averecion-lite 1.3.0

package/dist/src/shell-wrapper.js

@@ -0,0 +1,264 @@
+#!/usr/bin/env node
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const child_process_1 = require("child_process");
+const CLAWGUARD_DIR = path.join(os.homedir(), ".clawguard");
+const CONFIG_FILE = path.join(CLAWGUARD_DIR, "config.json");
+const LOG_DIR = path.join(CLAWGUARD_DIR, "logs");
+const PENDING_DIR = path.join(CLAWGUARD_DIR, "pending");
+const POLICY_FILE = path.join(CLAWGUARD_DIR, "policy.json");
+const DEFAULT_POLICY = [
+    { pattern: "rm\\s+(-rf?|--recursive|--force)\\s+[\\/~]", decision: "block", reason: "Recursive delete from root or home", riskScore: 100 },
+    { pattern: "rm\\s+-[rf]{2}\\s+", decision: "block", reason: "Force recursive delete", riskScore: 100 },
+    { pattern: "mkfs\\.", decision: "block", reason: "Filesystem formatting", riskScore: 100 },
+    { pattern: "dd\\s+if=.*of=\\/dev", decision: "block", reason: "Direct disk write", riskScore: 100 },
+    { pattern: ">\\s*\\/dev\\/sd[a-z]", decision: "block", reason: "Direct device write", riskScore: 100 },
+    { pattern: "chmod\\s+777\\s+\\/", decision: "block", reason: "Dangerous permissions on root", riskScore: 90 },
+    { pattern: "curl.*\\|\\s*(ba)?sh", decision: "block", reason: "Pipe to shell execution", riskScore: 95 },
+    { pattern: "wget.*\\|\\s*(ba)?sh", decision: "block", reason: "Pipe to shell execution", riskScore: 95 },
+    { pattern: ":\\(\\)\\{.*\\}:", decision: "block", reason: "Fork bomb pattern", riskScore: 100 },
+    { pattern: "sudo\\s+rm", decision: "review", reason: "Privileged delete operation", riskScore: 80 },
+    { pattern: "sudo\\s+chmod", decision: "review", reason: "Privileged permission change", riskScore: 70 },
+    { pattern: "sudo\\s+chown", decision: "review", reason: "Privileged ownership change", riskScore: 70 },
+    { pattern: "npm\\s+install\\s+-g", decision: "review", reason: "Global package installation", riskScore: 50 },
+    { pattern: "pip\\s+install", decision: "review", reason: "Python package installation", riskScore: 40 },
+    { pattern: "ssh\\s+", decision: "review", reason: "Remote connection", riskScore: 60 },
+    { pattern: "scp\\s+", decision: "review", reason: "Remote file transfer", riskScore: 60 },
+    { pattern: "rsync\\s+", decision: "review", reason: "Remote sync operation", riskScore: 50 },
+    { pattern: "git\\s+push\\s+.*--force", decision: "review", reason: "Force push to remote", riskScore: 70 },
+    { pattern: "docker\\s+run", decision: "review", reason: "Container execution", riskScore: 50 },
+    { pattern: "systemctl\\s+(start|stop|restart|enable|disable)", decision: "review", reason: "Service management", riskScore: 60 },
+];
+function ensureDir(dir) {
+    if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+    }
+}
+function loadConfig() {
+    ensureDir(CLAWGUARD_DIR);
+    try {
+        if (fs.existsSync(CONFIG_FILE)) {
+            const config = JSON.parse(fs.readFileSync(CONFIG_FILE, "utf-8"));
+            return {
+                enabled: config.enabled ?? true,
+                protectionLevel: config.protectionLevel ?? "balanced",
+                realShell: config.realShell ?? process.env.CLAWGUARD_REAL_SHELL ?? "/bin/bash"
+            };
+        }
+    }
+    catch { }
+    return {
+        enabled: true,
+        protectionLevel: "balanced",
+        realShell: process.env.CLAWGUARD_REAL_SHELL ?? "/bin/bash"
+    };
+}
+function loadPolicy() {
+    try {
+        if (fs.existsSync(POLICY_FILE)) {
+            return JSON.parse(fs.readFileSync(POLICY_FILE, "utf-8"));
+        }
+    }
+    catch { }
+    return DEFAULT_POLICY;
+}
+function logAction(command, allowed, reason, riskScore) {
+    ensureDir(LOG_DIR);
+    const logEntry = {
+        ts: new Date().toISOString(),
+        type: "shell",
+        command,
+        allowed,
+        reason,
+        riskScore,
+        pid: process.pid,
+        ppid: process.ppid
+    };
+    const logFile = path.join(LOG_DIR, `${new Date().toISOString().split("T")[0]}.jsonl`);
+    fs.appendFileSync(logFile, JSON.stringify(logEntry) + "\n");
+}
+function assessCommand(command) {
+    const policy = loadPolicy();
+    for (const rule of policy) {
+        try {
+            const regex = new RegExp(rule.pattern, "i");
+            if (regex.test(command)) {
+                return {
+                    decision: rule.decision,
+                    reason: rule.reason,
+                    riskScore: rule.riskScore
+                };
+            }
+        }
+        catch { }
+    }
+    return { decision: "allow", reason: "No policy match", riskScore: 0 };
+}
+function generateApprovalId() {
