Skip to content
Clawdemy

References: What happens in three seconds: the path your prompt takes

Citations in this lesson are accurate as of the capture date noted on each source. Vendor privacy policies and architectural details may have changed since capture. For current information, follow the linked sources to the live document.

Source material

Section titled “Source material”
Source material:
• Clawless (sister project)
  "What is Under the Hood" (knowledge base chapter)
  https://clawless.ai/docs/knowledge-base/whats-under-the-hood
  License: Creative Commons Attribution-ShareAlike (CC BY-SA 4.0)


• Anthropic
  "Privacy Policy"
  https://www.anthropic.com/legal/privacy
  License: Anthropic publication; cited verbatim for the Inputs and Outputs vocabulary definition


This lesson is original Clawdemy authorship. The seven-step path framing, the
CDN metadata distinction, the path-vs-policy distinction, the three common
pitfalls, and the Aisha-on-Friday-morning narrative spine are all original
editorial work. The lesson uses the Clawless KB chapter as the worked example
for the architectural-alternative paragraph (the case where the user's
computer talks directly to the AI provider with no consumer-facing CDN), and
quotes one major AI provider's privacy policy verbatim for the Inputs and
Outputs vocabulary definition. All rights to the original publications remain
with the publishers.

Going deeper

Section titled “Going deeper”

A short list of durable resources for readers who want more than the lesson covers.

  • Clawless KB: “What is Under the Hood”. The full chapter that grounds the architectural-alternative paragraph. Walks the actual data path for a desktop AI app where the user’s computer talks directly to the AI provider, with no intermediate vendor server. Useful for readers who want to see the contrast case worked all the way out (where data lives, what the desktop app is responsible for, what the AI provider is responsible for). Track 6 returns to this chapter in Phase 5 when architecture becomes the explicit topic.

  • Anthropic Privacy Policy. The full privacy policy of one major AI provider, cited in this lesson for the canonical Inputs and Outputs vocabulary definition. Worth reading as a worked example of what a vendor privacy policy actually looks like; Phase 4 of this track teaches a five-question rubric for reading any vendor’s policy, and the Anthropic policy is one of the worked examples there. The “Inputs and Outputs” terminology appears throughout the policy and is the load-bearing vocabulary for the rest of the document.

  • Mozilla Privacy Not Included: AI chatbot category. Mozilla’s curated overview of AI chatbot privacy postures across the major vendors. Cited in lesson 1.1 for the multi-layer settings problem; cited here as a starting point for readers who want to compare what specific vendors say about their handling of the path the lesson just walked. Updated periodically as vendor policies change.

Source limitations

Section titled “Source limitations”

These sources are good. Naming what each one is weaker on helps you use them well.

Clawless KB: “What is Under the Hood”. This is a sister-project knowledge-base chapter written by the Clawless team about Clawless. It is honest about Clawless’s specific architecture (the desktop app talks directly to the AI provider; no Clawless server holds logs of requests). It is not a neutral comparative survey of all AI tool architectures. The chapter is the canonical worked example for one specific architectural shape; it is not the only such shape, and the typical consumer-AI shape this lesson walks first is the more common one. Read the chapter for the contrast case, not as a buyer’s guide.

Anthropic Privacy Policy. The Anthropic privacy policy is cited here for terminology grounding (Inputs/Outputs vocabulary). It is not presented as a positive or negative exemplar. This is one specific vendor’s privacy policy, captured at a point in time. Vendor privacy policies revise on their own cadence (often quarterly, sometimes more frequently). The Inputs and Outputs vocabulary the lesson cites is industry-standard and appears in many vendors’ policies, not only Anthropic’s; the verbatim quote attributed here is one of several available sources of the same vocabulary. If Anthropic restructures their policy substantively, the verbatim quote may no longer appear in the form cited; the 6-month review cadence is intended to catch that. The lesson uses Anthropic’s wording because it is clear and stable, not because Anthropic’s policy is exemplary or non-exemplary in any other respect (Phase 4 will evaluate vendor policies on their merits, not by who is being cited for vocabulary).

Mozilla Privacy Not Included AI chatbot article. Mozilla is a privacy-advocacy organization with a consistent pro-privacy point of view. Their coverage highlights risks more than tradeoffs and is updated on Mozilla’s own publication cadence rather than continuously. The article is a useful snapshot for understanding the vendor-policy landscape but is not exhaustive (it does not cover every AI vendor) and may be partially out of date on specific settings paths for any given product. Use as one input alongside the vendors’ own documentation, not as the only source.

Adjacent lessons

Section titled “Adjacent lessons”

Topics this lesson connects to in the rest of the track.

  • Lesson 1.2: Your starting point. The immediate prior lesson. The seed paragraph Aisha wrote there told her what she is protecting and from whom. This lesson tells her where the protected things go when she clicks Send. The two are complementary: 1.2 is the threat-model seed; 2.1 is the data-flow scaffold.

  • Lesson 2.2: Who sees what along the way. The immediate next lesson. Walks the same seven-step path again, but instead of asking what happens at each step it asks who can see what at each step. The path you learned here is the scaffold; the parties along it are the next layer of detail.

  • Lesson 2.3: When the model remembers, and when it doesn’t. Closes Phase 2 by adding the temporal dimension to the path: what persists in the system after your conversation ends, what does not, and what determines the difference. Formalizes the context-window concept this lesson named but did not define.

  • Phase 3: Threat models in plain language. The phase that turns “what is structurally possible at each step” into “what could actually go wrong, in vocabulary you can act on.” The four-category Phase 3 vocabulary (vendor retention, training-data inclusion, breach exposure, and government subpoena or bulk surveillance) maps onto specific risks at specific steps of the seven-step path.

  • Phase 4: Reading a vendor’s actual privacy posture. Teaches the five-question rubric for reading a vendor’s policy against the path. The path from this lesson is the question the rubric asks; the rubric is the structured way to read the policy that answers it.

  • Phase 5: Local-first as an architectural answer. Returns to the architectural-alternative paragraph from this lesson and walks it as the main topic. After Phase 5, Aisha will be able to distinguish vendors whose privacy posture is architectural (the system cannot retain certain data because of how it is built) from vendors whose posture is policy-based (the vendor commits to not retaining the data even though the architecture would let them).