Connect your tools
OAuth for Google, Notion and Jira. API key for tl;dv. Direct or SSH-tunneled connection for PostgreSQL.
Moat8 is a tool that pulls the data from your work accounts — Gmail, Drive, Notion, Jira, meetings, databases — and prepares it into clean files for your AI agents. Connect your accounts on the web, install the moat8 CLI, and the files download straight to your computer. We don't keep your data — we store only your encrypted access tokens.
Your company's knowledge lives in six different tools. The AI you pay for can't see any of it — so it answers like it has never met your business. The vault is the missing foundation.
of corporate AI pilots fail to deliver ROI. The root cause MIT names is data readiness — not models.
OAuth for Google, Notion and Jira. API key for tl;dv. Direct or SSH-tunneled connection for PostgreSQL.
Every thread, doc, ticket, transcript and table becomes plain markdown or CSV with a stable path. Only what changed moves.
A scoped, read-only token for the API — or sync the vault to a folder with the moat8 CLI and let local tools read files directly.
This is the connector catalog; the ones enabled for your workspace are marked live in the app dashboard and set up with you during onboarding. And whatever isn't on this list — custom connectors for your internal tools, legacy databases and odd formats are built for your stack — tell us what you run on.
Gmail, Drive, Docs, Calendar, Notion, Jira, tl;dv and PostgreSQL — synced incrementally, normalized with stable paths.
Plain files plus a read-only API. No proprietary index to rebuild when you switch models.
Scoped, revocable tokens. Agents read your business — they can never touch the source systems.
No black-box index. Sync the vault to your own machine and see exactly what any AI sees.
Content-hash based sync: unchanged files never move. Fresh without re-processing everything.
Expert-assisted AI projects succeed at 67% vs 22% alone (MIT). The moat8.ai team configures your vault with you.
The worst case is bounded by design — not by policy.
Prepared files are a short-lived delivery buffer only: each read-only token binds to one client, and buffered content is auto-purged within 24 hours. We permanently store just your encrypted access tokens and a small file index (names + checksums) — not file contents.
Moat8 never writes back to Gmail, Notion, Jira or your database. The worst case is bounded by design.
Every agent token is limited to one vault and revocable instantly. Tokens are stored AES-256-GCM encrypted, and every reveal is written to the audit log.
The vault is human-readable files. Open them, audit them, sync them to your own machines.
The vault is storage and plumbing. Nothing is used for training — ours or anyone else's.
OAuth for Google, Notion, Jira. SSH tunnels for databases. Connector credentials AES-256-GCM encrypted at rest, TLS in transit, isolated per-workspace tenancy, audit log of administrative actions.
Mirror your vault into a local folder so your editor, scripts and local agents read plain files. The one-line moat8 CLI runs on macOS and Linux and keeps syncing in the background.
moat8, into your path.
moat8 logs; stop with moat8 uninstall.
Don't want a local folder? The same read-only token works straight against the HTTP API — GET /v1/vaults/:id/files and /files/content — so an agent can read the vault without syncing anything to disk.
Every vault is scoped and set up with you by the moat8 team — fixed scope, clear milestone, defined outcome. Not a retainer. Not seats.
TALK TO THE TEAM →We map your sources, configure every connector and hand over a working vault — not a how-to guide.
Internal tools, legacy databases, odd formats — built for what you actually run on.
Weekly digests, account briefs, ops copilots — grounded in your data from day one.
You pay for the working system, not hours or headcount. No retainers.
moat8 command-line tool with one line — sudo mkdir -p /usr/local/bin && curl -fsSL https://moat8.space/cli/moat8 | sudo tee /usr/local/bin/moat8 >/dev/null && sudo chmod +x /usr/local/bin/moat8 — create a named read-only token on the app dashboard (the token already knows your vault, no id needed), then run moat8 install --dir ~/Moat8Vault. That token binds to the first client that uses it, so create a separate token per employee or machine. The background service keeps the folder synced and restarts itself on every login or reboot — moat8 logs to watch it, moat8 uninstall to stop. Needs Node 20+, works the same on macOS and Linux.export MOAT8_TOKEN="moat8_agent_…,moat8_agent_…" followed by moat8 install --dir ~/Moat8Vault. Each vault syncs into its own subfolder named after the token, and one background service keeps them all fresh. Remember every token binds to the first client that uses it, so create fresh tokens per machine.moat8 turns complex AI experiments into proprietary business infrastructure. Seven iterations aren't failures — they're the foundation of an advantage your competitors can never buy.
We embed a CTO-level strike team that owns the outcome. You pay for the win, not the headcount — and we don't give up until the moat is built.