Production-ready security and governance for OpenClaw skills. Detect PII, enforce policies, block dangerous tool calls, and scan skills for vulnerabilities — in one npm install.
npm install @torknetwork/guardianHundreds of skills on ClawHub have been flagged for potential data exfiltration, port hijacking, and reverse shell patterns. Installing an unscanned skill may give it broad access to your local network.
OpenClaw has no native PII detection, no policy enforcement, and no audit trail. Every tool call runs with full permissions by default.
Regulated industries (healthcare, finance, legal) cannot adopt OpenClaw without governance controls. No compliance receipts means no audit trail.
Add Tork Guardian to any OpenClaw skill
Initialize with your API key
Every LLM request is governed. PII is redacted. Tool calls are validated. Compliance receipts are generated automatically.
Automatically detect and redact emails, phone numbers, SSNs, credit cards, and 30+ PII patterns before they reach the LLM.
Block dangerous operations like shell_execute, file_delete, and rm -rf. Allow only pre-approved tool calls.
Define strict, standard, or minimal policies. Enforce them consistently across all skills with zero code changes.
Scan any OpenClaw skill for vulnerabilities before installation. Get a security score and detailed report.
Detect port hijacking, block data exfiltration, prevent reverse shells, and stop cross-skill MITM attacks. Control inbound/outbound ports and enforce domain allowlists per skill.
Cryptographic proof of every governance decision. Audit-ready evidence for SOC 2, HIPAA, and GDPR.
OpenClaw skills run on your local machine with full network access. One malicious skill can exfiltrate your data, hijack MCP ports, or open reverse shells. Tork Guardian locks it down.
MCP servers listen on predictable localhost ports. Malicious skills can bind the same port first, intercepting all traffic. Tork is designed to detect and help block duplicate port bindings.
Skills silently sending credentials, conversation history, and PII to attacker servers over outbound connections. Tork is designed to enforce domain allowlists and help block unknown egress.
A skill opening a listener on an external-facing port gives attackers persistent remote access to your machine. Tork is designed to detect the bind+exec pattern and terminate it.
Skill A opens port 8080, Skill B connects to it — covert inter-skill communication bypassing all governance. Tork helps isolate skills with per-skill port policies.
import { TorkGuardian } from '@torknetwork/guardian'; const guardian = new TorkGuardian({ apiKey: process.env.TORK_API_KEY!,}); // Govern an LLM request — PII is automatically redactedconst result = await guardian.governLLM({ messages: [ { role: 'user', content: 'Email john@acme.com about the project' }, ],});// result.governed → "Email [EMAIL_REDACTED] about the project" // Block dangerous tool callsconst decision = guardian.governTool({ name: 'shell_execute', args: { command: 'rm -rf /' },});// decision.allowed → false// decision.reason → "shell_execute is blocked by policy" // Scan a skill before installingconst report = await guardian.scanSkill('./my-skill');// report.score → 85/100// report.findings → [{severity: 'high', rule: 'network-unrestricted'}]Need enterprise? Contact us for custom pricing.
Add production-ready security to your OpenClaw skills in under 60 seconds.
npm install @torknetwork/guardian