Summary

GoPlus AgentGuard provides a real-time security layer for AI agents, addressing risks from malicious skills, prompt injection, and data exfiltration. It protects users by automatically scanning new skills, blocking dangerous actions before execution, and tracking the origin of each action, thereby safeguarding terminal access, files, and secrets.

How It Works

AgentGuard operates in two layers: Layer 1 (Automatic Guard) uses hooks into agent execution environments like Claude Code and OpenClaw to intercept and block dangerous commands (e.g., rm -rf /, curl | bash), prevent writes to sensitive files (.env, .ssh/), and detect data exfiltration. Layer 2 (Deep Scan) performs on-demand static analysis of new skills using 24 detection rules, identifying secrets, backdoors, obfuscation, prompt injection, and Web3-specific exploits. A trust registry manages capability-based access control per skill, holding malicious skills accountable.

Quick Start & Requirements

Installation varies by platform. For OpenClaw, use npm install @goplus/agentguard. For Claude Code, clone the repository (git clone https://github.com/GoPlusSecurity/agentguard.git), run ./setup.sh, and add the plugin. Manual skill installation involves copying files. Prerequisites include Node.js/npm for certain installations and a compatible AI agent environment (Claude Code, OpenClaw).

Highlighted Details

• Features 24 detection rules covering execution, secrets, exfiltration, obfuscation, Web3 exploits (wallet draining, unlimited approvals), and trojans.
• Offers configurable protection levels: strict (block all risky), balanced (block dangerous, confirm risky - default), and permissive (block critical threats only).
• Implements a trust registry for capability-based access control, enhancing skill accountability.
• Supports multiple AI agent platforms including Claude Code, OpenClaw, and others for skill execution.

Maintenance & Community

The project shows active development, with recent roadmap items for v1.1 and v2.0 marked as completed, indicating ongoing feature enhancement and multi-platform support expansion. Contributions are welcomed via CONTRIBUTING.md, and security vulnerabilities should be reported via SECURITY.md. The project is built by GoPlus Security.

Licensing & Compatibility

AgentGuard is released under the MIT license, which permits broad use, including commercial applications and linking with closed-source software. It is compatible with various AI agent platforms, including Claude Code and OpenClaw, with full hook support on these two.

Limitations & Caveats

The auto-guard hooks are platform-specific and rely on agent environment event systems. Skill source tracking in Claude Code uses transcript analysis, which is heuristic and not always precise. Hooks cannot intercept the initial skill installation process. In OpenClaw, rapid tool calls immediately post-startup may occur before the asynchronous plugin scan completes.