Anchor

10 installs, since July 3, 2025. 10 installs/month. Updated June 30, 2025.

Not paid No touch

Finance Project management CRM

View on Marketplace

Create, send, and track proposals—all from monday.com

Juggling contacts, proposals, and agreements across your CRM and financial tools slows you down and can lead to errors. Anchor’s integration with monday.com helps you efficiently create, send, and track proposals, and manage agreements—all from your existing workspace. Upcoming releases will add seamless payment processing and integrations with financial platforms like QuickBooks Online and Xero.

With Anchor + monday.com, you can:

Create contacts: Add monday.com contacts directly into Anchor with one click, eliminating duplicate data entry.
Generate and send proposals: Turn monday.com items into Anchor proposals and send them without leaving your board.
Track updates: Auto-update items in your board when something changes in Anchor.
Manage agreements: Amendments flow back into monday.com, keeping deal details current and visible.

Get started now by installing Anchor on your monday.com board.

Helpful Links:

New to Anchor? Sign up now
Help Center

Security & Compliance

Security

Does the developer periodically perform penetration testing?

Yes

We’re performing pen tests once a year, prior to the annual SOC-2 audit.

Does the developer have a dedicated security and privacy point of contact for such issues or questions?

Yes

Leeor Aharon [email protected]

Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?

Yes

Does the app protect against mass parameter assignment attacks?

Yes

Code demonstrates protection against mass parameter assignment through: Structured input validation with explicit field validation in validateCreateContactInput(), validateSetupApiKeyInput(), etc. Input sanitization functions (sanitizeEmail(), sanitizeApiKey()) that only allow specific, validated fields Use of typed interfaces and validation schemas that prevent arbitrary field assignment The auth-actor.ts explicitly validates and sanitizes inputs rather than accepting raw object assignments

Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?

Yes

Implementation includes comprehensive input sanitization: Email sanitization: sanitizeEmail() function with length limits, format validation, and character normalization API key sanitization: sanitizeApiKey() with character allowlist (/^[a-zA-Z0-9\-_./:]+$/), length validation XSS protection: escapeForJs() function that escapes dangerous characters (<>\"'&) for safe JS embedding Content Security Policy: Helmet configuration in server.ts with restrictive CSP headers Input validation: Email validator library and E.164 phone format validation

Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?

Yes

Monday integration uses several CSRF protection mechanisms: JWT token authentication: All state-changing endpoints require valid JWT tokens in Authorization headers Token verification: AuthMiddlewareService.verifyToken() validates tokens using Monday.com's signing secret Request origin validation: Monday.com's webhook signature verification No cookie-based authentication: Using bearer tokens instead of cookies reduces CSRF risk Content-Type enforcement: JSON APIs with proper content-type validation

Does the developer have mechanisms to notify monday.com in case of a security breach?

Yes

we will reach to monday.com

Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?

Yes

GitHub Actions CI/CD: Comprehensive pipeline in .github/workflows/build-deployables.yml with automated building, testing, and deployment Docker Multi-stage Builds: Optimized for quick rebuilds and deployments across all services. Container Registry: Integration with Google Container Registry (gcr.io/dualdeed) for fast image distribution Automated Testing: Parallel test execution and validation before deployment ensures security patches don't break functionality. Database migration.

Compliance

Is the app certified with the information security standard ISO/IEC 27001:2022?

Not answered

Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?

Not answered

Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?

Not answered

Is the app compliant with the General Data Protection Regulation (GDPR)?

Not answered

Data

Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).

Not answered

Where does the app store logs data?

Not answered

Where does the app store the app data?

Not answered

Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?

Not answered

Is customer data segregated from the data of other customers (for example logically or physically)?

Not answered

Privacy

Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?

Not answered

Does the developer protect access to customer data based on the principle of least privilege?

Not answered

Reviews

No reviews yet.

Historical data

Installation history

We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.

Total number of installs

Change in total number of installs in last 7 days

Compares the number of installs on each date with 7 days previously:

Max

Min

Current

Change in total number of installs in last 30 days

Compares the number of installs on each date with 30 days previously:

Max

Min

Current

Change in total number of installs in last 90 days

Compares the number of installs on each date with 90 days previously:

Max

Min

Current

Ratings history

Categories history

Each of the following is a yes/no answer, so the graphs show 1 for yes, and 0 for no.

In "Featured" category?

In "Editor's choice" category?

