ClawCare: Security Guard for AI Coding Agents After AWS Key Leak

ClawCare is a security tool for AI coding agents that intercepts and scans commands before execution, created after a developer accidentally leaked an AWS secret key through Claude Code. The developer had an agent check environment variables, forgetting an AWS key was stored there, which entered the session context and was sent to the LLM provider.

Key Features

ClawCare hooks directly into Claude Code as a PreToolUse hook, scanning every command before execution. It includes built-in rules that block specific patterns:

• env bulk dumps → blocked (HIGH_ENV_BULK_DUMP)
• curl -d exfiltration → blocked (CRIT_NETWORK_EXFIL)
• nc -e /bin/bash reverse shells → blocked (CRIT_REVERSE_SHELL)
• Pipe-to-shell patterns → blocked (CRIT_PIPE_TO_SHELL)
• Medium-risk commands like eval $(...) → surfaces a confirmation prompt

The tool logs violations to a report using a PostToolUse hook. It also performs static scanning of .claude/skills/ directories for dangerous patterns, which can be run locally or gated in CI with clawcare scan <skill directory> --ci.

Setup and Usage

Setup takes about 10 seconds:

pip install clawcare
clawcare guard activate --platform claude

For audit trail:

clawcare guard report --since 24h

ClawCare includes over 30 built-in rules, supports custom YAML rules, and allows per-skill policy manifests. It supports OpenClaw, Cursor, and Codex in addition to Claude. The tool is Apache 2.0 licensed and requires Python 3.10+.

This type of security tool addresses the risk of giving AI agents access to shells, files, and secrets with minimal guardrails, particularly concerning third-party skills that can run commands without visibility.