ClawdSecbot
Health Pass
- License — License: GPL-3.0
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 69 GitHub stars
Code Fail
- rm -rf — Recursive force deletion command in go_lib/core/shepherd/bundled_shepherd_rules/user_rules.json
Permissions Pass
- Permissions — No dangerous permissions requested
No AI report is available for this listing yet.
ClawdSecbot is a professional AI Bot security protection solution, providing security capabilities including real-time threat detection, prompt injection protection, and security auditing to comprehensively protect your AI applications. ClawdSecbot 是一款专业的 AI Bot 安全防护解决方案,提供实时威胁检测、提示词注入防护、安全审计等安全能力,全方位保护您的 AI 应用安全。
ClawSecbot
Migration docs:
Desktop security protection software for Bot-type endpoint AI agents.
ClawSecbot monitors and secures local AI Bot agents (such as Openclaw) running on your machine. It acts as a protective layer between AI agents and LLM services — intercepting API requests, analyzing risks in real time, enforcing sandbox policies, and providing full audit trails.
Community Reviews
Features
- Asset Discovery — Automatically scans and identifies AI Bot processes, workspaces, configurations, and ports on your system
- Risk Assessment — Evaluates detected assets for security risks, including Skill/tool security analysis
- Protection Proxy — Intercepts Bot-to-LLM API traffic, analyzes request/response content for dangerous operations, and alerts users before execution
- Sandbox Enforcement — Confines Bot processes within OS-level sandboxes (macOS Seatbelt / Linux seccomp) with auto-recovery if sandbox is bypassed
- LLM Protocol Translation — Proxies requests in OpenAI-compatible format and translates to/from various LLM providers
- Audit Logging — Records all requests, tool calls, risk detections, and token usage with full traceability
- Plugin Architecture — Extensible plugin system for supporting different Bot types
Supported Platforms
| Platform | Architecture | Status |
|---|---|---|
| macOS | arm64 | Supported |
| macOS | x86_64 | Supported |
| Linux | arm64 | Supported |
| Linux | x86_64 | Supported |
| Windows | x86_64 | Supported |
Windows Privilege Requirement
- On Windows,
bot_sec_manager.exeis configured withrequireAdministrator. - Every launch (Debug/Profile/Release) will trigger a UAC prompt.
- If UAC is denied or elevation is unavailable, the app exits immediately (fail-close).
Architecture
┌──────────────────────────────────┐
│ Flutter Desktop │
│ (UI + State Management) │
├──────────────────────────────────┤
│ FFI │
│ (JSON-based Protocol) │
├──────────────────────────────────┤
│ Go Shared Library │
│ (botsec.dylib/so/dll) │
│ ┌───────────┬─────────────────┐ │
│ │ Core │ Plugins │ │
│ │ ┌───────┐ │ ┌───────────┐ │ │
│ │ │Scanner│ │ │ Openclaw │ │ │
│ │ │Sandbox│ │ │ Plugin │ │ │
│ │ │Proxy │ │ └───────────┘ │ │
│ │ │AuditDB│ │ │ │
│ │ └───────┘ │ │ │
│ └───────────┴─────────────────┘ │
├──────────────────────────────────┤
│ chatmodel-routing │
│ (LLM Protocol Translation) │
├──────────────────────────────────┤
│ SQLite (Data) │
└──────────────────────────────────┘
ClawSecbot uses a frontend-backend separation architecture:
- Flutter Desktop — Handles UI rendering, state management, and user interaction
- Go Shared Library — Contains all business logic, compiled as a single dynamic library (
botsec.dylib/botsec.so/botsec.dll) - FFI Communication — Flutter calls Go functions via FFI with a unified JSON protocol; Go pushes events back via native callbacks
Tech Stack
| Layer | Technology |
|---|---|
| UI | Flutter Desktop (Dart) |
| Logic | Go (CGO, c-shared) |
| Database | SQLite (via modernc.org/sqlite) |
| IPC | FFI + JSON protocol |
| State | Provider |
| i18n | Flutter Localizations |
| Sandbox | macOS Seatbelt / Linux seccomp |
| LLM SDK | Eino framework (CloudWeGo) |
Supported LLM Providers
OpenAI · Anthropic (Claude) · DeepSeek · Google (Gemini) · Ollama · Moonshot · xAI (Grok)
Project Structure
bot_sec_manager/
├── lib/ # Flutter application
│ ├── main.dart # App entry point
│ ├── services/ # FFI service layer
│ │ ├── native_library_service.dart
│ │ ├── plugin_service.dart
│ │ ├── protection_service.dart
│ │ ├── protection_monitor_service.dart
│ │ ├── message_bridge_service.dart
│ │ ├── sandbox_service.dart
│ │ └── *_database_service.dart
│ ├── pages/ # UI pages
│ ├── widgets/ # Reusable UI components
│ ├── models/ # Data models
│ ├── l10n/ # Internationalization
│ └── utils/ # Utilities
├── go_lib/ # Go security engine
│ ├── main.go # Dylib entry, all FFI exports
│ ├── core/ # Core package
│ │ ├── plugin.go # BotPlugin interface
│ │ ├── plugin_manager.go # Plugin registry
│ │ ├── path_manager.go # Path management
│ │ ├── ffi.go # FFI helpers
│ │ ├── logging/ # Logging module
│ │ ├── repository/ # Data access layer
│ │ ├── service/ # Business services
│ │ ├── scanner/ # Asset scanner
│ │ ├── sandbox/ # Sandbox policies
│ │ └── callback_bridge/ # FFI callback bridge
