Industry’s first three-layer security plugin enforces protection at the gateway — where the model cannot interfere
Enkrypt AI, named a Gartner Cool Vendor in AI Security 2025, today announced the general availability of ClawPatrol, a security plugin for the OpenClaw agent ecosystem that delivers gateway-level enforcement, autonomous skill scanning, and semantic file integrity monitoring. ClawPatrol addresses a critical gap in AI agent security: the failure of LLM-dependent defenses when the model itself is under attack.
We treat AI agents as critical infrastructure. Most tools depend on the LLM cooperating, which breaks during an attack. ClawPatrol enforces security at the gateway, where the model cannot bypass it.”
— Sahil Agarwal, CEO, Enkrypt AI
AI agents are increasingly embedded in enterprise workflows — automating decisions, executing tool calls, and managing sensitive data at scale. Yet most security approaches in the agent ecosystem depend on the model cooperating with safety instructions. That assumption breaks during a prompt injection attack, a supply chain compromise, or a skill-level infiltration — precisely the scenarios where protection matters most. The ClawHavoc supply chain attack demonstrated this risk at scale, with over 800 malicious skills planted in ClawHub harvesting credentials across the ecosystem.
Also Read: CIO Influence Interview with Gihan Munasinghe, CTO of One Identity
ClawPatrol operates through three simultaneously active security layers:
1. Gateway Hook Enforcement deploys six hooks that execute as gateway code, fully independent of LLM invocation. The before_tool_call hook blocks dangerous tool calls before they execute. The message_sending hook cancels compromised outbound messages before they leave the agent. Nine configurable detectors cover prompt injection, PII exposure, NSFW content, toxicity, bias, and more. Every violation surfaces in conversation with a confidence score and actionable remediation guidance.
2. File Integrity Scanner performs SHA-256 monitoring of workspace cognitive files on a 60-second cycle, with semantic drift triage powered by the Enkrypt AI API. When malicious changes are detected, persistent alerts are raised immediately. Benign changes silently update the baseline — eliminating false positives without requiring manual approval workflows.
3. Skill Scanner provides autonomous background analysis of all installed skills using Skill Sentinel, a multi-agent AI pipeline purpose-built to identify compromised or suspicious packages. MALICIOUS and SUSPICIOUS findings persist across agent sessions until the skill is removed or re-scanned clean, preventing reinfection across session boundaries.
This architecture reflects Enkrypt AI’s broader approach to AI agent security: layered, runtime controls that operate across input, tool use, memory, and output — mapped to OWASP Agentic AI, NIST AI RMF, and the EU AI Act. ClawPatrol brings that same philosophy to the OpenClaw ecosystem, where the attack surface continues to expand as agent adoption accelerates.
Catch more CIO Insights: CIO as Orchestrator of Cross-Functional Digital Strategy
[To share your insights with us, please write to psen@itechseries.com ]
