Playground

Try to break it.

Try it live

Run an attack. See which layer stops it.

The regexes here are the same ones that ship in packages/plugin/src. No network calls — every verdict runs in your browser so you can diff what leaks without Clawmont vs. what gets blocked with it.

Clawmont inspects the payload and emits a signed audit entry before the tool call reaches the model.

attacker > input

Presets auto-load. Free-text mode lets you paste any prompt, tool call, or file path you want to try.

clawmont > scan ready

Pick a preset or enter a payload — results show up here.

Same regexes that ship in production. Every verdict runs in your browser — no network calls, no plugin instance. Known limitations are published transparently alongside what we do block.