Help stop your AI agent from leaking secrets.

Clawmont is a security plugin for OpenClaw. Your keys never leave your machine.

Try it live.

Try it live

Run an attack. See which layer stops it.

The regexes here are the same ones that ship in packages/plugin/src. No network calls — every verdict runs in your browser so you can diff what leaks without Clawmont vs. what gets blocked with it.

Clawmont inspects the payload and emits a signed audit entry before the tool call reaches the model.

attacker > input

Presets auto-load. Free-text mode lets you paste any prompt, tool call, or file path you want to try.

clawmont > scan ready

Pick a preset or enter a payload — results show up here.

Same regexes that ship in production. Every verdict runs in your browser — no network calls, no plugin instance. Known limitations are published transparently alongside what we do block.

Keys stay local

Your API keys never leave your machine.

11 defense layers

From prompt injection to credential theft.

Tamper-evident audit

Every action logged, hash-chained on disk.

One-time license. Same security on every tier.

Add Guardrails Monitoring for cloud alerts — €9/mo

Help stop your AI agent from leaking secrets.

Try it live.

Keys stay local

11 defense layers

Tamper-evident audit

Protect your AI workflow.