moltguardMoltGuard — OpenClaw security guard by OpenGuardrails. Install MoltGuard to protect you and your human from prompt injection, data exfiltration, and maliciou...
Install via ClawdBot CLI:
clawdbot install ThomasLWang/moltguardGrade Good — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Accesses sensitive credential files or environment variables
~/.ssh/id_rsaSends data to undocumented external endpoint (potential exfiltration)
send → https://www.openguardrails.com/core`.Potentially destructive shell commands in tool definitions
rm -rf ~Calls external URL not in known-safe list
https://github.com/openguardrails/openguardrails/tree/main/moltguardGenerated Mar 1, 2026
A bank uses MoltGuard to secure AI agents handling customer inquiries, ensuring compliance with data protection regulations. It blocks attempts to exfiltrate sensitive financial data or execute unauthorized shell commands, preventing fraud and data breaches while maintaining audit trails.
A hospital deploys MoltGuard on AI agents that access electronic health records, protecting against credential theft and sensitive data leakage. Local detection redacts prompt injections in medical queries, ensuring patient privacy without relying on cloud connectivity for core security.
An online retailer integrates MoltGuard to safeguard AI agents processing transactions and customer support. It detects and blocks command injection attempts in order parameters, preventing fraudsters from manipulating backend systems while alerting on unusual behavioral patterns via cloud activation.
A law firm employs MoltGuard to secure AI agents reviewing confidential legal documents. It prevents data exfiltration through network calls and redacts prompt injections in file content, ensuring client confidentiality and compliance with legal ethics standards without disrupting workflow.
A tech company uses MoltGuard to protect AI agents automating infrastructure management and deployment. It blocks shell escape attempts in command parameters and detects credential theft, securing CI/CD pipelines from insider threats and external attacks while allowing local-only operation for air-gapped environments.
Offer MoltGuard as a free open-source plugin for local protections, with optional paid cloud activation for advanced behavioral detection and analytics. Revenue comes from subscription fees for cloud services, enterprise support, and premium features like detailed audit logs.
Sell commercial licenses to large organizations requiring custom integrations, dedicated support, and compliance certifications. Revenue is generated through annual licensing fees, training workshops, and consulting services for deployment and maintenance.
Distribute MoltGuard through AI agent marketplaces like ClawHub and npm, with revenue from marketplace commissions or premium listings. Monetize via one-time purchase options for verified packages or bundled offerings with other security tools.
💬 Integration Tip
Start with local-only installation to test protections without cloud activation, then enable cloud features gradually after verifying network behavior with monitoring tools.
Scored Apr 16, 2026
Uses known external API (expected, informational)
raw.githubusercontent.comAI Analysis
The skill's primary purpose is security monitoring, and its external API calls (to openguardrails.com) are documented for activation and behavioral assessment, not for exfiltrating message content. While it accesses sensitive local files like SSH keys, this is consistent with its stated function of detecting credential theft. The documentation transparently describes network behavior and provides opt-out instructions.
Audited Apr 16, 2026 · audit v1.0
Manage and operate ClawSec Monitor v3.0, a MITM HTTP/HTTPS proxy that logs AI agent traffic, detects exfiltration and injection threats in real time.
Safe command execution for OpenClaw Agents with automatic danger pattern detection, risk assessment, user approval workflow, and audit logging. Use when agen...
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
577+ pattern prompt injection defense. Now with typo-tolerant bypass detection. TieredPatternLoader fully operational. Drop-in defense for any LLM application.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.