FireClaw

The Problem

Prompt injection is the #1 vulnerability in AI agents. Malicious websites can hijack your AI's behavior, steal data, or execute unauthorized actions.

🌐

Malicious Website

Hidden prompt injection in page content

→

🤖

AI Agent

Fetches and processes content

→

💥

Bad Outcome

Data theft, unauthorized actions, system compromise

⚠️

OWASP Top 10 for LLMs

Prompt Injection is ranked as the #1 vulnerability in AI/LLM applications

How FireClaw Works

A four-stage sanitization pipeline that stands between the web and your AI agent

📥

Fetch

Retrieves content through isolated proxy environment with DNS pre-check and domain reputation scoring

🧹

Sanitize

Strips scripts, styles, and suspicious patterns. Removes hidden text, zero-width characters, and encoding tricks

📝

Summarize

Condenses content to semantic meaning only. The proxy has no tools, no database access — just text processing

🔍

Scan

Analyzes for injection patterns using community threat intelligence. Flags suspicious content before it reaches your agent

🛡️

Even if the proxy gets injected — dead end.
No tools, no data, no damage. The threat stops at the firewall.

Built for Security

🔄

4-Stage Pipeline

Fetch, sanitize, summarize, and scan every request through isolated layers of protection

🌐

Community Threat Feed

Real-time threat intelligence shared across all FireClaw instances (opt-in, privacy-first)

🏆

Domain Trust Tiers

Automatic reputation scoring with whitelist, greylist, and blacklist management

🚨

Real-time Alerts

Instant notifications when suspicious activity or injection attempts are detected

🍯

Canary Token Detection

Honeypot tokens identify and track malicious actors attempting to exfiltrate data

🔒

DNS Pre-Check

Validates domains before fetching to block known malicious infrastructure

📜

Audit Log with Replay

Complete request history with ability to replay and analyze past interactions

⚡

Rate Limiting & Cost Control

Prevent abuse and control API costs with configurable request throttling

Stronger Together

Community-powered threat intelligence. The more FireClaw instances running, the better we protect everyone.

Attacks Blocked

Domains Flagged

Active Instances

✓

Opt-in by Design

You control what's shared. Threat intelligence sharing is completely optional.

✓

Privacy-First

Only threat signatures and domain hashes are shared — never your data or content.

✓

Network Effect

When one instance detects a threat, all connected instances get protected immediately.

Deploy Anywhere

Raspberry Pi, Docker, any machine with Node.js — protect your AI for the cost of a burrito

🥧

Raspberry Pi

Perfect for home setups. Runs on Pi 3B+ or newer.

🐳

Docker

One command deployment with Docker Compose.

⚡

Node.js

Run anywhere Node.js runs. Zero dependencies.

Quick Start with Docker

git clone https://github.com/fireclaw-security/fireclaw.git
cd fireclaw
docker compose up -d

Quick Start with Node.js

git clone https://github.com/fireclaw-security/fireclaw.git
cd fireclaw
npm install
npm start

Quick Start on Raspberry Pi

curl -fsSL https://fireclaw.app/install.sh | bash

Dashboard Preview

Real-time monitoring and control from your local network

• Live request monitoring and threat detection

• Domain trust management and whitelist/blacklist controls

• Audit log with request replay and analysis tools

• Community threat feed insights and statistics

• Local network only access with OTP authentication

Open Source & Free Forever

⚖️

AGPLv3 Licensed

Free to use, modify, and distribute. If you host it as a service, you must share your source code.

🤝

Community-Driven

Created by Ralph Perez. Built for the OpenClaw community. Contributions welcome!

📖

Fully Documented

Comprehensive docs, examples, and guides to get you started.

⭐ Star on GitHub 🛠️ Contribute

A firewall for your agent's brain