You land the engagement on Monday. By Friday you have four new logins: the client's Slack, the client's Jira, the client's shared drive, the client's "we use this project management tool" tool. You have installed a VPN. You have signed an NDA that specifies where their data may live, and you are already pasting their data into an AI tool that was not on the approved list. Three months from now, when the engagement ends, you will owe them an export you cannot actually assemble without logging into five systems you no longer have credentials for.

The SaaS pass-through

A solo consultant running three concurrent engagements typically maintains 12 to 20 active client-side logins. Every login is a policy surface: who can access it, what they can see, what happens when the engagement closes. The burden is asymmetric; the client has a procurement team, you have a laptop. Most consultants absorb the friction and hope the exit goes cleanly.

Here is the harder problem: your own knowledge. Think about the judgment you built during last year's M&A advisory, the spreadsheet templates that work on every engagement, the post-mortem you wrote on the failed vendor change. All of it is trapped in the client-side tools that you will lose access to on the last day. You leave with your memory and nothing else portable.

What Crow does

Crow sits on your laptop (or your tailnet-only server). Every engagement becomes a project inside Crow:

Project: Northwind retail
Type: consulting
Context: client is a regional retailer, 800 stores, CIO is in seat
         since January, procurement hates custom vendors, compliance
         scope includes PCI and a state-level privacy law.
Sources: cited docs, contracts, meeting notes
Notes: your judgment, synthesis, working hypotheses

You share drafts with the client via a time-limited share token that expires when the engagement ends. Client sees the deliverable; they do not see your working notes, your judgment calls, or the other eleven projects in your Crow.

Three specific moves:

1. Project-scoped contexts. When your AI session is in the Northwind project, it knows the tone, the stakeholders, the constraints. When you switch to the next engagement, the context changes. No cross-contamination.
2. Client-facing share tokens. A private blog post or a shared memory collection can be exposed to the client via a unique URL with an expiry date. Revoke with one click; the URL goes dead.
3. Clean export. When the engagement ends, the deliverable goes to the client; your working artifacts stay with you. You keep the judgment you developed.

Tradeoffs, honestly

You are now the IT department. A tailnet-hosted Crow instance is secure by default, and you still need to think about backups, device pairing, and password recovery. Plan an afternoon for initial setup and one evening per quarter for maintenance.

Clients sometimes want their own copy of your notes. You can accommodate that: export the project as a Markdown bundle, hand it over, delete your local copy if the contract requires. You control the export; they control their obligations.

For highly regulated domains (health, legal, finance), read the compliance post in this series before running client data through any AI. Your Crow instance is private by default; your AI provider is the second surface to check.

Start here

Install Crow on your working laptop plus a paired second device. Create the first project and pull in your first engagement: getting started with Crow.

Next post in this series: professional services on a server you can point to.