In "Trending this week" category?

App metadata

ID: 10000859 • App ID: 10400666 • Listing updated: July 8, 2025

{
  "id": 10000859,
  "description": "<p><br></p><p>Juggling contacts, proposals, and agreements across your CRM and financial tools slows you down and can lead to errors. Anchor’s integration with monday.com helps you efficiently create, send, and track proposals, and manage agreements—all from your existing workspace. Upcoming releases will add seamless payment processing and integrations with financial platforms like QuickBooks Online and Xero.</p><p><br></p><p><strong>With Anchor + monday.com, you can:</strong></p><ul><li><strong>Create contacts:</strong>&nbsp;Add monday.com contacts directly into Anchor with one click, eliminating duplicate data entry.</li><li><strong>Generate and send proposals:</strong>&nbsp;Turn monday.com items into Anchor proposals and send them without leaving your board.</li><li><strong>Track updates:</strong>&nbsp;Auto-update items in your board when something changes in Anchor.</li><li><strong>Manage agreements:</strong>&nbsp;Amendments flow back into monday.com, keeping deal details current and visible.</li></ul><p><br></p><p>Get started now by installing Anchor on your monday.com board.</p><p><br></p><p><strong>Helpful Links:</strong></p><ul><li>New to Anchor? <a href=\"https://my.anchor.sh/signup?utm_source=monday.com&amp;utm_medium=marketplace\" rel=\"noopener noreferrer\" target=\"_blank\">Sign up now</a></li><li><a href=\"https://help.sayanchor.com/en?utm_source=monday.com&amp;utm_medium=marketplace\" rel=\"noopener noreferrer\" target=\"_blank\">Help Center</a></li></ul>",
  "short_description": "\nCreate, send, and track proposals—all from monday.com",
  "compliance_answers": [
    {
      "questionId": 15,
      "shortAnswer": true,
      "detailedAnswer": "We’re performing pen tests once a year, prior to the annual SOC-2 audit.",
      "fileName": "znqfbbw.pdf"
    },
    {
      "questionId": 14,
      "shortAnswer": true,
      "detailedAnswer": "Leeor Aharon\[email protected]"
    },
    {
      "questionId": 10,
      "shortAnswer": true,
      "detailedAnswer": ""
    },
    {
      "questionId": 9,
      "shortAnswer": true,
      "detailedAnswer": "Code demonstrates protection against mass parameter assignment through:\nStructured input validation with explicit field validation in validateCreateContactInput(), validateSetupApiKeyInput(), etc.\nInput sanitization functions (sanitizeEmail(), sanitizeApiKey()) that only allow specific, validated fields\nUse of typed interfaces and validation schemas that prevent arbitrary field assignment\nThe auth-actor.ts explicitly validates and sanitizes inputs rather than accepting raw object assignments"
    },
    {
      "questionId": 5,
      "shortAnswer": true,
      "detailedAnswer": "Implementation includes comprehensive input sanitization:\nEmail sanitization: sanitizeEmail() function with length limits, format validation, and character normalization\nAPI key sanitization: sanitizeApiKey() with character allowlist (/^[a-zA-Z0-9\\-_./:]+$/), length validation\nXSS protection: escapeForJs() function that escapes dangerous characters (<>\\\"'&) for safe JS embedding\nContent Security Policy: Helmet configuration in server.ts with restrictive CSP headers\nInput validation: Email validator library and E.164 phone format validation"
    },
    {
      "questionId": 4,
      "shortAnswer": true,
      "detailedAnswer": "Monday integration uses several CSRF protection mechanisms:\nJWT token authentication: All state-changing endpoints require valid JWT tokens in Authorization headers\nToken verification: AuthMiddlewareService.verifyToken() validates tokens using Monday.com's signing secret\nRequest origin validation: Monday.com's webhook signature verification\nNo cookie-based authentication: Using bearer tokens instead of cookies reduces CSRF risk\nContent-Type enforcement: JSON APIs with proper content-type validation"
    },
    {
      "questionId": 3,
      "shortAnswer": true,
      "detailedAnswer": "we will reach to monday.com"
