# ClawShell > A security-privileged proxy for OpenClaw/Hermes Agent that performs virtual-to-real API key mapping and DLP scanning to protect PII and sensitive credentials. ClawShell is a runtime security layer and safety harness for the OpenClaw/Hermes Agent ecosystem, written in Rust with Tokio. It sits between AI agents and upstream LLM API providers (OpenAI, Anthropic, OpenRouter), ensuring that agents never hold real API keys and that sensitive data is scanned and redacted before leaving the system. The tool is open source under the Apache License 2.0 and runs in under 10MB of memory, making it ultra-lightweight and suitable for sidecar deployment. - **API Token Secure Binding**: *Real API keys are stored in a privileged config directory (`/etc/clawshell`) readable only by the `clawshell` system user; agents hold only virtual keys that ClawShell swaps for real ones before forwarding requests.* - **PII Safety Net (DLP)**: *Scans HTTP request and response bodies for sensitive data (SSNs, credit card numbers, emails, etc.) using configurable regex patterns, with `block` or `redact` actions per pattern.* - **Sensitive Email Isolation**: *Exposes an IMAP email read endpoint with sender allowlist/denylist filtering; IMAP credentials are stored in the privileged config and never exposed to agents.* - **OAuth Authentication**: *Supports OAuth-based authentication (device code flow) for Codex/ChatGPT as an alternative to static API keys, with automatic token refresh and request translation.* - **Runtime Statistics**: *Exposes a loopback-only `/admin/stats` endpoint with persistent counters for requests protected, tokens used, and emails filtered.* - **Drop-in Sidecar**: *The `clawshell onboard` interactive wizard configures either OpenClaw or Hermes Agent to route all requests through ClawShell's proxy with no external dependencies.* - **Multi-Provider Support**: *Maps virtual keys to OpenAI, Anthropic, or OpenRouter, injecting the correct authentication header format per provider.* - **Installation**: *Install via `cargo install clawshell --locked` or `npm install -g @clawshell/clawshell`, then run `sudo clawshell onboard` to set up the security boundary and configure your agent.* ## Features - Virtual-to-real API key mapping - DLP (Data Loss Prevention) scanning on requests and responses - PII detection and redaction (SSNs, credit cards, emails) - Sender-based email filtering via IMAP - OAuth device code flow for Codex/ChatGPT - Automatic OAuth token refresh - Runtime statistics endpoint (/admin/stats) - Interactive onboarding wizard (clawshell onboard) - OpenClaw and Hermes Agent integration - Multi-provider support (OpenAI, Anthropic, OpenRouter) - Custom regex DLP patterns with block/redact actions - Persistent stats across restarts - Runs in under 10MB of memory - Written in Rust with Tokio - Unix file system permission-based secret protection ## Integrations OpenAI, Anthropic, OpenRouter, OpenClaw, Hermes Agent, Gmail, Outlook, ChatGPT, Codex ## Platforms CLI, API, LINUX, MACOS, WINDOWS ## Pricing Open Source ## Version v0.2.1 ## Links - Website: https://clawshell.org - Documentation: https://github.com/clawshell/clawshell - Repository: https://github.com/clawshell/clawshell - EveryDev.ai: https://www.everydev.ai/tools/clawshell