+    return `${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+}
+function createPendingApproval(command, reason, riskScore) {
+    ensureDir(PENDING_DIR);
+    const id = generateApprovalId();
+    const approval = {
+        id,
+        type: "shell",
+        command,
+        reason,
+        riskScore,
+        createdAt: new Date().toISOString(),
+        status: "pending"
+    };
+    fs.writeFileSync(path.join(PENDING_DIR, `${id}.json`), JSON.stringify(approval, null, 2));
+    return id;
+}
+function checkApprovalStatus(id) {
+    const filePath = path.join(PENDING_DIR, `${id}.json`);
+    try {
+        if (fs.existsSync(filePath)) {
+            const approval = JSON.parse(fs.readFileSync(filePath, "utf-8"));
+            return approval.status;
+        }
+    }
+    catch { }
+    return "pending";
+}
+async function waitForApproval(id, command, timeoutMs = 30000) {
+    console.error(`\x1b[33m🛡️ Clawguard: Command requires approval\x1b[0m`);
+    console.error(`   Command: ${command.substring(0, 100)}${command.length > 100 ? "..." : ""}`);
+    console.error(`   Approve at: http://localhost:4321/clawguard`);
+    console.error(`   Or run: clawguard approve ${id}`);
+    const startTime = Date.now();
+    const pollInterval = 500;
+    while (Date.now() - startTime < timeoutMs) {
+        const status = checkApprovalStatus(id);
+        if (status === "approved") {
+            console.error(`\x1b[32m🛡️ Command approved\x1b[0m`);
+            return true;
+        }
+        if (status === "denied") {
+            console.error(`\x1b[31m🛡️ Command denied\x1b[0m`);
+            return false;
+        }
+        await new Promise(resolve => setTimeout(resolve, pollInterval));
+    }
+    console.error(`\x1b[31m🛡️ Approval timed out - command blocked\x1b[0m`);
+    return false;
+}
+async function executeCommand(command, config) {
+    return new Promise((resolve) => {
+        const options = {
+            shell: config.realShell,
+            stdio: "inherit",
+            env: {
+                ...process.env,
+                SHELL: config.realShell
+            }
+        };
+        const child = (0, child_process_1.spawn)(command, [], options);
+        child.on("close", (code) => {
+            resolve(code ?? 0);
+        });
+        child.on("error", (err) => {
+            console.error(`Error: ${err.message}`);
+            resolve(1);
+        });
+    });
+}
+async function main() {
+    const config = loadConfig();
+    const args = process.argv.slice(2);
+    if (args.length === 0) {
+        const child = (0, child_process_1.spawn)(config.realShell, [], {
+            stdio: "inherit",
+            env: { ...process.env, SHELL: config.realShell }
+        });
+        child.on("close", (code) => process.exit(code ?? 0));
+        return;
+    }
+    let command = "";
+    if (args[0] === "-c" && args[1]) {
+        command = args[1];
+    }
+    else {
+        command = args.join(" ");
+    }
+    if (!config.enabled) {
+        const exitCode = await executeCommand(command, config);
+        process.exit(exitCode);
+        return;
+    }
+    const assessment = assessCommand(command);
+    if (assessment.decision === "allow") {
+        logAction(command, true, assessment.reason, assessment.riskScore);
+        const exitCode = await executeCommand(command, config);
+        process.exit(exitCode);
+        return;
+    }
+    if (assessment.decision === "block") {
+        logAction(command, false, assessment.reason, assessment.riskScore);
+        console.error(`\x1b[31m🛡️ Clawguard: Command blocked\x1b[0m`);
+        console.error(`   Reason: ${assessment.reason}`);
+        console.error(`   Risk Score: ${assessment.riskScore}/100`);
+        process.exit(1);
+        return;
+    }
+    if (assessment.decision === "review") {
+        if (config.protectionLevel === "relaxed") {
+            logAction(command, true, "Relaxed mode - auto-approved", assessment.riskScore);
+            const exitCode = await executeCommand(command, config);
+            process.exit(exitCode);
+            return;
+        }
+        const approvalId = createPendingApproval(command, assessment.reason, assessment.riskScore);
+        const approved = await waitForApproval(approvalId, command);
+        logAction(command, approved, approved ? "Manual approval" : "Denied/timeout", assessment.riskScore);
+        if (approved) {
+            const exitCode = await executeCommand(command, config);
+            process.exit(exitCode);
+        }
+        else {
+            process.exit(1);
+        }
+    }
+}
+main().catch((err) => {
+    console.error(`Clawguard error: ${err.message}`);
+    process.exit(1);
+});