    },
    {
      "questionId": 2,
      "shortAnswer": true,
      "detailedAnswer": "GitHub Actions CI/CD: Comprehensive pipeline in .github/workflows/build-deployables.yml with automated building, testing, and deployment\nDocker Multi-stage Builds: Optimized for quick rebuilds and deployments across all services.\nContainer Registry: Integration with Google Container Registry (gcr.io/dualdeed) for fast image distribution\nAutomated Testing: Parallel test execution and validation before deployment ensures security patches don't break functionality.\nDatabase migration."
    }
  ],
  "badges_data": {
    "pricing_data": "Free",
    "acquisition_source": "No touch",
    "app_values": [
      "Everyday tasks"
    ]
  },
  "data": {
    "terms_of_service_url": "https://www.sayanchor.com/terms-of-service"
  },
  "keywords": "Proposals, Agreements, CRM, Finance, Accounting, Invoicing, Contract Management, Customer Management,quickbooks,xero",
  "thumbnail_url": "https://cdn.monday.com/marketplace/10000859/10000859_2025_6_3_13_21_21_2853dqu.png",
  "logo_url": "https://cdn.monday.com/marketplace/10000859/10000859_2025_6_3_13_21_35_61ass5o.png",
  "feedback_url": "[email protected]",
  "privacy_policy_url": "https://www.sayanchor.com/privacy-policy",
  "external_pricing_url": null,
  "featured": null,
  "security": null,
  "display_in_template_store": null,
  "acquisition_source": "No touch",
  "terms_of_service_url": "https://www.sayanchor.com/terms-of-service",
  "label": null,
  "app_values": [
    "Everyday tasks"
  ],
  "security_info": null,
  "gallery_assets": [
    {
      "url": "https://cdn.monday.com/marketplace/10000859/10000859_2025_6_3_19_26_10_q6sfm3jg.png",
      "type": "image"
    },
    {
      "url": "https://cdn.monday.com/marketplace/10000859/10000859_2025_6_3_19_26_22_0o70562.png",
      "type": "image"
    },
    {
      "url": "https://cdn.monday.com/marketplace/10000859/10000859_2025_6_3_19_26_28_9sry69d.png",
      "type": "image"
    },
    {
      "url": "https://cdn.monday.com/marketplace/10000859/10000859_2025_6_3_19_26_35_mttldve.png",
      "type": "image"
    },
    {
      "url": "https://cdn.monday.com/marketplace/10000859/10000859_2025_6_3_19_26_41_1m2gtsu.png",
      "type": "image"
    }
  ],
  "pricing_data": "Free",
  "marketplace_developer_id": 100000067,
  "app_id": 10400666,
  "marketplace_category_ids": [
    10000007,
    10000001,
    4
  ],
  "name": "Anchor",
  "app_scope_str": "boards:read,boards:write",
  "app_client_id": "e59a009cda78b91abbe1e2c71130b1be",
  "app_color": {
    "hsl": {
      "h": 271.7647058823529,
      "s": 0,
      "l": 1,
      "a": 1
    },
    "hex": "#ffffff",
    "rgb": {
      "r": 255,
      "g": 255,
      "b": 255,
      "a": 1
    },
    "hsv": {
      "h": 271.7647058823529,
      "s": 0,
      "v": 1,
      "a": 1
    },
    "oldHue": 271.7647058823529,
    "source": "hsv"
  },
  "created_at": "2025-07-03T13:15:02.228Z",
  "updated_at": "2025-07-08T10:09:40.705Z",
  "how_to_use_url": "https://view.monday.com/9327527206-b037af65bb2af0f390594a0fae889219?r=use1",
  "automation_app_id": null,
  "plans": null,
  "featured_for_categories_ids": [],
  "pinned_for_categories_ids": [],
  "pricing_model": null,
  "app_type": "app",
  "display": null,
  "is_connector": null,
  "google_analytics_tag_id": null,
  "app_live_version": {
    "updated_at": "2025-06-30T14:05:04Z",
    "id": 10889962
  },
  "is_solution": null,
  "available_for_tiers": null,
  "available_for_products": null,
  "installsDelta": {
    "totalInstalls": 9,
    "sevenDays": 4
  }
}

Anchor

Create, send, and track proposals—all from monday.com

Security & Compliance

Security

Compliance

Data

Privacy

Reviews

Historical data

Installation history

Total number of installs

Change in total number of installs in last 7 days

Change in total number of installs in last 30 days

Change in total number of installs in last 90 days

Ratings history

Categories history

In "Featured" category?

In "Editor's choice" category?

In "Trending this week" category?

App metadata

Table of Contents