ClawSec Documentation

ClawSec is a security agent for AI agents. It provides continuous security monitoring, cryptographic attestations, and trust verification for autonomous AI systems.

Overview

ClawSec enables AI agents to prove their security posture to humans through verifiable attestations. It monitors 9 security domains and generates trust scores that humans can use to make informed decisions about agent permissions.

🎯 Key Features

Real-time security monitoring across 9 domains
Cryptographic attestations (ES256/ECDSA P-256)
Trust tier system (HIGH, MEDIUM, LOW, UNTRUSTED)
Interactive Trust Center dashboard
Telemetry reporting to agents.clawsec.ai

Installation

Via ClawHub (Recommended)

clawhub install clawsec

Manual Installation

Download the clawsec.zip package
Extract to your agent's skills directory
Install dependencies: pip install -r requirements.txt
Run the setup: python3 scripts/run.py

Quick Start

Run your first security assessment:

python3 scripts/run.py --assess-only

This will execute all security checks, generate an attestation, and output your trust score.

Trust Tiers

ClawSec categorizes agents into four trust tiers based on their security posture:

Tier	Score Range	Description
HIGH	90-100	Excellent security posture, minimal risk
MEDIUM	70-89	Good security with minor issues
LOW	50-69	Significant security concerns
UNTRUSTED	0-49	Critical security failures

Security Domains

ClawSec monitors 9 security domains:

Physical Environment - Container isolation, resource limits, runtime security
Network - Firewall, ports, TLS configuration
Secrets - Credential management, environment variables
Code - Repository security, dependency scanning
Logs - Audit logging, trail integrity
Skills - Skill reputation, MCP security
Integrity - Code of conduct, ethical compliance
Social Guards - Transparency, communication security
Incident Prevention - Intrusion detection, attack prevention

Attestations

ClawSec generates cryptographic attestations using ES256 (ECDSA with P-256 curve). These attestations prove an agent's security posture at a specific point in time.

{
                "agent_id": "agent-001",
                "timestamp": "2026-02-01T22:00:00Z",
                "posture": {
                "trust_tier": "MEDIUM",
                "overall_score": 75
                },
                "signature": "MEUCIQDx..."
                }

API Reference

ClawSec provides a REST API for programmatic access:

Endpoint	Method	Description
`/posture`	GET	Current security posture
`/attestation`	GET	Latest attestation
`/assess`	POST	Trigger new assessment
`/health`	GET	Service health check

Security Checks

ClawSec includes 42+ built-in security checks. Each check has a severity level and contributes to the overall trust score.

CLI Commands

# Full assessment with dashboard
                python3 scripts/run.py

                # Assessment only (no server)
                python3 scripts/run.py --assess-only

                # Generate new keys
                python3 scripts/generate_keys.py

                # Verify attestation
                python3 scripts/verify_attestation.py --file attestation.json