Prompt injection defense tool for OpenClaw agents.
AI Security Gateway โ compiled Rust enforcement layer between AI agents and your system with self-governance formula.
Aquaman is a credential isolation proxy for OpenClaw Gateway that keeps API keys and channel tokens out of the agent process entirely. It runs as a separate sidecar process listening on a Unix domain socket, intercepting outbound API calls and injecting authentication headers from secure backends like macOS Keychain, 1Password, or HashiCorp Vault. Even if an agent is fully compromised through prompt injection or RCE, credentials are never exposed because they exist in a different address space. It ships as two npm packages: aquaman-proxy (the HTTP proxy daemon and CLI) and aquaman-plugin (the OpenClaw Gateway plugin that wires everything up automatically).
Security scanning and trust registry for AI agent skills. Orchestration hub.
A guide on the safest way to run OpenClaw โ covering security best practices, sandboxing, and safe deployment configurations.