SeClaw icon SeClaw GitHub
SECLAW SECURED AGENT · V0.1.0

SeClaw —
Secured Personal AI Assistant

Built for safe execution first: isolated actions, strict tool-call validation, prompt-injection defense, risky-output sanitization, and one-command rollback when anything goes wrong.

Watch Demos Get Started

Launch

Install and run SeClaw in minutes — locally or with Docker isolation.

Launch in minutes

Install dependencies, bootstrap config, and run gateway.

npm install -g seclaw-agent

seclaw onboard
seclaw gateway

Run in Docker

Enable agent execution isolation by running operations inside a Docker sandbox. Download Docker Desktop, keep it running, then set security.dockerSandbox.enabled to true in your config.

seclaw onboard
# set security.dockerSandbox.enabled = true
seclaw gateway

Security Layers

10 security mechanisms protect your agent procedure.

🧱

Agent Execution Isolation

Keeps the project on the host and routes only agent operations through Docker — minimising blast radius and protecting workspace files.

♻️

Snapshot & Rollback

CoW mechanics snapshot and restore mounted files in seconds, letting the agent work freely with a guaranteed recovery path.

🛡️

Prompt Injection Defense

CFI/IFI at system level constrains valid action space; a guard model sanitises suspicious tool outputs before they re-enter the reasoning loop.

🔍

Skill Audit

Scans skills for dangerous patterns — prompt injection, data exfiltration, and destructive shell commands.

🧠

Memory Audit

Scans memory files for stored prompt-injection payloads, leaked credentials, and PII exposure risks at rest.

📜

Execution Audit

Records full task traces and generates a post-execution risk report flagging potentially dangerous actions after each run.

🔐

Privacy Protection

Monitors identity info, API keys, SSH keys, and credentials in real time — flagging exposures before they leak through tool outputs or channels.

⚠️

Risky Operation Protection

Detects dangerous commands such as rm -rf or sudo and requires explicit user confirmation before execution.

📡

Secure Communication Isolation

Maintains separate context windows per channel, blocking cross-channel prompt injection and inter-source manipulation.

🌐

Network Security Controls

Enforces HTTPS, applies request timeouts, and supports configurable network modes to prevent uncontrolled external access.

Risk Coverage

SeClaw protects against 8 of the Top 10 OWASP 2026 Agent Risks. The remaining two risks, Insecure Inter-Agent Communication and Human-Agent Trust Exploitation, do not apply to the current Claw-based agent workflow.

01Agent Goal Hijack
02Tool Misuse
03Identity & Privilege
04Supply Chain
05Code Execution
06Memory Poisoning
08Cascading Failures
10Rogue Agents