How KroWork Keeps You Safe

With security as its core, KroWork has built six security lines. These lines comprehensively protect users' operation security, data security and usage environment security from six dimensions: permission control, operation protection, input security, privacy protection, emergency response and information exposure prevention. They balance efficient functions with security protection.

1. Permission Control Line

It follows the principle of least privilege, granting users only the minimum permissions necessary to complete their current tasks to avoid security risks caused by redundant permissions. For sensitive operations such as data modification and system configuration, manual explicit authorization from users is required to fundamentally prevent permission abuse and unauthorized operations.

2. Operation Protection Line

It conducts real-time verification on high-risk operations such as deletion and overwriting, focusing on preventing common risks like accidental deletion and file overwriting. When users perform such operations, the system will pop up a risk prompt and require secondary confirmation, effectively reducing the risk of data loss or system abnormalities caused by incorrect operations.

3. Prompt Injection Protection Line

To prevent prompt injection attacks, the system treats all external data (including user input and external documents) as pure data. It strictly separates the boundary between data and instructions and never parses external data as system instructions, ensuring the stable and safe operation of the tool.

4. Privacy Protection Line

It adopts a local-only operation mode. All data generated by users during use, such as code, documents and operation records, are stored on local devices and never uploaded to the cloud. This fundamentally eliminates the risks of cloud data leakage, theft or abuse, protecting users' privacy and security.

5. Emergency Brake Line

As an emergency security guarantee, it allows users to immediately stop all ongoing tasks (including code execution and file processing) at any time and in any operation scenario. This achieves immediate loss control, quickly avoids sudden security risks and minimizes losses.

6. Exposure Risk Protection Line

It focuses on internal network usage scenarios. Through strict access control and transmission encryption, it prevents the leakage of sensitive internal network information. At the same time, it monitors operation behaviors and data transmission in real time. Once an abnormality is found, it immediately sends an early warning report to users or administrators for quick handling.