[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-74275":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":16,"stars30d":17,"stars90d":16,"forks30d":16,"starsTrendScore":16,"compositeScore":18,"rankGlobal":10,"rankLanguage":10,"license":19,"archived":20,"fork":20,"defaultBranch":21,"hasWiki":20,"hasPages":20,"topics":22,"createdAt":10,"pushedAt":10,"updatedAt":27,"readmeContent":28,"aiSummary":29,"trendingCount":16,"starSnapshotCount":16,"syncStatus":30,"lastSyncTime":31,"discoverSource":32},74275,"ClawVault","tophant-ai\u002FClawVault","tophant-ai","OpenClaw Security Vault — Atomic \"claw\" control: every AI reach, within your sight.","",null,"Python",1213,31,6,4,0,30,55.52,"MIT License",false,"main",[23,24,25,26],"clawdbot","clawdbot-plugin","openclaw","security","2026-06-12 04:01:14","\u003Cdiv align=\"center\">\n  \u003Cimg src=\".\u002Fdoc\u002Fimages\u002Flogo1.png\" alt=\"ClawVault Logo\" width=\"200\"\u002F>\n  \u003Cp>\u003Cstrong>OpenClaw Security Vault — Atomic \"claw\" control: every AI reach, within your sight.\u003C\u002Fstrong>\u003C\u002Fp>\n  \u003Cp>\n    \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftophant-ai\u002FClawVault\u002Fblob\u002Fmaster\u002FLICENSE\">\n      \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-MIT-green.svg\" alt=\"License\"\u002F>\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fwww.python.org\u002Fdownloads\u002F\">\n      \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fpython-3.10+-blue.svg\" alt=\"Python 3.10+\"\u002F>\n    \u003C\u002Fa>\n    \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftophant-ai\u002FClawVault\u002Fstargazers\">\n      \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002Ftophant-ai\u002FClawVault?style=social\" alt=\"Stars\"\u002F>\n    \u003C\u002Fa>\n  \u003C\u002Fp>\n\u003C\u002Fdiv>\n\n**[English](.\u002FREADME.md)** | **[中文](.\u002FREADME.zh-CN.md)**\n\n\u003Cdiv align=\"center\">\n  \u003Cimg src=\".\u002Fdoc\u002Fimages\u002Fcartoon_en.png\" alt=\"ClawVault Cartoon\" width=\"800\"\u002F>\n\u003C\u002Fdiv>\n\n## 🎯 ClawVault is for you if\n\n- ✅ You’re concerned about leaking personal private data when interacting with AI agents\n- ✅ You want to prevent AI agents from accessing API keys, private files, and credentials\n- ✅ You need to stop AI agents from mishandling sensitive or confidential files\n- ✅ You want to keep logs of how AI interacts with your private data\n- ✅ You need to detect AI injection attacks and dangerous commands\n\nActivate your personal AI Vault:\n- 1️⃣ Load private files\n- 2️⃣ Set up and customize your secure storage\n- 3️⃣ Create remote management skills\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F2098b271-f844-4db5-b44a-f836e36d314c\n\n### Effect\n\n\u003Cdiv align=\"center\">\n\n| Interception | Interception Record |\n|:-------------------:|:----------------:|\n| \u003Cimg src=\"doc\u002Fimages\u002Fblock-tui.png\" width=\"400\"> | \u003Cimg src=\"doc\u002Fimages\u002Fblock-web.png\" width=\"400\"> |\n\n\u003C\u002Fdiv>\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002Fd580cfa1-8410-4095-90cb-3d693413a24e\n\n### Core Capabilities\n\n#### 1. Visual Monitoring\nUsers can configure their own \"vault\" and lock in Agents, Skills, credentials, and files they care about.  \nWhen someone touches these assets, the \"Security Lobster\" will notify you via IM: who touched what in your vault yesterday.\n\n**Technical Implementation**:\n- Event collection based on API gateway and file-side monitoring (invocation records, file access, change tracking)\n- Supports periodic change notifications and real-time alerts\n\n#### 2. Atomic Control\n\nFine-grained control at the Agent level, using composable \"atomic capabilities\" as the smallest unit:\n- Agent interaction and invocation policies\n- Model routing, whitelists, and quota control\n- Security detection (sensitive info recognition, credential detection, prompt injection protection, etc.)\n- File access permission constraints\n\nUsers can combine these atomic capabilities like \"building blocks\" to create reusable policy configurations.\n\n#### 3. Generative Capabilities\nEach \"storage chamber\" in the vault includes built-in basic security scenarios and allows users to add detection scenarios and Skills via natural language by mobilizing atomic capabilities.\n\n**Example**:  \nTell the system via chat interface:\n```\nFor customer service Agent, if a user uploads a PDF containing 'contract',\nit must first go through sensitive information desensitization,\nand only GPT-4o-mini is allowed, with a single call limit of 2000 tokens.\n```\nThe system will automatically generate and execute the corresponding policy rules.\n\n---\n\n## ✨ Features\n\n- **🔍 Sensitive Data Detection** — API keys, passwords, PII, credit cards, and 15+ pattern types\n- **🛡️ Prompt Injection Defense** — Block role hijacking, instruction override, data exfiltration\n- **⚠️ Dangerous Command Guard** — Intercept `rm -rf`, `curl|bash`, privilege escalation\n- **🔄 Auto-Sanitization** — Replace secrets with placeholders, restore on response\n- **💰 Token Budget Control** — Daily\u002Fmonthly limits with cost alerts\n- **📊 Real-time Dashboard** — Web UI with per-agent config, detection details, quick tests\n\nThe vault includes a **transparent proxy gateway module** that intercepts traffic between your AI tools and external APIs (OpenAI, Anthropic, etc.).\n\n\n## 🚀 Quick Start\n\nhttps:\u002F\u002Fgithub.com\u002Fuser-attachments\u002Fassets\u002F1f424172-8833-4ccc-b0d2-abf67c1758dd\n\n### Option 1: Install as OpenClaw Skill (Recommended)\n\n```bash\n# Install the dedicated installer from ClawHub\nopenclaw skills install tophant-clawvault-installer --version=0.2.9 --force\n\n# Or install via clawhub CLI\nclawhub install tophant-clawvault-installer --version 0.2.9\n```\n\n**ClawHub:** https:\u002F\u002Fclawhub.ai\u002FMartin2877\u002Ftophant-clawvault-installer\n\nThe installer skill provides AI-guided installation and management:\n- `\u002Ftophant-clawvault-installer install --mode quick` - Quick setup\n- `\u002Ftophant-clawvault-installer health` - Check status\n- `\u002Ftophant-clawvault-installer generate-rule \"Block AWS credentials\"` - Create security rules\n- `\u002Ftophant-clawvault-installer test --category all` - Run detection tests\n\nSee [skills\u002Ftophant-clawvault-installer\u002F](skills\u002Ftophant-clawvault-installer\u002F) for skill documentation.\n\nOperational commands after installation are provided by [skills\u002Ftophant-clawvault-operator\u002F](skills\u002Ftophant-clawvault-operator\u002F).\n\n### Option 2: Install as Python Package\n\n```bash\n# Install\npip install -e .\n\n# Start (proxy + dashboard)\nclawvault start\n\n# Scan text\nclawvault scan \"password=MySecret key=sk-proj-abc123\"\n\n# Interactive demo\nclawvault demo\n```\n\n## 🚀 Deploy to Server\n\n```bash\n# One command: pack, upload, install\n.\u002Fscripts\u002Fdeploy.sh \u003Cserver-ip> root\n\n# On server: setup integration + start\n.\u002Fscripts\u002Fsetup.sh\n.\u002Fscripts\u002Fstart.sh\n```\n\n## 📜 Scripts\n\n| Script | Usage |\n|--------|-------|\n| `scripts\u002Fdeploy.sh \u003Cip> [user]` | Deploy to cloud server |\n| `scripts\u002Fstart.sh` | Start ClawVault (add `--with-openclaw` to also start OpenClaw) |\n| `scripts\u002Fstop.sh` | Stop all services |\n| `scripts\u002Ftest.sh` | Run CLI + API tests |\n| `scripts\u002Fsetup.sh` | Setup OpenClaw proxy integration |\n| `scripts\u002Funinstall.sh` | Uninstall and restore original state |\n\n## 🏗️ Architecture\n\n```\n    OpenClaw\n       │\n       ▼\n┌─────────────────────────────────┐\n│    ClawVault (Security Vault)   │\n├─────────────────────────────────┤\n│ Gateway Module                  │\n│  • Transparent Proxy  :8765     │\n│  • Traffic Interception         │\n├─────────────────────────────────┤\n│ Detection Engine                │\n│  • Sensitive data               │\n│  • Injection patterns           │\n│  • Dangerous commands           │\n├─────────────────────────────────┤\n│ Guard \u002F Sanitizer               │\n│  • Allow \u002F Block \u002F Sanitize     │\n├─────────────────────────────────┤\n│ Audit + Monitor                 │\n│  • SQLite storage               │\n│  • Token budget tracking        │\n├─────────────────────────────────┤\n│ Dashboard                       │\n│  • Web UI :8766                 │\n│  • Agent config & tests         │\n└─────────────────────────────────┘\n```\n\n## ⚙️ Configuration\n\n```yaml\n# ~\u002F.ClawVault\u002Fconfig.yaml\nproxy:\n  port: 8765\n  intercept_hosts: [\"api.openai.com\", \"api.anthropic.com\"]\n\nguard:\n  mode: \"interactive\"  # interactive | strict | permissive\n\nmonitor:\n  daily_token_budget: 50000\n```\n\n## 📊 Development Progress\n\n| Capability Module | Status | Notes |\n|---------|------|------|\n| API Gateway Monitoring & Interception | ✅ Implemented | V1 core capability |\n| File-side Monitoring | 🚧 In Progress | Gradual integration |\n| Agent-level Atomic Control | 🚧 In Progress | Gateway-side available, expanding to other scenarios |\n| Generative Policy Orchestration | 🚧 In Progress | Gradual integration |\n\n---\n\n## 📚 Documentation\n\n| Document | Description |\n|------|------|\n| [Development Setup](doc\u002FINSTALL_DEV.md) | Local dev environment |\n| [Production Deployment](doc\u002FINSTALL_PRODUCTION.md) | Deploy to server |\n| [OpenClaw Integration](doc\u002FOPENCLAW_INTEGRATION.md) | Connect with OpenClaw |\n| [Architecture](doc\u002Farchitecture.md) | System design & modules |\n| [Guard Modes](doc\u002FGUARD_MODE.md) | strict \u002F interactive \u002F permissive |\n| [Scenarios](doc\u002Fscenes.md) | Use cases & roadmap |\n\nSee [doc\u002F](doc\u002F) for the full documentation index.\n\n## 🛠️ Development\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002Ftophant-ai\u002FClawVault.git\ncd ClawVault\npython3 -m venv venv && source venv\u002Fbin\u002Factivate\npip install -e \".[dev]\"\npytest\n```\n\n## 📄 License\n\nMIT © 2026 [Tophant](https:\u002F\u002Fwww.tophant.com\u002F)\n\n---\n\n## 🤝 Community\n\n- [GitHub Issues](https:\u002F\u002Fgithub.com\u002Ftophant-ai\u002FClawVault\u002Fissues) — Bug reports and feature requests\n- [Security Issues](https:\u002F\u002Fgithub.com\u002Ftophant-ai\u002FClawVault\u002Fsecurity\u002Fadvisories) — Security vulnerability reports\n\n---\n\n\u003Cdiv align=\"center\">\n  \u003Cp>\u003Cstrong>🦞 Built for people who want to secure AI, not babysit agents.\u003C\u002Fstrong>\u003C\u002Fp>\n  \u003Cp>\u003Ca href=\"#top\">Back to top ↑\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fdiv>\n","ClawVault 是一个用于保护个人隐私数据不被AI代理泄露的安全工具。它提供了原子级的“爪”控制，确保每一次AI访问都在用户的监控之下。核心功能包括可视化监控、原子级控制和生成能力。通过API网关和文件侧监控实现事件收集，并支持定期变更通知和实时警报；细粒度的控制策略允许用户自定义代理交互规则、模型路由、白名单及配额管理等；同时，每个存储单元内嵌基础安全场景，并可通过自然语言添加检测场景和技能。适用于需要防止AI代理访问API密钥、私有文件和凭证，以及阻止敏感或机密文件被不当处理的场景。",2,"2026-06-11 03:49:47","high_star"]