Security

Running an agent is not for the faint of heart. Our goal is to help you and your agent stay safe and secure. To that end, we've implemented several key security features into Clawzempic.

Five Security Components

1

Injection Detection

Multi-layer detection identifies prompt injection attempts in tool results and user content. Suspicious content is flagged and warnings are prepended before reaching the LLM.

2

Prompt Extraction Protection

Per-request canary tokens detect attempts to extract your system prompt. If a leak is detected, the sensitive content is automatically redacted from the response.

3

Tool Call Blocking

Outbound tool calls from the LLM are inspected against a pattern library covering 5 attack categories. Dangerous operations (remote code execution, destructive commands, data exfiltration) are blocked before reaching your agent.

4

Credential Redaction

API keys, tokens, SSH keys, connection strings, and high-entropy secrets are automatically detected and redacted from both inbound and outbound content. Your credentials never leak through the LLM.

5

Runtime Pattern Library

New attack patterns can be added without redeployment. The pattern library is extensible at runtime, keeping protection current as new threats emerge.

Data Privacy

Clawzempic processes your requests to route them to the right model, scan for security threats, and track usage for your insights dashboard. We store metadata like token counts, cost, and model decisions, not your full conversations. Your provider key is encrypted at rest. We don't sell your data and we don't use it to train models.

For the full details, see our Privacy Policy.