moltguardMoltGuard โ runtime security plugin for OpenClaw agents by OpenGuardrails. Helps users install, register, activate, and check the status of MoltGuard. Use wh...
Install via ClawdBot CLI:
clawdbot install ThomasLWang/moltguardRuntime security guard for OpenClaw agents by OpenGuardrails. Open source (Apache 2.0), fully auditable.
ClawHub: ThomasLWang/moltguard ยท npm: @openguardrails/moltguard ยท GitHub: openguardrails/openguardrails/tree/main/moltguard
Verify provenance before installing. The npm package should match the auditable GitHub source. To check:
# Download and inspect the package contents
npm pack @openguardrails/moltguard --dry-run
# Or do a full diff against the cloned repo:
mkdir /tmp/moltguard-audit && cd /tmp/moltguard-audit
npm pack @openguardrails/moltguard
tar -xzf openguardrails-moltguard-*.tgz
git clone https://github.com/openguardrails/openguardrails
diff -r package/scripts openguardrails/moltguard/scriptsPrefer source install if you have low trust in the publisher: openclaw plugins install -l ./openguardrails/moltguard
What activate.mjs does: Makes an outbound call to https://www.openguardrails.com/core to register the agent. Once you visit the claim URL and verify your email, the returned API key is written to ~/.openclaw/credentials/moltguard/credentials.json. Do not activate if you do not trust this endpoint. All local protections work without activation.
Network behavior:
https://www.openguardrails.com/core. No message content is sent โ only tool names, sequence, and metadata.Least privilege: Treat the API key written by activation as sensitive. Rotate or revoke it via the account portal (https://www.openguardrails.com/core/login) if needed. You can keep local-only protections indefinitely by simply not activating the cloud component.
Before installing or running activate.mjs:
1. Verify provenance.
Compare the npm package to the GitHub source (npm pack + diff) as described in the Security & Provenance section above. Only proceed if the contents match the source you trust.
2. Inspect the scripts yourself.
scripts/activate.mjs and scripts/status.mjs are short and readable. Review them directly before running.
3. Understand what activation writes.
Activation writes an API key to ~/.openclaw/credentials/moltguard/credentials.json. If you later distrust the endpoint, delete that file and revoke the key via the platform portal.
4. Activate from a monitored environment if you need high assurance.
Use tcpdump, mitmproxy, or Little Snitch to confirm outbound destinations and that payloads contain only sanitized metadata โ not message content.
Local protections remain fully functional without activation โ no outbound calls, no credentials written.
Run this when the user asks about MoltGuard status, whether it's registered, or what email/plan is active:
node {baseDir}/scripts/status.mjsRun this when the user wants to register MoltGuard or enable cloud behavioral detection:
node {baseDir}/scripts/activate.mjsAfter running, show the user the claim URL. Tell them to visit the URL and provide their email to complete activation. On success, an API key is written to ~/.openclaw/credentials/moltguard/credentials.json โ inform the user so they know a credential file was created.
When the user asks to install MoltGuard, run these steps:
# 1. Install the plugin
openclaw plugins install @openguardrails/moltguard
# 2. Restart the gateway to load the plugin
openclaw gateway restart
# 3. Register and show activation link
node {baseDir}/scripts/activate.mjsAfter running step 3, show the user the claim URL from the output. Tell them to visit the URL and enter their email to complete activation.
Local protections are active immediately after restart โ no registration required. Cloud behavioral detection requires activation.
# 1. Update the plugin
openclaw plugins update moltguard
# 2. Restart the gateway to load the plugin
openclaw gateway restart
# 3. Check status
node {baseDir}/scripts/status.mjsAfter updating, run step 3 to confirm the plugin is loaded and show the current activation status.
Local (no cloud, no registration needed):
$(), backtick, ;, &&, |) โ BLOCKCloud (requires activation):
For full detection tables and pattern details, see references/details.md.
Local HTTP proxy that sanitizes PII/secrets before they reach LLM providers:
npx @openguardrails/gateway # runs on port 8900Then point your agent's API base URL to http://127.0.0.1:8900. Sanitizes emails, credit cards, API keys, phone numbers, SSNs, IBANs, IPs, URLs. Restores originals in responses. Stateless โ no data retained.
