Local-First Architecture
Core Principle
KroWork runs locally. Your data never leaves your device without your say-so.
Three-Layer Data Protection System
1. Sandbox: A Restricted, Controllable AI Execution Environment
The sandbox is an isolated runtime environment that ensures operational safety for KroWork. All potentially impactful actions — code execution, web browsing, file modifications, etc. — are first carried out in the sandbox. Changes are only applied to your actual system once you confirm them.
- Default isolation: Temporary files, code execution results and file modification operations generated by any skill invocation all take place in the temporary sandbox space.
- Change confirmation: When modifications in the sandbox need to be applied to the real file system, KroWork will explicitly notify you of the files to be altered and will only write changes after your confirmation.
- Risk preview: You can preview execution outcomes in the sandbox first (e.g., batch renaming preview, deletion simulation) before implementation.
- Side-effect-free trial and error: Unconfirmed modifications will be automatically discarded, and the sandbox environment can be reset at any time to prevent losses caused by misoperations.
2. Local Data Retention: Strict User Authorization Principle
Core clause of the KroWork Privacy Agreement:
Without your explicit authorization, KroWork will not collect, upload, or store any local files or private data from your device.
Only the text instructions and task requirements you provide are sent to the model for processing. We will never collect, upload, or store any of your local files without your explicit consent.
3. Workflow Solidification: Offline, Standalone Application Assets
Custom workflows can be solidified into local desktop applications that run independently:
- No Computing Consumption: Solidified applications do not call cloud AI models and incur no token billing.
- No Network Transmission: The application runs entirely offline locally without data upload or leakage.
- User-owned assets: Solidified applications are fully owned by users, unaffected by platform membership or subscription status.
Product Capability Comparison
| Comparison Dimension | KroWork | Traditional Cloud AI Products |
|---|---|---|
| Local Files & Data | No automatic upload without user authorization | Automatically uploaded to vendor servers |
| Program Execution Environment | User-controllable local isolated sandbox | Vendor-managed cloud servers |
| Data Retention Control | Retention rules fully controlled by users | Data retained on servers long-term automatically |
| Workflow Solidification | Supports offline solidification at no extra cost | Not supported, repeated per-run billing |
| Compliance & Security Risks | Data stored locally with no external network transmission, meets local data compliance requirements | Risks of cross-border data transmission and data leakage |
You own your data. You set the rules.