Claude Skill
adversa-ai/secureclaw
SecureClaw is an OWASP-aligned security plugin and Claude Skill for OpenClaw, protecting AI agents and LLM apps from top threats. Built with TypeScript.
Overview
Repository
Install this Skill
git clone https://github.com/adversa-ai/secureclaw.gitRegistry
git clone https://github.com/adversa-ai/secureclaw.gitnpm install @adversa/secureclawnpx openclaw plugins install -l node_modules/@adversa/secureclawnpm installnpx openclaw plugins install -l .
Summary
SecureClaw is an OWASP-aligned security plugin and Claude Skill for OpenClaw, designed to protect AI agents and LLM applications from top security threats. Built with TypeScript, it integrates seamlessly into OpenClaw workflows to enforce secure agent behavior.
SecureClaw - 面向OpenClaw的OWASP对齐安全插件与Claude Skill
Key features
- OWASP LLM Top 10 aligned security enforcement
- Seamless integration as an OpenClaw plugin and Claude Skill
- TypeScript-based, lightweight and extensible architecture
- Proactive threat detection for AI agents and LLM workflows
Use cases
- Hardening AI agents against prompt injection and data leakage
- Enforcing OWASP security policies in OpenClaw-based agentic systems
- Integrating security checks into LLM-powered automation pipelines
- Auditing and monitoring agent behavior for compliance
README excerpt
# SecureClaw End-to-End security platform for [OpenClaw](https://openclaw.ai) AI agents. Audit, Hardening and Runtime Security for OpenClaw. Developed by [Adversa AI](https://adversa.ai) -- Agentic AI Security and Red Teaming Pioneers. 56 audit checks. 15 behavioral rules. 9 scripts. 4 pattern databases. 7 security frameworks mapped. 10/10 OWASP ASI | 10/14 MITRE ATLAS | 4/4 MITRE OpenClaw Cases | 3/3 CoSAI Principles | CSA Singapore | 6/7 CSA MAESTRO Layers | 4/4 NIST AI 100-2 GenAI Types SecureClaw is a 360-degree security plugin and skills that audits your OpenClaw installation for misconfigurations and known vulnerabilities, applies automated hardening fixes, and gives your agent behavioral security rules that protect against prompt injection, credential theft, supply chain attacks, and privacy leaks. 1️⃣ Full OWASP Agentic Security Top 10 coverage. Static and runtime. We're the first and only security tool for OpenClaw to formally map every control to the ASI framework. 10/10 categories. 2️⃣ Every known incident. Every known CVE up until now. All 8 documented threat classes from the OpenClaw Security 101 research have specific countermeasures. Not generic "be careful" advice — actual detection and hardening for each one. 3️⃣ Plugin + Skill layered defense. The plugin runs as code — gateway hardening, permission lockdown, credential scanning. The skill runs as LLM directives — injection awareness, PII scanning, integrity monitoring. Two layers. Each catches the failures of the other. 4️⃣ Ultra-lean ~1,230 token skill. Most security skills dump thousands of tokens into context, competing with your actual conversations. Ours is 15 rules and a set of bash scripts. All detection logic runs as bash — zero LLM tokens. Your agent stays fast, stays focused, stays