AgentShield

AgentShield

The Guardian Agent That Watches the Watchers

5-layer AI agent security platform. Scans skills, audits configs, catches leaked secrets, proxies credentials, and proves it all works with built-in adversarial testing.

OWASP Agentic Top 10Gemini AIMCP ServerVultrMIT License

The Problem

1,184

Malicious skills found in ClawHub

94.4%

Of LLM agents vulnerable to prompt injection

88%

Of enterprises had AI agent security incidents

100%

Detection rate (16/16 red team attacks caught)

5 Security Layers — One Tool

1
GATESkill ScannerASI-01 to ASI-05

33 OWASP-mapped rules scan skills BEFORE they activate. ClawHavoc signatures, credential theft, exfiltration, privilege escalation.

2
POSTUREConfig AuditorA-F Grade

Finds plaintext secrets in ~/.openclaw, ~/.aws, .env files. Grades your setup A through F. Detects auto-mode risks.

3
SHIELDOutput Scanner<2ms

100+ API key formats detected in <2ms. PII, base64-encoded secrets, entropy analysis. Catches leaks before they leave.

4
VAULTCredential ProxyAES-256

AES-256-GCM encrypted storage. Agents use APIs through the proxy — never see raw keys. Domain-scoped policies.

5
RED TEAMAdversarial Testing16/16

16 attacks across 6 categories validate our detection engine. Self-testing — all detection logic is ours, no third-party black boxes.

One Scanner — Every Ecosystem

OpenClaw
~/.openclaw/skills/
Hermes Agent
~/.hermes/skills/
Claude Code
~/.claude/skills/
MCP Servers
Client configs

All three use the same SKILL.md format. One unified parser covers them all.

4 Ways to Use

MCP Server

Runs inside Claude Code, Cursor, VS Code. 6 tools, agent calls them automatically.

python -m backend.mcp_server
CLI Tool

One command to know if you are safe.

python -m backend.cli scan ~/.openclaw/skills/
Web Dashboard

Visual security posture. 5 pages: Dashboard, Scan, Posture, Vault, Red Team.

docker compose up
Claude Code Skill

Type /security-review to audit your project from inside Claude Code.

/security-review

All detection logic is ours. No third-party black boxes.

33 OWASP rules. 100+ key formats. 16 red team attacks. 100% detection.