Show HN: ClawZero – execution boundary stops prompt injection exfil in OpenClaw
github.comMost AI agents let the LLM run shell/API/fs with host privileges. Prompt injection = instant RCE.
ClawZero adds a deterministic execution boundary between model output and tool execution.
Try it yourself:
pip install clawzero
clawzero demo openclaw --mode compare --scenario shell
Standard OpenClaw → COMPROMISED
ClawZero → BLOCKED
Policy → mvar-security.v1.4.3
Witness → ed25519 signed artifact
Early release. Harness + OpenClaw simulation only — not yet tested end-to-end on live multi-turn agents in production. That's next.
If you're running agents (LangChain, CrewAI, AutoGen, OpenClaw, etc.) and want to try it live:
Open an issue or email shawn@mvar.io
GitHub: github.com/mvar-security/clawzero Powered by MVAR: github.com/mvar-security/mvar
Curious what people think about moving enforcement outside the model loop vs prompt filtering / LLM judges — especially if Jensen Huang drops something agent-related at GTC today ;)
No comments yet.