ClawMoat v1.0.0 is the stable release of the open-source agent firewall.

This release focuses on practical runtime protection for AI agents, MCP setups, coding agents, and tool-using LLM systems.

Highlights

• clawmoat watch live monitoring dashboard for agent activity
• clawmoat scan-mcp for MCP configuration risk scanning
• Prompt injection, secret leakage, PII exposure, exfiltration, supply-chain, and dangerous tool-call detection
• Vulnerability-ops exploitability scoring and analysis API
• Runtime protection exports for embedding ClawMoat into agent apps
• Integration docs and adapters for LangChain, OpenAI Agents, LiteLLM, CrewAI, and OpenClaw
• Updated homepage, README, package metadata, and v1 positioning around the agent firewall category
• Package hygiene improvements to keep stale local artifacts and mutable server key state out of npm packages

Verification

• npm test -- --test-reporter=dot: 527 passing, 0 failing
• npm run lint: passing
• npm publish --dry-run --json: package clawmoat@1.0.0, 239 files, sensitive/stale artifacts excluded

Install

npm install -g clawmoat
clawmoat --help