│ ├── plugins/openclaw/ # Openclaw Bot plugin
│ ├── skillagent/ # Skill Agent engine
│ └── chatmodel-routing/ # LLM protocol translation
│ ├── adapter/ # Provider adapter
│ ├── providers/ # Per-provider implementations
│ │ ├── openai/
│ │ ├── anthropic/
│ │ ├── deepseek/
│ │ ├── google/
│ │ ├── ollama/
│ │ ├── moonshot/
│ │ └── xai/
│ ├── proxy.go # Forwarding proxy
│ ├── filter.go # Content filter
│ └── sdk/ # Protocol types
├── scripts/ # Build & deployment scripts
└── macos/ linux/ windows/ # Platform runners
Prerequisites
- Flutter >= 3.10 (with desktop support enabled)
- Go >= 1.25
- Xcode (macOS) / GCC (Linux) — for CGO compilation
- CMake (Linux desktop builds)
Building
1. Build the Go Security Engine
./scripts/build_go.sh
This compiles the Go code into a platform-specific shared library:
- macOS:
go_lib/botsec.dylib - Linux:
go_lib/botsec.so - Windows:
go_lib/botsec.dll
2. Build the Openclaw Plugin
./scripts/build_openclaw_plugin.sh
3. Run in Development Mode
./scripts/run_with_pprof.sh
This script builds the Go engine and launches the Flutter app with pprof profiling enabled, suitable for local development and debugging.
4. Run the Flutter Application
flutter run -d macos # or -d linux, -d windows
5. Build Release Package
macOS:
./scripts/build_macos_release.sh
Linux (deb):
./scripts/build_linux_deb.sh
Linux (generic):
./scripts/build_linux_release.sh
Installation
macOS
Download the .dmg installer from the Releases page, open it, and drag ClawSecbot to your Applications folder.
Linux
Debian/Ubuntu (.deb):
sudo dpkg -i clawsecbot_*.deb
Generic Linux:
Extract the release archive and run the executable directly.
Uninstallation
⚠️ Important: Before uninstalling ClawSecbot, please click "Restore Initial Configuration" in the tray menu and restart Openclaw.
ClawSecbot modifies the
openclaw.jsonconfiguration file during runtime. Restoring the initial configuration before uninstallation ensures that your Openclaw will continue to function normally without ClawSecbot.
Module Overview
Core (go_lib/core/)
The shared foundation used by all plugins:
| Module | Description |
|---|---|
plugin.go |
BotPlugin interface — defines the contract for all Bot plugins, including asset discovery, risk assessment, protection control, and mitigation |
plugin_manager.go |
Plugin registry with auto-registration, duplicate detection, and aggregated FFI methods |
scanner/ |
Asset discovery engine — scans for Bot processes, ports, and configurations |
sandbox/ |
OS sandbox management — generates and applies Seatbelt/seccomp policies |
repository/ |
Data access layer — SQLite CRUD operations |
service/ |
Business logic — protection, audit, metrics, version checking |
callback_bridge/ |
FFI callback mechanism — Go-to-Dart event push |
logging/ |
Structured logging |
path_manager.go |
Centralized path management |
Chatmodel Routing (go_lib/chatmodel-routing/)
LLM protocol translation layer:
- Receives requests in OpenAI-compatible format from the protection proxy
- Translates and forwards to the target LLM provider's native API
- Converts responses back to OpenAI format
- Supports streaming, reasoning, tool calls, and usage tracking
Skill Agent (go_lib/skillagent/)
Engine for parsing, loading, and securely executing Bot skills/tools. Includes security analysis of skill definitions.
Plugins (go_lib/plugins/)
Each plugin implements the BotPlugin interface:
type BotPlugin interface {
// Basic Info
GetAssetName() string
// Asset Discovery
ScanAssets() ([]Asset, error)
// Risk Assessment
AssessRisks(scannedHashes map[string]bool) ([]Risk, error)
MitigateRisk(riskInfo string) string
// Protection Control (per-instance)
StartProtection(assetID string, config ProtectionConfig) error
StopProtection(assetID string) error
GetProtectionStatus(assetID string) ProtectionStatus
}
// Optional lifecycle hooks
type ProtectionLifecycleHooks interface {
OnProtectionStart(ctx *ProtectionContext) (map[string]interface{}, error)
OnBeforeProxyStop(ctx *ProtectionContext)
}
Plugins auto-register via init() and are managed through the PluginManager. The plugin system supports:
- Auto-registration with duplicate detection — Plugins register themselves in
init(), skipped if already registered - Multi-instance asset support — Protection methods accept
assetIDfor per-instance state management - Lifecycle hooks —
ProtectionLifecycleHooksinterface for pre-start/post-stop customization - Risk mitigation routing — Risks are automatically tagged with
SourcePluginfor proper routing to the originating plugin
Plugin adaptation guide for Openclaw-like bots:
Contributing
Contributions are welcome. Please make sure to:
- Follow the existing code style
- Write unit tests for Go business logic
- Keep files under 1500 lines
- Use
json.Marshalfor all JSON serialization in Go (nofmt.Sprintf) - Run
flutter analyzeandgo vetbefore submitting
License
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found