Summary

DefenseClaw provides an enterprise security governance layer for agentic AI, specifically for agents built on OpenClaw. It addresses the risks of powerful AI agents by automatically scanning, inspecting, and blocking dangerous skills, MCP servers, plugins, and tool executions. This system targets organizations deploying AI agents who require robust security, automated policy enforcement, and comprehensive audit trails.

How It Works

DefenseClaw acts as a gateway, intercepting AI agent actions for rigorous security checks. Its multi-component architecture (CLI, Go Gateway, TS Plugin) integrates scanning, static analysis via CodeGuard, and runtime inspection. Components undergo pre-execution scanning, with high-severity findings automatically blocking execution. CodeGuard performs deep static analysis on source code for secrets and insecure patterns. A guardrail proxy inspects LLM prompts/completions and tool calls in real-time, preventing data exfiltration and command injection. This layered defense ensures only safe components interact with infrastructure.

Quick Start & Requirements

• Installation: Install OpenClaw (curl -fsSL https://openclaw.ai/install.sh | bash), then DefenseClaw (curl -LsSf https://raw.githubusercontent.com/cisco-ai-defense/defenseclaw/main/scripts/install.sh | bash), followed by defenseclaw init --enable-guardrail.
• Prerequisites: Python 3.10+, Go 1.25+, Node.js 20+ (plugin), Git. Linux with systemd/root required for Sandbox mode.
• Links: Official install scripts and comprehensive documentation within the repository.

Highlighted Details

• Component Scanning: Automates scanning of skills, MCP servers, and plugins with severity-based blocking.
• CodeGuard Static Analysis: Detects hardcoded secrets, dangerous commands, and insecure code patterns.
• Runtime Inspection: Real-time LLM prompt/completion and tool call inspection for threats.
• OpenShell Sandbox: OS-level isolation (namespaces, Landlock, seccomp) with DefenseClaw governance.
• SIEM Integration: Forwards audit events to Splunk (HEC) and supports OTLP export.

Maintenance & Community

No specific details regarding maintainers, community channels, or sponsorships were found in the provided README.

Licensing & Compatibility

• License: Apache 2.0.
• Compatibility: Permissive for commercial use and integration. Specific usage guardrails for bundled local Splunk are documented.

Limitations & Caveats

• OpenShell Sandbox requires Linux with systemd/root; unavailable on macOS/Windows.
• Guardrail defaults to 'observe' mode (log only); 'action' mode must be enabled for active blocking.