Trust is engineered.
Defrag is built to be auditable, scoped, and reversible. Controls are explicit and designed for safe real-world use.
Private by defaultMemory is optionalExports are sanitizedSigned tool callsRate-limited + audited
Data control
You control memory, exports, and deletion. Memory can be disabled at any time. Exports are sanitized and delivered via time-limited links.
System controls
- Rate limiting and concurrency caps per user.
- Request IDs propagated end-to-end for auditability.
- Tool calls are signed and recorded in an audit trail.
Least privilege
Only allow-listed tools can be invoked. Tool inputs are validated, and server-side authorization ensures data is scoped to the authenticated user.
Redaction & export safety
Safe exports remove sensitive fields and internal metadata. Signed URLs expire quickly and are scoped to a single artifact.
Signed + AuditedSanitized ExportTime-limited Download
Reliability
Deterministic pipelines produce the same outputs for the same inputs. Guardrails are enforced at the edge and the backend to prevent abuse.