shieldcortexSecurity framework for AI agents. Enforces instruction gateway control, external action gating, PII protection, sub-agent sandboxing, prompt injection detect...
Install via ClawdBot CLI:
clawdbot install jarvis-drakon/shieldcortexGive your AI agent a brain that persists between sessions — and protect it from memory poisoning attacks.
ShieldCortex is a complete memory system with built-in security. It gives AI agents persistent, intelligent memory with semantic search, knowledge graphs, decay-based forgetting, and contradiction detection. Every memory write passes through a 6-layer defence pipeline that blocks prompt injection, credential leaks, and poisoning attacks.
Use when:
Do NOT use when:
npm install -g shieldcortexFor OpenClaw integration (installs the cortex-memory hook):
npx shieldcortex openclaw installFor Claude Code / VS Code / Cursor MCP integration:
npx shieldcortex installAfter npx shieldcortex openclaw install, the hook activates on next restart:
# Check status
npx shieldcortex status
# Scan content for threats
npx shieldcortex scan "some text to check"
# Full security audit of your agent environment
npx shieldcortex audit
# Scan all installed skills/instruction files for hidden threats
npx shieldcortex scan-skills
# Scan a single skill file
npx shieldcortex scan-skill ./path/to/SKILL.md
# Build knowledge graph from existing memories
npx shieldcortex graph backfill
# Start the visual dashboard
npx shieldcortex --dashboardimport {
addMemory,
getMemoryById,
runDefencePipeline,
scanSkill,
extractFromMemory,
consolidate,
initDatabase
} from 'shieldcortex';
// Initialize
initDatabase('/path/to/memories.db');
// Add a memory (automatically passes through defence pipeline)
addMemory({
title: 'API uses OAuth2',
content: 'The payment API requires OAuth2 bearer tokens, not API keys',
category: 'architecture',
importance: 'high',
project: 'my-project'
});
// Scan content before processing
const result = runDefencePipeline(untrustedContent, 'Email Import', {
type: 'external',
identifier: 'email-scanner'
});
if (result.allowed) {
// Safe to process
}
// Extract knowledge graph entities
const { entities, triples } = extractFromMemory(
'Database Migration',
'We switched from MySQL to PostgreSQL for the auth service',
'architecture'
);
// entities: [{name: 'MySQL', type: 'service'}, {name: 'PostgreSQL', type: 'service'}, ...]
// triples: [{subject: 'auth service', predicate: 'uses', object: 'PostgreSQL'}, ...]| Feature | Description |
|---------|-------------|
| Persistent Storage | SQLite-backed, survives restarts and compaction |
| Semantic Search | Find memories by meaning, not just keywords |
| Project Scoping | Isolate memories per project/workspace |
| Importance Levels | Critical, high, normal, low with auto-decay |
| Categories | Architecture, decisions, preferences, context, learnings, errors |
| Decay & Forgetting | Old, unaccessed memories fade — like a real brain |
| Consolidation | Automatic merging of similar/duplicate memories |
| Contradiction Detection | Flags when new memories conflict with existing ones |
| Knowledge Graph | Extracts entities and relationships from memories |
| Activation Scoring | Recently accessed memories get retrieval priority |
| Salience Scoring | Important memories surface first in search |
| Layer | Protection |
|-------|-----------|
| Input Sanitisation | Strip control characters, null bytes, dangerous formatting |
| Pattern Detection | Regex matching for known injection patterns |
| Anomaly Scoring | Entropy analysis, behavioural deviation detection |
| Credential Leak Detection | Blocks API keys, tokens, private keys (25+ patterns, 11 providers) |
| Trust Scoring | Source-based reliability scoring for memory writes |
| Audit Trail | Full forensic log of every memory operation |
| Skill Scanner | Detect prompt injection in SKILL.md, .cursorrules, CLAUDE.md |
Sync audit data to a team dashboard for cross-project visibility:
npx shieldcortex config set-api-key <your-key>Free local package is unlimited. Cloud adds team dashboards, audit aggregation, and alerts.
The library exports 70 named functions and types covering defence, memory, knowledge graph, skill scanning, and audit. Full list in the CHANGELOG.
Generated Mar 1, 2026
An AI-powered customer support agent uses ShieldCortex to remember previous interactions with customers across sessions, enabling personalized assistance without manual lookup. It semantically searches past tickets to resolve recurring issues faster and detects contradictions in new information to maintain accurate records.
A financial advisory AI agent employs ShieldCortex to store client preferences and investment decisions persistently, with security layers blocking credential leaks from input data. It builds a knowledge graph of financial entities to provide tailored advice and audits all memory operations for compliance.
In healthcare, an AI agent uses ShieldCortex to retain patient history and diagnostic learnings between sessions, using semantic search to recall similar cases. The defence pipeline prevents memory poisoning from external data sources, ensuring reliable and secure medical recommendations.
A project management AI integrates ShieldCortex to remember architectural decisions and team preferences across project phases, with decay-based forgetting to prioritize recent updates. It scans skill files for hidden threats and consolidates duplicate memories to streamline workflow tracking.
Offer the core ShieldCortex package for free with unlimited local use, attracting individual developers and small teams. Generate revenue by upselling ShieldCortex Cloud subscriptions for team dashboards, aggregated audits, and alerting features, targeting enterprises needing cross-project visibility.
Sell enterprise licenses for large organizations requiring custom integrations, enhanced security audits, and dedicated support. This model includes training, priority updates, and SLA guarantees, leveraging the tool's advanced features like knowledge graph extraction and threat scanning.
Provide consulting services to help businesses integrate ShieldCortex into their AI agent ecosystems, including custom memory configurations and security tuning. Revenue comes from project-based fees for setup, optimization, and ongoing maintenance, especially in regulated industries.
💬 Integration Tip
Start by installing via npm and using the OpenClaw hook for automatic memory handling; then, gradually incorporate programmatic APIs for custom memory writes and security scans.
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Security check for ClawHub skills powered by Koi. Query the Clawdex API before installing any skill to verify it's safe.
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.