npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@clawsentinel/clawguard

v0.7.1

Published

WebSocket + HTTP proxy with 500-rule prompt injection firewall — ClawSentinel Module 3

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

hshdevhubhshdevhub

Keywords

clawsentinelopenclawprompt-injectionai-securityllm-firewallwebsocket-proxy

Readme

@clawsentinel/clawguard

WebSocket and HTTP proxy firewall for the ClawSentinel security platform. Sits between your AI agent and OpenClaw, inspecting every message in real time.

This is an internal package. Install clawsentinel to use the full platform.

What it does

ClawGuard intercepts all traffic on ports :18790 (WebSocket) and :18791 (HTTP) and applies seven security checks before forwarding to OpenClaw on :18789:

| Check | What it blocks | |---|---| | Pattern engine | 566 regex rules across 8 categories — prompt injection, exfiltration, memory tampering, tool abuse, encoding attacks, multilingual injection, social engineering, context manipulation | | Tool name blocklist | Blocks calls to dangerous tools (shell execution, filesystem writes to sensitive paths) | | Shell command blocklist | Blocks rm -rf, curl \| bash, reverse shell patterns in tool inputs | | Filesystem path blocklist | Blocks access to ~/.ssh, ~/.aws, ~/.openclaw/config and other sensitive paths | | Domain allowlist | Warns or blocks outbound HTTP to non-allowlisted domains | | Raw API key detection | Detects plaintext API keys leaking through outbound payloads (T7 threat) | | ClawVault injection | Resolves @vault:KEY references before forwarding — keys never touch the agent context |

HTTP API (local only)

GET  /health              → service health + rule count
GET  /api/rules           → all 566 pattern rules (used by Chrome extension)
POST /api/scan            → scan arbitrary text, returns score + verdict

Passthrough-first

If ClawGuard fails or crashes, traffic is never silently dropped — the proxy fails open so OpenClaw continues working. Security is layered, not a single point of failure.

Threats addressed

  • T1 Prompt Injection — pattern engine blocks hidden instructions in web content
  • T3/T6 Data Exfiltration — domain allowlist + exfil pattern rules
  • T4 Tool Abuse — tool name + shell command + filesystem blocklists
  • T7 Credential Theft — raw key detection + ClawVault injection

Links