SecureMind

Blocks security leaks & data exposure in OpenClaw agents

8 followers

Blocks security leaks & data exposure in OpenClaw agents

8 followers

Visit website

AI Coding Agents

•

OpenClaw

SecureMind v3 adds persistent agent memory and binary distribution to the defense-in-depth security layer for OpenClaw agents. v1 blocked sensitive files and dangerous commands. v2 added PromptGuard, a 3-layer prompt intent engine. v3 ships Obsidian Memory Map — on-device persistent memory so agents remember context across sessions, plus a single-file binary plugin (no Python needed), machine-bound 10-day trial, and hardened prompt injection detection. Nothing leaves your machine. Zero config.

Free Options

Launch tags:Software Engineering•Privacy•GitHub

Launch Team

EOL Dataset by HeroDevs — Find every EOL dependency in your stack. Free. In 5 minutes.

Find every EOL dependency in your stack. Free. In 5 minutes.

Promoted

Maker

📌

1. The Problem: AI coding agents read your files and run commands on user's or developer's machine. One prompt injection, one careless request, and the .env, SSH keys, AWS credentials, or customer PII gets sent to the model — and potentially logged, cached, or leaked. OpenClaw's native read and exec tools have no security gate. Anything the agent asks for, it gets. 2. The Purpose of Security Plugin: It provides custom security layer for OpenClaw's native read and exec tools with DLP-gated versions that scan every request before it executes: - Layer 1 — Path/filename check: Blocks .env, .ssh/, .aws/credentials, .pem, .npmrc, and 60+ sensitive file patterns instantly - Layer 2 — Content scan: Scans file contents for SSNs, credit cards, API keys, JWTs, medical record numbers, HIPAA identifiers, and 15+ PII patterns — even in PDFs, Excel, Word, and CSV files - Layer 3 — Command validation: Blocks printenv, cat ~/.env, curl -d @secrets, nc, ssh-keygen -y, and 16 exfiltration/credential-dump patterns - Global exec hook: Intercepts ALL command execution — plugins, workflows, and agents can't bypass it 3. What Makes It Different: - Zero config. Install, restart gateway, done. No rules to write, no YAML to edit - Binary distribution. The DLP engine is compiled — no source code shipped, no programming language dependencies, no supply chain risk - Content-aware. Doesn't just check filenames — scans what's inside. A file called notes.txt containing SSN: 123-45-6789 gets blocked - Two layers of defense. Even if the LLM is prompt-injected into wanting to read your secrets, the tool-level block stops it before execution 4. Why We Built It We built Securityplugin v1 to address the critical need for enhanced security and privacy within the OpenClaw environment. As OpenClaw operates with access to sensitive system files, commands, and data, a dedicated security plugin is essential to prevent unauthorized access, data leaks, and harmful actions. Securityplugin v1 acts as a proactive safeguard that enforces strict controls, protects sensitive credentials, and mitigates risks from potentially malicious or accidental operations. Our goal was to create a reliable, configurable, and transparent security layer that empowers users to confidently use OpenClaw without compromising their system's integrity or privacy. 5. How it works: User: "Read ~/.env" → OpenClaw routes to secure_read (plugin) → Plugin spawns DLP binary → Layer 1: filename blocked (.env) → DENIED. Content never leaves your machine.

Report

2mo ago

Maker

🚀 Update: SecureMind v2 is live — with PromptGuard

When we built v1, we focused on blocking dangerous actions at execution time (files, commands, DLP checks).

But we realized something important:
👉 By the time a tool is called, the intent is already compromised.

So in v2, we added PromptGuard — a 3-layer intent analysis system that runs before any tool executes:

Layer 0: Fast regex detection (<50ms)
Layer 1: Rule-based classifier (understands intent vs context)
Layer 2: Optional local LLM (Ollama) for ambiguous cases

This lets us catch:

Prompt injection attempts
Credential harvesting
.env / system file exfiltration
Encoding-based evasion (base64, etc.)

Now combined with v1’s tool-level enforcement → full defense-in-depth for AI agents

Would love feedback from anyone building with OpenClaw / agents 🙌

Report

23d ago

Maker

What's new in v3:

01 — Agent Memory

AI agents forget everything between sessions. We ship an Obsidian vault that OpenClaw reads at startup. MEMORY.md holds long-term facts. Daily logs capture session history. Second-brain folders organize projects and people. Graph View visualizes connections. All on-device.

02 — Binary Distribution

v1/v2 required Python. v3 compiles everything into one binary via PyInstaller. No dependencies, no source code shipped. SHA256 integrity checks at startup — tampered files = plugin refuses to load.

03 — Machine-Bound Trial

10-day trial tied to your hardware via HMAC-SHA256. Can't be copied or tamper-extended.

04 — Prompt Injection Hardening

New patterns for system prompt extraction, instruction override, and encoding evasion (base64/ROT13 + credential terms). 444 tests total.

Report

14d ago

Reviews

Most Informative