Show HN: ClawShield – Open-source firewall for agent-to-agent AI communication
Joe_DNAI Wednesday, February 18, 2026Hi HN!
I built ClawShield after discovering 40,214 OpenClaw instances exposed with critical CVE-2026-25253 (CVSS 8.8).
The problem: AI agents communicate with each other at scale, but there's NO firewall between them. A compromised agent can inject prompts, exfiltrate data, and hijack WebSocket sessions.
ClawShield sits between agents and blocks: - Prompt injection (16+ patterns) - Malicious skills/plugins (AST + sandbox) - Credential leaks (regex + entropy) - Unauthorized agent-to-agent comms - WebSocket hijacking
Built it last night. 181 tests. Production-ready. Open source (AGPL-3.0).
GitHub: https://github.com/DEFNOISE-AI/ClawShield Demo: [coming soon]
Compatible with OpenClaw, AutoGPT, or any agent protocol.
Free tier for personal use, paid for teams/enterprise.
Would love your feedback!