Inspiration
OpenClaw got 150K+ stars on GitHub but it has a serious security hole - CVE-2026-25253 with an 8.8 danger score. Security companies are all warning about it. 35% of people running OpenClaw are already hacked, and 12% of the skills you can download have malware in them. Companies won't use it until there's a way to keep it safe. We built that safety system.
What it does
ClawDefense watches your OpenClaw agents and stops bad stuff from happening. I made four agents that work together: one checks your config files for exposed passwords, one watches what OpenClaw does in real-time and catches attacks, one scans downloadable skills for malware, and one looks at everything to find hacked instances. All of this runs on Elasticsearch and catches threats in under a second.
How we built it
I used Elasticsearch Agent Builder to run multiple agents at once. Python for the code. Elasticsearch stores all the data and spots weird patterns that might be attacks. We wrote ES|QL queries to connect the dots between different threats. Added Slack so humans can approve big decisions. Built fake OpenClaw setups to test different attacks.
Challenges we ran into
OpenClaw doesn't have test tools so we had to fake the whole thing. Getting the system to catch real attacks without crying wolf too much took a lot of testing. Making four agents talk to each other and trigger actions was trickier than we thought. Detecting prompt injections needed us to keep updating the patterns as we tried different attacks.
Accomplishments that we're proud of
Threats get caught in 0.3 seconds. Every malicious skill we tested got blocked. The live demo works - you can watch it catch and stop an attack happening right in front of you. We made OpenClaw safe enough for actual companies to use.
What we learned
Speed matters a lot in security - if it takes more than a second, it feels broken. Good threat detection needs good examples to learn from. Running multiple agents together is powerful but you need clear rules for when they should act. Most security tools try to prevent attacks, but catching them and responding fast is more important for AI agents.
What's next for ClawDefense
Add automatic fixes for more types of attacks. Build reports that companies need for security audits. Let different OpenClaw instances share what attacks they're seeing. Make it work with other AI agent tools, not just OpenClaw. Maybe turn it into a service that companies can pay for.
Log in or sign up for Devpost to join the conversation.