controlled.
We use cookies for functionality and analytics.
Privacy Policy