prompt-security/clawsec
Security skill suite for protecting AI agents from injections, drift, and threats.
View on GitHub Updated 2026-06-16
What is prompt-security/clawsec?
ClawSec functions as a complete security skill suite that adds protection layers to AI agent platforms. It focuses on detecting prompt injections, configuration drift, and supply chain issues through specialized skills that run verification and monitoring tasks.
The tools operate by installing via a central suite mechanism, then applying file checksums, advisory polling from NVD sources, and baseline traffic specs where supported. Platform-specific modules handle tasks like signed feed checks for Hermes or container security for NanoClaw.
It targets developers and operators running OpenClaw, NanoClaw, Hermes, or Picoclaw agents who need built-in safeguards without custom security coding.
What you can build with prompt-security/clawsec
Prevent prompt injection attacks
Deploy scanner and audit skills to detect malicious instructions and maintain agent integrity during operation.
Monitor configuration drift
Use file integrity tools to automatically detect and restore changes to key files like SOUL.md across supported platforms.
Verify supply chain artifacts
Run release verification and checksum skills before installing or updating agent components to block tampering.
Install prompt-security/clawsec
Quick start
# Install the ClawSec security suite
npx clawhub@latest install clawsec-suite- 1Clone the ClawSec GitHub repository to your local environment.
- 2Select and run the suite installer matching your agent platform such as OpenClaw or Hermes.
- 3Enable the desired skills through the provided installer or integration steps.
- 4Configure live advisory polling and baseline monitoring options as needed.
- 5Execute initial security audits and integrity checks to validate the setup.
prompt-security/clawsec: pros & cons
Pros
- +Broad platform support across multiple agent types with a consistent skill framework
- +Includes live CVE polling and community threat feeds for ongoing protection
- +One-command suite installation reduces setup complexity for security features
- +Provides both runtime monitoring specs and self-audit capabilities
Cons
- –Some skills remain at spec level without full runtime code for certain platforms
- –Hermes support is limited to advisory gating rather than full artifact verification
- –Requires platform-specific builders to complete proxy-based traffic inspection
Did you find this helpful?
Frequently asked questions
It covers OpenClaw, NanoClaw, Hermes, and Picoclaw with varying levels of skill coverage for each.
User reviews
Verified reviews from the community shape this listing's rating.
Loading reviews…
Similar agents
Other agent skills options worth comparing.