All options in ~/.openclaw/openclaw.json under plugins.entries.openguardrails.config:
| Option | Default | Description |
|--------|---------|-------------|
| enabled | true | Enable/disable the plugin |
| blockOnRisk | true | Block tool call when risk detected |
| apiKey | "" | Explicit API key (sk-og-...) |
| agentName | "OpenClaw Agent" | Name shown in dashboard |
| coreUrl | https://www.openguardrails.com/core | Platform API endpoint |
| dashboardUrl | https://www.openguardrails.com/dashboard | Dashboard URL for observation reporting |
| timeoutMs | 60000 | Cloud assessment timeout (ms) |
To use an existing API key directly (skips registration):
{
"plugins": {
"entries": {
"openguardrails": {
"config": { "apiKey": "sk-og-<your-key>" }
}
}
}
}| Plan | Price | Detections/mo |
|------|-------|---------------|
| Free | $0 | 30,000 |
| Starter | $19/mo | 100,000 |
| Pro | $49/mo | 300,000 |
| Business | $199/mo | 2,000,000 |
Account portal: https://www.openguardrails.com/core/login (email + API key)
rm -rf ~/.openclaw/extensions/moltguard
# Remove moltguard configs from ~/.openclaw/openclaw.json
rm -rf ~/.openclaw/credentials/moltguard # optionalFor detailed information on security & trust, detection patterns, privacy policy, and gateway data types, read references/details.md.
Generated Mar 1, 2026
A bank uses MoltGuard to secure AI agents handling customer inquiries, ensuring compliance with data protection regulations. It blocks attempts to exfiltrate sensitive financial data or execute unauthorized shell commands, preventing fraud and data breaches while maintaining audit trails.
A hospital deploys MoltGuard on AI agents that access electronic health records, protecting against credential theft and sensitive data leakage. Local detection redacts prompt injections in medical queries, ensuring patient privacy without relying on cloud connectivity for core security.
An online retailer integrates MoltGuard to safeguard AI agents processing transactions and customer support. It detects and blocks command injection attempts in order parameters, preventing fraudsters from manipulating backend systems while alerting on unusual behavioral patterns via cloud activation.
A law firm employs MoltGuard to secure AI agents reviewing confidential legal documents. It prevents data exfiltration through network calls and redacts prompt injections in file content, ensuring client confidentiality and compliance with legal ethics standards without disrupting workflow.
A tech company uses MoltGuard to protect AI agents automating infrastructure management and deployment. It blocks shell escape attempts in command parameters and detects credential theft, securing CI/CD pipelines from insider threats and external attacks while allowing local-only operation for air-gapped environments.
Offer MoltGuard as a free open-source plugin for local protections, with optional paid cloud activation for advanced behavioral detection and analytics. Revenue comes from subscription fees for cloud services, enterprise support, and premium features like detailed audit logs.
Sell commercial licenses to large organizations requiring custom integrations, dedicated support, and compliance certifications. Revenue is generated through annual licensing fees, training workshops, and consulting services for deployment and maintenance.
Distribute MoltGuard through AI agent marketplaces like ClawHub and npm, with revenue from marketplace commissions or premium listings. Monetize via one-time purchase options for verified packages or bundled offerings with other security tools.
๐ฌ Integration Tip
Start with local-only installation to test protections without cloud activation, then enable cloud features gradually after verifying network behavior with monitoring tools.
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autonomous Crons, and battle-tested patterns. Part of the Hal Stack ๐ฆ
Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.
Clawdbot documentation expert with decision tree navigation, search scripts, doc fetching, version tracking, and config snippets for all Clawdbot features
Interact with Moltbook social network for AI agents. Post, reply, browse, and analyze engagement. Use when the user wants to engage with Moltbook, check their feed, reply to posts, or track their activity on the agent social network.
OpenClaw CLI wrapper โ gateway, channels, models, agents, nodes, browser, memory, security, automation.
Reduce OpenClaw AI costs by 97%. Haiku model routing, free Ollama heartbeats, prompt caching, and budget controls. Go from $1,500/month to $50/month in 5 min...