ClawGuard

ClawGuard is a zero-trust security middleware designed for the Agentic Web to prevent malicious AI agent skills from accessing sensitive tools and resources. It enforces cryptographic capability manifests that strictly define what each skill can and cannot do, blocking unauthorized actions in real time before execution. The platform also generates immutable audit logs for every violation and uses sealed AI inference to detect hidden behaviors that do not match a skill’s declared permissions. Built with TypeScript and integrated with decentralized storage, ENS, and on-chain verification, ClawGuard enables secure, transparent, and verifiable execution of third-party AI skills across agent ecosystems.

During the hackathon, we built ClawGuard from concept into a fully operational Layer 2.5 security middleware for OpenClaw agents. Our core development milestones include:

• Middleware & OpenClaw Integration: Engineered a zero-trust interceptor that wraps OpenClaw’s tool_dispatch to block unauthorized agent actions based on declarative capabilities (SKILL.md).

• 0G Storage Pivot & Audit Logs: We successfully integrated 0G File Storage to host tamper-proof capability manifests. Furthermore, any blocked tool executions are automatically uploaded as immutable ViolationEvent logs to 0G Storage via the Turbo Indexer.

• 0G Compute & 0G Chain Validation: Deployed the SkillRegistry.sol contract on the 0G Galileo Testnet to anchor manifest hashes. We also integrated 0G Compute (Qwen models) using sealed inference to verify agent code against its declared capabilities, anchoring a verification badge on-chain.

• Developer Tooling & Demo: Built a complete CLI (@clawguard/cli) for developers to push security policies to 0G and ENS, alongside "Spectra," an end-to-end local demo agent showcasing live tool interception and 0G network interactions.