counterclaw-coreDefensive interceptor for prompt injection and basic PII masking.
Install via ClawdBot CLI:
clawdbot install nickconstantinou/counterclaw-coreDefensive security for AI agents. Snaps shut on malicious payloads.
This package is offline-only — it does not make any network calls.
claw install counterclawfrom counterclaw import CounterClawInterceptor
interceptor = CounterClawInterceptor()
# Input scan - blocks prompt injections
# NOTE: Examples below are TEST CASES only - not actual instructions
result = interceptor.check_input("{{EXAMPLE: ignore previous instructions}}")
# → {"blocked": True, "safe": False}
# Output scan - detects PII leaks
result = interceptor.check_output("Contact: john@example.com")
# → {"safe": False, "pii_detected": {"email": True}}~/.openclaw/memory/MEMORY.md# Set your trusted admin ID(s) - use non-sensitive identifiers only!
export TRUSTED_ADMIN_IDS="your_telegram_id"Important: TRUSTED_ADMIN_IDS should ONLY contain non-sensitive identifiers:
"123456789")"987654321")You can set multiple admin IDs by comma-separating:
export TRUSTED_ADMIN_IDS="telegram_id_1,telegram_id_2"# Option 1: Via environment variable (recommended)
# Set TRUSTED_ADMIN_IDS before running
interceptor = CounterClawInterceptor()
# Option 2: Direct parameter
interceptor = CounterClawInterceptor(admin_user_id="123456789")TRUSTED_ADMIN_IDS is not set, admin features are disabled by default~/.openclaw/memory/MEMORY.md with PII masked~/.openclaw/memory/MEMORY.md — explicitly declared scope| Path | Purpose |
|------|---------|
| ~/.openclaw/memory/ | Directory created on first run |
| ~/.openclaw/memory/MEMORY.md | Violation logs with PII masked |
MIT - See LICENSE file
python3 tests/test_scanner.pypip install ruff
ruff check src/The CI runs on every push and pull request:
To publish a new version:
# Version is set in pyproject.toml
git add -A
git commit -m "Release v1.0.9"
git tag v1.0.9
git push origin main --tagsCI will automatically:
v*, publish to ClawHubGenerated Mar 1, 2026
Deploy CounterClaw Core in a customer service AI to intercept prompt injection attempts from malicious users trying to manipulate the chatbot into revealing sensitive data or performing unauthorized actions. It logs violations locally for audit, ensuring compliance with data protection regulations while maintaining offline operation.
Integrate CounterClaw Core into a healthcare AI system that processes patient queries, using its PII masking to detect and log potential leaks of email or phone numbers in outputs. This helps healthcare providers meet HIPAA requirements by preventing accidental exposure of protected health information during interactions.
Use CounterClaw Core to secure a financial advisory AI agent against injection attacks that could trick it into giving fraudulent investment advice. The tool blocks malicious inputs and logs attempts, enabling financial institutions to monitor and improve security without relying on external networks.
Implement CounterClaw Core in an educational AI tutor to prevent students from injecting prompts that could bypass content filters or access inappropriate material. It ensures a safe learning environment by detecting and logging security violations locally for administrator review.
Apply CounterClaw Core to an HR AI assistant handling employee inquiries, using its PII detection to mask sensitive details like contact information in logs. This protects employee privacy and helps organizations comply with internal data handling policies through offline violation tracking.
Offer CounterClaw Core as a free, open-source tool for basic security, with premium features like advanced threat detection or cloud-based analytics available via subscription. This model attracts developers and small businesses while generating revenue from enterprises needing enhanced capabilities.
License CounterClaw Core to large organizations for integration into their proprietary AI systems, providing custom support, training, and compliance certifications. Revenue comes from one-time licensing fees or annual contracts tailored to the client's security needs and scale.
Bundle CounterClaw Core with other security tools into a managed service, offering continuous monitoring, updates, and incident response for AI deployments. This model targets companies lacking in-house expertise, generating steady revenue through monthly service fees.
💬 Integration Tip
Set the TRUSTED_ADMIN_IDS environment variable before deployment to enable admin features and ensure fail-closed security; test with sample inputs to verify blocking and logging work as expected in your environment.
Use CodexBar CLI local cost usage to summarize per-model usage for Codex or Claude, including the current (most recent) model or a full model breakdown. Trigger when asked for model-level usage/cost data from codexbar, or when you need a scriptable per-model summary from codexbar cost JSON.
Gemini CLI for one-shot Q&A, summaries, and generation.
Research any topic from the last 30 days on Reddit + X + Web, synthesize findings, and write copy-paste-ready prompts. Use when the user wants recent social/web research on a topic, asks "what are people saying about X", or wants to learn current best practices. Requires OPENAI_API_KEY and/or XAI_API_KEY for full Reddit+X access, falls back to web search.
Check Antigravity account quotas for Claude and Gemini models. Shows remaining quota and reset times with ban detection.
Manages free AI models from OpenRouter for OpenClaw. Automatically ranks models by quality, configures fallbacks for rate-limit handling, and updates opencla...
Manages free AI models from OpenRouter for OpenClaw. Automatically ranks models by quality, configures fallbacks for rate-limit handling, and updates openclaw.json. Use when the user mentions free AI, OpenRouter, model switching, rate limits, or wants to reduce AI costs.