Make sure your OpenClaw isn't doing things it's not supposed to

Name: Make sure your OpenClaw isn't doing things it's not supposed to
Availability: InStock
Author: vaibhavb007

by vaibhavb007·Apr 15, 2026·18 points·5 comments

Visit Project View on HN

AI Analysis

●●●BangerSolve My ProblemShip It

Blocks unauthorized agent actions before execution with cryptographic intent binding.

Strengths

•Pre-execution policy enforcement prevents agent drift before damage occurs.
•One-command install drops into existing OpenClaw setups without rearchitecture.

Weaknesses

•Locked into OpenClaw ecosystem, not agent-agnostic.
•Early stage pricing might limit hobbyist experimentation.

Post Description

I run OpenClaw agents with access to email, calendar, and files, and kept worrying about them doing things I never actually asked for.

ArmorClaw captures intent and cryptographically binds the agent’s tool use to that committed intent. If an agent tries to call a tool outside that plan, it gets rejected.

For example, if you ask your agent to ‘email dad asking how he’s doing,’ it should only need your email tool. If it also tries to read your calendar, ArmorClaw rejects that.

It’s an open-source OpenClaw plugin, and installation is one command:

curl -fsSL https://armoriq.ai/install-armorclaw.sh | bash

Use code AIQLAUNCH for a free month.

Repo: https://github.com/armoriq/armorclaw

This is still early, so I’d really love feedback.

Similar Projects

Security●●Solid

Secure-by-default OpenClaw on Ubuntu with verifiable security reports

Hardening automation with verifiable reports, but OpenClaw adoption is still niche.

Solve My ProblemNiche Gem

ninoskopac

203mo ago

Security●●Solid

Clawscan – Open-source security scanner for OpenClaw AI agents

Single-file, zero-dep scanner for a niche product, but OpenClaw audience is tiny.

Niche GemShip It

clawscan

103mo ago

Security●●Solid

Agentsec – Security scanner for AI agent installations (MCP, OpenClaw)

Bundles CI-friendly scanners that target agent-specific risks: 17 patterned secret detectors, prompt-injection and instruction‑malware heuristics, tool/SSRF and MCP auth checks, plus SARIF/JSON outputs for integration. Findings map to the OWASP Top 10 for Agentic Applications (2026) and it adds 'harden' profiles to apply safer defaults to OpenClaw/MCP installs — practical, focused ops tooling rather than a generic secret-finder.

Niche GemSolve My Problem

debu_sinha_1

233mo ago

AI/ML●●●Banger

Gulama – Security-first open-source AI agent (OpenClaw alternative)

OpenClaw but actually secure—encryption, sandboxing, and signed skills baked in.

Solve My ProblemNiche GemWizardry

san-techie21

113mo ago

Security○Pass

Security-Risk Patterns in OpenClaw Skills

It actually looks for the weird stuff that trips up LLM agents — invisible Unicode, bidi overrides, embedded curl|bash one-liners, exfil links — and pairs a static skill scanner with a real-time interception flow that forces human approvals. The CLI-first approach (npx safeclaw start) plus Socket.IO alerts and per-command allow/deny decisions show practical thinking about developer workflows; I want to see model/false-positive metrics and enterprise integration docs next.

Niche GemWizardry

dinodrv

203mo ago

Security●●Solid

Deterministic security solution for AI agents – OpenClaw and 2 more

Deterministic policy engine blocks agent actions without relying on fragile LLM guardrails.

Big BrainSolve My Problem

steadeepanda

482mo ago