Skip to content

SafeAgent-Beihang/clawguard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
auditor-prompt
auditor-prompt
 
 
auditor-skill
auditor-skill
 
 
OpenClaw 智能体安全风险报告.pdf
OpenClaw 智能体安全风险报告.pdf
 
 
README.md
README.md
 
 

Repository files navigation

ClawGuard 🛡️

ClawGuard is a comprehensive security toolkit designed to mitigate risks associated with autonomous agents, such as OpenClaw and other LLM-driven entities. As agents gain more autonomy to execute code, access APIs, and manage files, ClawGuard provides the necessary guardrails to ensure they operate safely and predictably.

📖 Why ClawGuard?

Autonomous agents are powerful but introduce unique security attack vectors:

  • Prompt Injection: Malicious inputs that hijack the agent's logic.
  • Privilege Escalation: Agents performing unauthorized system-level operations.
  • Data Exfiltration: Accidental leaking of PII (Personally Identifiable Information) or API keys to LLM providers.
  • Resource Exhaustion: Infinite loops or recursive tasks leading to massive token costs.

🧩 Components

ClawGuard is designed as a modular suite of security tools. We are continuously building and releasing new components to protect autonomous agents.

Current Components

  • Prompt-based Auditor: A rigorous security gateway prompt designed to audit third-party Skills before OpenClaw installs or configures them. It forces the agent to assess provenance, permissions, network behavior, and dependencies to prevent the execution of malicious code.

  • ClawGuard Auditor: A native Skill for ClawGuard that securely audits operations, requiring installation but providing deeper system-level guardrails.

🚧 Upcoming Releases

Stay tuned! We will be rolling out additional protection modules and specialized datasets soon, including:

  • Runtime Guardrails: Modules to monitor and sandbox agent execution in real-time.
  • Vulnerability Datasets: Comprehensive datasets of malicious prompts, poisoned skills, and edge cases to test and harden agent security.
  • Data Loss Prevention (DLP) Filters: Tools to intercept and redact sensitive information before it reaches external LLM APIs.

🚀 Quick Start

Installation

(Installation instructions will be provided as core modules are released)

Basic Usage

(Usage examples will be provided as core modules are released)

🤝 Contributing

We welcome contributions to make autonomous agents safer!

  1. Fork the Project.
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature).
  3. Commit your Changes (git commit -m 'Add some AmazingFeature').
  4. Push to the Branch (git push origin feature/AmazingFeature).
  5. Open a Pull Request.

📄 License

Distributed under the MIT License. See LICENSE for more information.

⚠️ Disclaimer

ClawGuard is a security tool designed to reduce risk, but it cannot guarantee 100% protection against all possible LLM vulnerabilities. Always follow the principle of least privilege (PoLP) when deploying autonomous agents.

Secure your agents. Protect your systems. Use ClawGuard.

Documentation | Report Bug | Contact Team

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

12 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 2