AI tool comparison
CrabTrap vs Microsoft Harrier-OSS-v1
Which one should you ship with? Here is the side-by-side panel verdict, pricing read, reviewer split, and community vote comparison.
Developer Tools
CrabTrap
Open-source HTTP proxy that enforces security policies on AI agent API calls
50%
Panel ship
—
Community
Paid
Entry
CrabTrap is an open-source HTTP/HTTPS proxy built by Brex's engineering team that sits between AI agents and the external internet, evaluating every outbound request against configurable security policies before it reaches any third-party API. It uses a two-tier evaluation system: fast deterministic static rules handle the obvious cases (block this domain, require this header), while an LLM-as-a-judge handles ambiguous requests that need semantic understanding — like determining whether a request to send an email is within scope of the current task. Built in Go with a TypeScript frontend, CrabTrap ships with a PostgreSQL-backed audit log and a web UI for policy management. It supports MITM inspection of HTTPS traffic, request/response logging, and policy versioning — making it suitable for production agentic systems where compliance or security teams need a paper trail. Version 0.0.1 was released April 17, 2026 and is MIT licensed. The problem it solves is real: as AI agents gain more autonomy and access to external APIs, the attack surface grows. A compromised or misbehaving agent that can freely call any URL is a significant risk. CrabTrap gives engineering teams a single chokepoint to enforce least-privilege access — something that's been missing from most agentic frameworks that assume a trusted execution environment.
Developer Tools
Microsoft Harrier-OSS-v1
SOTA multilingual embeddings in 3 sizes — quietly MIT-licensed with zero fanfare
75%
Panel ship
—
Community
Free
Entry
Microsoft Harrier-OSS-v1 is a family of multilingual text embedding models released with almost no publicity on March 30, 2026 — no blog post, no press release, just a HuggingFace upload. Available in three sizes (270M, 0.6B, and 27B parameters), the models achieve state-of-the-art performance on Multilingual MTEB v2 across 94 languages, 32k token context windows, and use a decoder-only Transformer architecture rather than the traditional BERT-style encoder design. The 27B variant scores 74.3 on MTEB v2, outperforming all previous open-source multilingual embedding models. All three sizes are MIT-licensed — fully open, including commercial use. The decoder-only architecture mirrors modern LLMs rather than the encoder-only models (like E5, BGE, and mE5) that have dominated embedding benchmarks for years. For developers building RAG systems, semantic search, multilingual document clustering, or cross-lingual retrieval, Harrier represents a significant quality jump. The 270M and 0.6B variants are practical for production deployment; the 27B is for maximum quality where compute isn't a constraint.
Reviewer scorecard
“This fills a gap that every production agentic system needs but almost no one has solved yet. The two-tier policy engine — static rules for speed, LLM for ambiguity — is the right architecture. The fact that Brex built and open-sourced this suggests they've already battle-tested it against real agent deployments.”
“MIT license + SOTA multilingual MTEB scores + 270M/0.6B/27B size options = drop this into your RAG stack immediately. The decoder-only architecture is architecturally interesting but what matters is the benchmark numbers, and they're the best in class. Drop-in replacement for mE5-large or multilingual-e5-large.”
“v0.0.1 with 126 GitHub stars is a weekend project right now, not infrastructure you should bet your production agents on. The LLM-as-a-judge for policy evaluation is also expensive and introduces its own latency — you're adding an AI call to evaluate every AI agent call. The operational complexity of running MITM HTTPS inspection in production is non-trivial.”
“Benchmark scores don't always translate to real-world retrieval quality — domain-specific datasets often favor fine-tuned models over general SOTA. The lack of any documentation, paper, or announcement is a yellow flag; it's unclear what training data was used, which affects reproducibility and potential data contamination concerns.”
“Agent security tooling is where network security tooling was in the early 2000s — primitive, fragmented, and urgently needed. CrabTrap is an early bet on a category that will be worth billions once enterprises start mandating audit trails for agentic systems. Brex building this in-house and open-sourcing it is a strong signal of what production agent operators actually need.”
“The shift to decoder-only embeddings mirrors the broader architectural convergence in AI — the same foundational architecture working for both generation and retrieval. As RAG systems go multilingual and handle longer documents, models like Harrier with 32k context and 94-language coverage become load-bearing infrastructure.”
“This is deeply in the DevOps/infrastructure lane — not something a creator or designer would ever touch directly. But if the tools you use to generate content are backed by CrabTrap-style security, you'd want that. For now, it's a ship for the engineers who configure your AI stack, a skip for everyone else.”
“For anyone building multilingual content search or recommendation systems — this is the embedding model to use. Being able to search across 94 languages with a single model rather than language-specific pipelines dramatically simplifies cross-cultural content projects.”
Weekly AI Tool Verdicts
Get the next comparison in your inbox
New AI tools ship daily. We compare them before you waste an afternoon.