All activity
OpenClaw is powerful because it operates with real credentials to perform real work. That same power makes it an attractive target.
So we built ClawShell. It assumes agent execution is adversarial by default.
Secrets are isolated behind a separate privileged process, enforced at the OS level. Even if the agent is fully hijacked, it only sees virtual identifiers.
Onboarding takes less than a minute and requires no changes to OpenClaw.
Apache 2.0 licensed. Written in Rust.
ClawShellThe Runtime Security Layer OpenClaw needs
Guanlan Daileft a comment
I’ve been using OpenClaw daily since it dropped in November. I love the agency it provides, but as I started giving it more production API keys and access to my local filesystem, I realized the threat model was essentially "hope-based." We ran a small experiment to test this assumption. Through multi-turn interaction alone, we were able to retrieve active API credentials from a standard setup...
ClawShellThe Runtime Security Layer OpenClaw needs