SourcePulse logo
HomeBrowse all repos

clawpatrol  by denoland

Security firewall for AI agents

Created 4 weeks ago

New!

315 stars

Top 85.6% on SourcePulse

GitHubView on GitHub
1 Expert Loves This Project
piscisaureus
Bert Belder
Coauthor of Deno
Project Summary

Summary

Claw Patrol is a security firewall designed to protect production environments from agent actions. It intercepts and inspects agent traffic, enforcing custom rules written in HCL to prevent potentially destructive or unauthorized operations before they reach their targets. This provides a crucial safety layer for AI agents and automated systems interacting with sensitive infrastructure.

How It Works

The system operates by parsing network traffic at the wire level for various protocols, including SQL, Kubernetes, and HTTP. It extracts protocol-specific facts (e.g., SQL verbs, Kubernetes resource types, HTTP methods/paths) which are then evaluated against user-defined rules. These rules, written in HashiCorp Configuration Language (HCL), leverage Common Expression Language (CEL) for conditions, allowing for precise and expressive security policies. This approach offers granular control, enabling developers to define specific actions that are permitted or denied, thereby mitigating risks associated with autonomous agent behavior.

Quick Start & Requirements

Highlighted Details

  • Rule Enforcement: Example HCL rule demonstrates blocking Kubernetes secrets from leaving the cluster.
  • Condition Language: Utilizes CEL for flexible, fact-based condition evaluation over extracted wire traffic data.
  • Flexible Deployment: Offers three distinct deployment shapes: gateway (a standalone proxy), join (host-wide WireGuard tunnel), and run (per-process tunnel for Linux/macOS).
  • Protocol Support: Extracts facts for Postgres/ClickHouse (SQL), Kubernetes, and HTTP.

Maintenance & Community

No specific details on contributors, sponsorships, or community channels were provided in the README.

Licensing & Compatibility

  • License: MIT.
  • Compatibility: No explicit restrictions mentioned for commercial use or closed-source linking.

Limitations & Caveats

No specific limitations, alpha status, or known issues were detailed in the provided README excerpt.

Health Check
Last Commit

1 day ago

Responsiveness

Inactive

Pull Requests (30d)
523
Issues (30d)
56
Star History
315 stars in the last 29 days

Explore Similar Projects

armorclaw by armoriq

0%
292
Secure AI agent operations
Created 3 months ago
Updated 1 week ago

ThinkWatch by ThinkWatchProject

6.8%
1k
Enterprise gateway for secure, governed AI API and MCP access
Created 1 month ago
Updated 12 hours ago

ClawVault by tophant-ai

0.1%
1k
Secure AI agents with atomic control and visibility
Created 2 months ago
Updated 6 days ago

crust by BakeLens

0.7%
431
Secure AI agent interactions with a transparent gateway
Created 3 months ago
Updated 2 days ago

Aegis by Justin0504

0.5%
359
Runtime firewall and audit layer for AI agents
Created 2 months ago
Updated 2 days ago

litellm-agent-platform by BerriAI

10.9%
504
Self-hosted platform for secure, isolated coding agent execution
Created 2 weeks ago
Updated 19 hours ago

openguardrails by openguardrails

0.8%
347
AI agent runtime security
Created 7 months ago
Updated 2 days ago

vArmor by bytedance

0.2%
475
Cloud-native container sandbox for AI workloads
Created 2 years ago
Updated 1 day ago

pipelock by luckyPipewrench

3.4%
638
Secure AI agents with an inline firewall
Created 3 months ago
Updated 14 hours ago

jarvis-registry by ascending-llc

4.3%
1k
Enterprise gateway for AI agents and copilots
Created 7 months ago
Updated 16 hours ago

netclaw by automateyournetwork

2.7%
520
AI network engineering coworker automating complex operations
Created 3 months ago
Updated 2 weeks ago
Starred by Jeff Hammerbacher Jeff Hammerbacher(Cofounder of Cloudera) and Jeffrey Morgan Jeffrey Morgan(Cofounder of Ollama).

OpenShell by NVIDIA

2.4%
6k
Secure runtime for autonomous AI agents
Created 3 months ago
Updated 13 hours ago
Feedback? Help us improve.