ClawSec adds agent drift audits
- Prompt Security’s ClawSec says its open-source agent security suite now watches for instruction drift and runs automated audits on OpenClaw deployments. - The suite’s public docs say it protects core agent files such as USER.md or SOUL.md, alongside integrity checks and live security recommendations. - The release extends agent hardening beyond prompt injection into ongoing behavior monitoring. (prompt.security)
ClawSec is pitching a simple idea: AI agents should check whether their own rules and behavior have quietly changed over time. Prompt Security says its open-source suite now adds drift detection and automated audits for OpenClaw-family agents. (prompt.security) (github.com) In plain terms, “drift” means an agent’s core instructions, identity files, or installed skills no longer match the state an operator expected. ClawSec’s docs say the suite watches files such as USER.md and SOUL.md and flags unexpected changes. (prompt.security) (github.com) Prompt Security, a SentinelOne company, describes ClawSec as a “security skill suite” for OpenClaw, NanoClaw, and Hermes agents. The install flow on its site uses a single command, `npx clawhub@latest install clawsec-suite`, to deploy the package. (prompt.security) The suite is aimed at a newer security problem: agents can pull in outside skills, keep memory, call tools, and change how they act without a traditional change-control system. SentinelOne’s February write-up said ClawSec was built to address prompt injection, supply-chain compromise, configuration drift, and unsafe runtime behavior. (sentinelone.com) That makes the audit feature less like a one-time scan and more like a recurring internal checklist. ClawSec’s public materials pair automated audits with integrity verification and live security recommendations, suggesting the system is meant to keep checking an agent after deployment, not just at install time. (prompt.security) (github.com) The GitHub repository shows the project is active, with 942 stars and a latest commit five days ago as of April 27, 2026. Recent updates include changes to Hermes attestation verification and vulnerability-feed polling, which fits the company’s pitch that agent security needs continuous maintenance. (github.com) ClawSec is also being positioned as open infrastructure rather than a closed product. Prompt Security says the project is open source, designed for “security research and agentic workflow hardening,” and not affiliated with OpenClaw or NanoClaw themselves. (prompt.security) The broader bet is that agent failures will look less like one dramatic breach and more like small, silent changes in what an agent trusts or does. ClawSec’s answer is to make those changes visible before they turn into a bad tool call or a leaked secret. (sentinelone.com) (prompt.security)
