knostic

knostic / openclaw-shield

Public

Security plugin for OpenClaw agents - prevents secret leaks, PII exposure, and destructive command execution

www.knostic.ai clawdbot-plugin guardrails openclaw openclaw-plugin openclaw-security
44
8
100% credibility
Found Feb 06, 2026 at 13 stars 3x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

A security add-on for the OpenClaw AI agent framework that blocks destructive actions, redacts sensitive information like secrets and personal data, and enforces safety rules through multiple protective layers.

How It Works

1
🔍 Discover the Safety Shield

You learn about OpenClaw Shield while using your AI assistant, a helpful tool to keep your work safe from leaks and mishaps.

2
📦 Add the Shield

You easily add the shield to your AI assistant setup with a simple install step.

3
🛡️ Turn On Protection Layers

You choose which safety features to activate, like hiding secrets or stopping risky actions, feeling secure right away.

4
🔧 Customize Your Rules

Optionally add your own sensitive spots or danger lists so the shield knows exactly what to watch for.

5
🔄 Restart and Activate

Give your AI assistant a quick restart, and the shield quietly starts guarding everything.

6
🛑 Watch It Block Dangers

As you chat with your AI, it tries something unsafe but the shield steps in with a clear stop sign and explanation.

🎉 AI Safely at Work

Now your AI assistant handles tasks powerfully while the shield keeps secrets hidden and everything protected, giving you peace of mind.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 13 to 44 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is openclaw-shield?

OpenClaw Shield is a TypeScript security plugin for OpenClaw AI agents that layers on defenses against secret leaks, PII exposure, and destructive command execution. Developers install it via `openclaw plugins install @knostic/openclaw-shield`, tweak settings in config.json for enforce or audit mode, and get toggleable protections like output redaction, input logging, and a mandatory security gate tool before exec or file reads. It tackles the chaos of agents mishandling sensitive data or shell commands in local dev workflows.

Why is it gaining traction?

Its five independent layers stand out over basic prompt engineering, offering hard blocks on dangerous tools plus custom regex for sensitive files and commands—far beyond generic github security scanning. Users notice instant redaction in transcripts and agent-forced gates that catch issues even prompt injections miss, with audit mode for safe testing. For agents handling real repos, it's a lightweight security github policy without slowing down iterations.

Who should use this?

DevOps engineers deploying OpenClaw for code generation in CI/CD pipelines, or solo devs prototyping with AI agents that touch shell commands and files. Ideal for teams securing github projects against leaks during agent-driven reviews, especially if you're integrating tools like security github copilot extensions or running local agents for command-heavy tasks.

Verdict

Grab it if you're on OpenClaw today—solid docs and zero-setup install make it worth the alpha risks, despite 18 stars and 1.0% credibility score signaling early maturity. Expect frequent updates as OpenClaw evolves, but pair with github security advisories for full coverage.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.