GoPlus AgentGuard
The essential security guard for every AI agent user.
Your AI agent has full access to your terminal, files, and secrets — but zero security awareness.
A malicious skill or prompt injection can steal your keys, drain your wallet, or wipe your disk.
AgentGuard stops all of that.
Why AgentGuard?
AI coding agents can execute any command, read any file, and install any skill — with zero security review. The risks are real:
- Malicious skills can hide backdoors, steal credentials, or exfiltrate data
- Prompt injection can trick your agent into running destructive commands
- Unverified code from the internet may contain wallet drainers or keyloggers
AgentGuard is the first real-time security layer for AI agents. It automatically scans every new skill, blocks dangerous actions before they execute, runs daily security patrols, and tracks which skill initiated each action. One install, always protected.
What It Does
Layer 1 — Automatic Guard (hooks): Install once, always protected.
- Blocks
rm -rf /, fork bombs, curl | bash and destructive commands
- Prevents writes to
.env, .ssh/, credentials files
- Detects data exfiltration to Discord/Telegram/Slack webhooks
- Tracks which skill initiated each action — holds malicious skills accountable
Layer 2 — Deep Scan (skill): On-demand security audit with 24 detection rules.
- Auto-scans new skills on session start — malicious code blocked before it runs
- Static analysis for secrets, backdoors, obfuscation, and prompt injection
- Web3-specific: wallet draining, unlimited approvals, reentrancy, proxy exploits
- Trust registry with capability-based access control per skill
Layer 3 — Daily Patrol (OpenClaw): Automated daily security posture assessment.
- 8 comprehensive security checks run on a configurable schedule
- Detects skill tampering, secrets exposure, network risks, and suspicious file changes
- Analyzes audit logs for attack patterns and flags repeat offenders
- Validates environment configuration and trust registry health
Quick Start
npm install @goplus/agentguard
Full install with auto-guard hooks (Claude Code)
git clone https://github.com/GoPlusSecurity/agentguard.git
cd agentguard && ./setup.sh
claude plugin add /path/to/agentguard
This installs the skill, configures hooks, and sets your protection level.
Manual install (skill only)
git clone https://github.com/GoPlusSecurity/agentguard.git
cp -r agentguard/skills/agentguard ~/.claude/skills/agentguard
OpenClaw plugin install
npm install @goplus/agentguard
Register in your OpenClaw plugin config:
import register from '@goplus/agentguard/openclaw';
export default register;
Or register manually with options:
import { registerOpenClawPlugin } from '@goplus/agentguard';
export default function setup(api) {
registerOpenClawPlugin(api, {
level: 'balanced', // Protection level: strict | balanced | permissive
skipAutoScan: false, // Set true to disable auto-scanning of plugins
});
};
What happens on registration:
- Auto-scans all loaded plugins — Static analysis of each plugin's source code
- Determines trust level — Based on scan results (critical findings → untrusted)
- Infers capabilities — Based on registered tools and scan risk level
- Registers to trust registry — Auto-attests each plugin with appropriate permissions
- Builds tool mapping — Maps
toolName → pluginId for initiating skill tracking
AgentGuard hooks into OpenClaw's before_tool_call / after_tool_call events to block dangerous actions and log audit events.
Then use /agentguard in your agent: