Built by cybersecurity engineers. Transparent by design.
ClawTrust was built by engineers with experience at Palo Alto Networks, SentinelOne, PagerDuty, and Mode Analytics. We don't just claim security. We show you exactly how it works.
Purpose-built runtime security for AI agents
Traditional security tools weren't built for AI agents. We built Agent EDR from the ground up: 6 detection layers that run outside the agent, at the kernel level. Even if your agent is compromised, our security layers survive.
Kernel-Level eBPF
Monitors every process, file access, and network connection at the OS level
Survives Compromise
Runs on the host OS, not inside the agent. Cannot be disabled by a rogue skill.
Cross-Fleet Intel
Threat data from every agent strengthens the security of the entire fleet
Infrastructure isolation
Four layers of network and hardware isolation that make your agent invisible and inaccessible.
Outbound-Only Encrypted Tunnels
Zero public ports. All connections are outbound-only encrypted tunnels.
Every ClawTrust agent connects to the outside world exclusively through outbound-only encrypted tunnels with TLS 1.3 encryption. There are zero listening ports on your agent's server. It is invisible to Shodan, Censys, and all internet-wide port scanners. No one on the internet can initiate a connection to your agent.
DM Pairing (Contact Verification)
New contacts require your explicit approval
Before your agent responds to a new contact on any messaging platform, it requires your explicit approval through a pairing request. This prevents unauthorized users from interacting with your agent and blocks social engineering attacks that attempt to manipulate the agent through unsolicited messages.
LUKS2 Encrypted Storage
All data encrypted at rest with AES-256
Every agent's storage volume is encrypted at rest using LUKS2 with AES-256-XTS. Encryption keys are managed separately from the storage volumes. Even if someone physically accessed the server hardware, your data would be unreadable without the encryption key.
Isolated Virtual Private Server
Dedicated hardware per customer, no shared resources
Every ClawTrust agent runs on its own dedicated Virtual Private Server. There is no multi-tenancy at the infrastructure level. Your agent's CPU, memory, storage, and network are completely isolated from every other customer. A compromise of one agent cannot affect another.
Agent EDR: 6-layer runtime security
Detection layers that run outside the agent, at the kernel level. Even if your agent is compromised, these survive.
Tool Execution Policies
Every tool call evaluated against security rules before execution
Every tool invocation is evaluated against our security policy engine before it runs. Dangerous operations (reverse shells, crypto miners, credential theft, privilege escalation) are blocked or flagged in real-time. Every tool call is logged to your audit trail.
File Integrity Monitoring
Critical files watched 24/7. Tampering detected in real-time.
Critical system files, agent configurations, skill files, and binaries are monitored continuously on the host operating system. Any unauthorized modification, creation, or deletion is detected and alerted in real-time. Runs outside the agent, so it cannot be disabled by a compromised skill.
eBPF Runtime Monitoring
Pro/EnterpriseKernel-level process monitoring catches threats traditional tools miss
eBPF probes at the kernel level monitor every process spawn, file access, and system call on your agent's server. Catches crypto miners, reverse shells, unauthorized binaries, and data exfiltration attempts. Runs on the host OS, completely invisible to and unreachable by the agent.
Secrets Isolation
API keys never stored on the agent server
Credentials are fetched on-demand through authenticated channels and cached in memory only. API keys are never written to disk on the agent VPS. This eliminates the risk of credential theft through environment variable or filesystem access.
Network Threat Intelligence
Outbound connections checked against global threat feeds
Every outbound connection from your agent's server is checked against threat intelligence feeds updated daily. Known malicious IPs (botnet command-and-control, malware infrastructure) are blocked at the firewall level before the connection is established.
Behavioral Anomaly Detection
Coming SoonWe learn what "normal" looks like for your agent
Our behavioral engine establishes a baseline of normal activity for your agent: tool usage patterns, network destinations, resource consumption. Sudden deviations (10x spike in tool calls, connections to new suspicious domains, sustained high CPU) trigger investigation.
What the headlines say about AI agent security
These are real vulnerabilities disclosed in January 2026. Here's how ClawTrust addresses each one.
One-Click Remote Code Execution via WebSocket
A malicious WebSocket link could execute arbitrary code on the host machine with a single click. Any agent with the gateway bound to 0.0.0.0 was vulnerable. Patched in v2026.1.29.
ClawTrust agents bind to localhost only, accessible only through outbound-only encrypted tunnels. The gateway is never exposed to the public internet, making this attack vector impossible.
Agent Hijacking via Unauthenticated Gateway
Security researchers at The New Stack demonstrated hijacking an OpenClaw agent in under 2 hours by exploiting the unauthenticated gateway API exposed on port 18789. Two additional command injection CVEs were disclosed the same week.
ClawTrust enforces token-based authentication on all gateway connections. Port 18789 is never exposed to the internet. All access is through encrypted tunnels with TLS.
341 Malicious Skills on ClawHub Marketplace
The Register reported 341 malicious skills discovered on the OpenClaw public skill marketplace, capable of exfiltrating credentials (including cryptocurrency wallets), installing backdoors, and escalating privileges.
ClawTrust deploys only vetted, reviewed skills. Our Agent EDR monitors every tool execution at the kernel level, and skill files are protected by real-time file integrity monitoring. No marketplace code runs without approval.
Security controls on every agent
Every ClawTrust agent ships with these protections enabled by default. No configuration required.
Technical security FAQ
Ready to hire your first AI employee?
Production-ready in 5 minutes. 10+ security layers included on every plan.