from clawmoat36
Scans agent inputs and outputs for prompt injection, jailbreaks, credential leaks, PII, and unsafe tool calls; includes scripts for scanning and auditing.
ClawMoat provides real-time security scanning for AI agents. It detects prompt-injection patterns, jailbreak attempts, exposed secrets/credentials, PII, and dangerous tool call signatures. The skill ships with scripts to scan text or files, audit agent session logs, and run tests; findings are categorized by severity.
Run ClawMoat before processing untrusted inputs, prior to executing tool calls sourced from external content, when sending messages that may contain secrets, or periodically to audit agent session logs for security incidents.
scripts/scan.sh, scripts/audit.sh, scripts/test.shIntended for agents that can execute shell scripts and monitor logs (OpenClaw-compatible agents, CLI-enabled agents, security-focused automation agents).
ClawMoat is an agent security scanner skill that detects prompt injection, jailbreaks, credential leaks, PII, and unsafe tool calls. The SKILL.md is well-written with clear triggers and severity-based guidance. Scripts are structurally sound with proper error handling, but all three fail at runtime because the clawmoat CLI dependency isn't available and the fallback path resolution is incorrect. The skill would be useful if the CLI were installed.
clawmoat CLI (npm package or binary)Security-focused skill for AI agents — conceptually strong. Scripts use set -euo pipefail and proper variable quoting throughout. The main barrier is the missing CLI dependency which makes the skill non-functional out of the box. No malicious patterns detected.
