Security Plugin for AI Agents Released
Adversa AI has released SecureClaw, an open-source security plugin for OpenClaw AI agents aligned with OWASP standards. The release addresses growing concerns about AI agent security, such as the practice of giving agents direct access to real API keys. In community discussions, developers are being urged to use proxy tokens to mitigate risks when building with agent frameworks.
- The OpenClaw framework, for which SecureClaw is designed, is an open-source project that grew rapidly, gaining over 100,000 GitHub stars shortly after its launch in late January 2026. Its power lies in allowing AI agents to execute tasks like running shell commands and accessing files, which also creates a significant attack surface. - SecureClaw implements a two-layer defense model: a code-level security plugin and a "behavioral security skill." This behavioral component is designed for runtime protection, providing awareness of prompt injection attempts, detecting potential leaks of credentials, monitoring memory integrity, and triggering incident response actions. - The plugin provides automated security audits and hardening, running 55 distinct checks to identify and mitigate risks. This is intended to give developers a secure baseline configuration before deploying an agent, addressing issues like exposed credentials and overly permissive settings. - Adversa AI's solution is the first to formally map its protections to the entire OWASP Agentic Security Top 10, a list of critical security risks for AI agents. This includes threats like "Prompt Injection," "Excessive Agency," and "Insecure Plugin Design," which have become primary vectors for attacking AI systems. - The need for such security measures was highlighted in 2025 by several real-world incidents. These included "EchoLeak," a zero-click exploit affecting Microsoft 365 Copilot, and "ShadowLeak," where a ChatGPT agent was used to steal data from a connected Gmail account. - The OpenClaw skill marketplace, known as ClawHub, has faced security challenges, with researchers demonstrating how malicious skills could be published and promoted to the top of the download charts using bots. This underscores the supply-chain risk in the AI agent ecosystem, a threat SecureClaw's anomaly detection aims to address. - The core security challenge with AI agents is the "Confused Deputy Problem," where the agent has legitimate access to a user's data and tools, but can be tricked by a malicious prompt into misusing that authority. This can lead to an agent exfiltrating private data or executing destructive commands on the user's behalf. - Before the release of SecureClaw, the OpenClaw community had already started to address security concerns with open-source tools like "openclaw-secure-start" for initial hardening and "ClawGuardian," a plugin that intercepts and blocks destructive commands and the exposure of sensitive data.
