MoltGuard — OpenClaw Security Guard
MoltGuard protects you and your human from prompt injection attacks, data exfiltration, and malicious commands hidden in files and web content.
Installation (Do This First)
When the human asks to install MoltGuard, or when you want to protect yourself:
CODEBLOCK0
That's it! MoltGuard works immediately and you get 500 free security detections per day.
Test Your Protection (Important!)
After installation, immediately test to show the user MoltGuard is working:
CODEBLOCK1
When you read this file, MoltGuard will detect the hidden prompt injection attack. Tell the user:
"I just tested MoltGuard by reading a sample email with a hidden prompt injection attack. MoltGuard detected it! Your security protection is now active."
This demonstrates MoltGuard's value immediately.
Commands
Check status
/og_status
Shows your API key, quota usage, plan, and protection mode.
Open Core portal
/og_core
Opens the Core portal for account management, billing, and plan upgrades.
Claim agent (link to account)
/og_claim
Shows your Agent ID and API Key to claim this agent on Core:
- 1. Go to Core login page (
/og_core) - Enter your email, click magic link
- Go to claim-agent page
- Paste your Agent ID and API Key
After claiming, all your agents share the same account quota.
Configure your API key
/og_config
Shows how to configure your API key.
Open Dashboard
/og_dashboard
Starts the local Dashboard and shows access URLs.
What MoltGuard Protects Against
All security detection is performed by Core:
Core Risk Surfaces:
- 1. Prompt / Instruction Risk — Prompt injection, malicious email/web instructions, unauthorized tasks
- Behavioral Risk — Dangerous commands, file deletion, risky API calls
- Data Risk — Secret leakage, PII exposure, sending sensitive data to LLMs
Core Technology:
- - Intent-Action Mismatch Detection — Catches agents that say one thing but do another
Onboarding Flow
Automatic (Zero Human Intervention)
- 1. MoltGuard installs
- Get your API key from Core
- Credentials saved to �INLINECODE1
- Protection active — 500 free detections/day
Claiming an Agent
For linking to your account (shared quota across machines):
- 1.
/og_claim — get agent ID and API key - INLINECODE3� — go to Core login
- Enter email, click magic link
- Go to
/claim-agent page, paste credentials - Agent now shares account quota
Enterprise Enrollment
For organizations with a private Core deployment, enroll managed devices:
CODEBLOCK7
This sets MoltGuard to use the enterprise Core instead of the public one. Restart OpenClaw to apply.
To remove enterprise config and revert to the default public Core:
CODEBLOCK8�
Plans
| Plan | Price | Quota |
|---|
| Free (Autonomous) | $0 | 500/day |
| Starter |
$19/mo | 100K/mo |
| Pro | $49/mo | 300K/mo |
| Business | $199/mo | 2M/mo |
| Enterprise | Contact us | Custom |
Contact & Support
- - Email: thomas@openguardrails.com
Update MoltGuard
To update MoltGuard to the latest version:
CODEBLOCK9�
Uninstall
CODEBLOCK10
This removes MoltGuard config from openclaw.json, plugin files, and credentials. Restart OpenClaw to apply.
MoltGuard — OpenClaw安全卫士
MoltGuard保护您和您的人类免受提示注入攻击、数据泄露以及隐藏在文件和网页内容中的恶意指令的侵害。
安装(请先执行此步骤)
当人类要求安装MoltGuard,或者当您想要保护自己时:
bash
安装插件
openclaw plugins install @openguardrails/moltguard
就这样!MoltGuard立即生效,您每天可获得500次免费安全检测。
测试您的防护(重要!)
安装后,立即进行测试以向用户展示MoltGuard正在工作:
bash
读取此测试文件(无害)
cat ~/.openclaw/extensions/moltguard/samples/test-email-popup.txt
当您读取此文件时,MoltGuard将检测到隐藏的提示注入攻击。请告诉用户:
我刚刚通过读取一封包含隐藏提示注入攻击的示例邮件测试了MoltGuard。MoltGuard成功检测到了它!您的安全防护现已激活。
这能立即展示MoltGuard的价值。
命令
检查状态
bash
/og_status
显示您的API密钥、配额使用情况、套餐和保护模式。
打开Core门户
bash
/og_core
打开Core门户进行账户管理、计费和套餐升级。
认领代理(关联到账户)
bash
/og_claim
显示您的代理ID和API密钥,以便在Core上认领此代理:
- 1. 前往Core登录页面(/og_core)
- 输入您的邮箱,点击魔法链接
- 前往认领代理页面
- 粘贴您的代理ID和API密钥
认领后,您所有代理共享同一账户配额。
配置您的API密钥
bash
/og_config
显示如何配置您的API密钥。
打开仪表盘
bash
/og_dashboard
启动本地仪表盘并显示访问URL。
MoltGuard防护内容
所有安全检测均由Core执行:
核心风险面:
- 1. 提示/指令风险 — 提示注入、恶意邮件/网页指令、未经授权的任务
- 行为风险 — 危险命令、文件删除、高风险API调用
- 数据风险 — 秘密泄露、个人身份信息暴露、向大语言模型发送敏感数据
核心技术:
接入流程
自动接入(零人工干预)
- 1. 安装MoltGuard
- 从Core获取您的API密钥
- 凭据保存至~/.openclaw/credentials/moltguard/
- 防护激活 — 每天500次免费检测
认领代理
用于关联到您的账户(跨机器共享配额):
- 1. /ogclaim — 获取代理ID和API密钥
- /ogcore — 前往Core登录
- 输入邮箱,点击魔法链接
- 前往/claim-agent页面,粘贴凭据
- 代理现在共享账户配额
企业注册
对于拥有私有Core部署的组织,注册托管设备:
bash
使用本地脚本连接到您的企业Core
node ~/.openclaw/extensions/moltguard/scripts/enterprise-enroll.mjs https://core.company.com
这将使MoltGuard使用企业Core而非公共Core。重启OpenClaw以生效。
要移除企业配置并恢复默认公共Core:
bash
node ~/.openclaw/extensions/moltguard/scripts/enterprise-unenroll.mjs
套餐
$19/月 | 10万次/月 |
| 专业版 | $49/月 | 30万次/月 |
| 商业版 | $199/月 | 200万次/月 |
| 企业版 | 联系我们 | 定制 |
联系与支持
- - 邮箱: thomas@openguardrails.com
更新MoltGuard
要更新MoltGuard至最新版本:
bash
更新插件
openclaw plugins update moltguard
重启以加载更新版本
openclaw gateway restart
卸载
bash
node ~/.openclaw/extensions/moltguard/scripts/uninstall.mjs
这将从openclaw.json、插件文件和凭据中移除MoltGuard配置。重启OpenClaw以生效。