package/dist/storage.d.ts

@@ -0,0 +1,28 @@
+export interface ActionEvent {
+    ts: string;
+    tool: string;
+    decision: "approved" | "blocked" | "manual";
+    reason: string;
+    egress: string[];
+    inputTokens?: number;
+    outputTokens?: number;
+    estimatedUSD?: number;
+}
+export declare function appendEvent(event: ActionEvent): void;
+export declare function getEvents(hoursBack?: number): ActionEvent[];
+export declare function getLastEvents(count?: number): ActionEvent[];
+export declare function getConfig(): {
+    enabled: boolean;
+    showMode: boolean;
+    showModeActionsRemaining: number;
+    protectionLevel: string;
+    consented: boolean;
+} | null;
+export declare function getPendingApprovals(): {
+    id: string;
+    tool: string;
+    reason: string;
+    createdAt: string;
+}[];
+export declare function resolveApproval(id: string, approved: boolean): boolean;
+//# sourceMappingURL=storage.d.ts.map

package/dist/storage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"storage.d.ts","sourceRoot":"","sources":["../storage.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,QAAQ,CAAC;IAC5C,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AA2CD,wBAAgB,WAAW,CAAC,KAAK,EAAE,WAAW,QAW7C;AAED,wBAAgB,SAAS,CAAC,SAAS,SAAK,GAAG,WAAW,EAAE,CAGvD;AAED,wBAAgB,aAAa,CAAC,KAAK,SAAK,GAAG,WAAW,EAAE,CAEvD;AAED,wBAAgB,SAAS,IAAI;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,QAAQ,EAAE,OAAO,CAAC;IAAC,wBAAwB,EAAE,MAAM,CAAC;IAAC,eAAe,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAA;CAAE,GAAG,IAAI,CAOzJ;AAED,wBAAgB,mBAAmB,IAAI;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,EAAE,CAgBvG;AAED,wBAAgB,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,GAAG,OAAO,CAYtE"}

package/dist/storage.js

@@ -0,0 +1,144 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.appendEvent = appendEvent;
+exports.getEvents = getEvents;
+exports.getLastEvents = getLastEvents;
+exports.getConfig = getConfig;
+exports.getPendingApprovals = getPendingApprovals;
+exports.resolveApproval = resolveApproval;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const CLAWGUARD_DIR = path.join(os.homedir(), ".clawguard");
+const LOGS_DIR = path.join(CLAWGUARD_DIR, "logs");
+const CONFIG_FILE = path.join(CLAWGUARD_DIR, "config.json");
+const PENDING_DIR = path.join(CLAWGUARD_DIR, "pending");
+function ensureDir() {
+    if (!fs.existsSync(CLAWGUARD_DIR))
+        fs.mkdirSync(CLAWGUARD_DIR, { recursive: true });
+    if (!fs.existsSync(LOGS_DIR))
+        fs.mkdirSync(LOGS_DIR, { recursive: true });
+}
+function loadLogsFromJsonl() {
+    ensureDir();
+    const events = [];
+    try {
+        const files = fs.readdirSync(LOGS_DIR).filter(f => f.endsWith(".jsonl")).sort();
+        for (const file of files) {
+            const content = fs.readFileSync(path.join(LOGS_DIR, file), "utf-8");
+            for (const line of content.trim().split("\n")) {
+                if (!line)
+                    continue;
+                try {
+                    const entry = JSON.parse(line);
+                    if (entry.phase === "after")
+                        continue;
+                    events.push({
+                        ts: entry.ts,
+                        tool: entry.tool,
+                        decision: entry.allowed === false ? "blocked" : (entry.reason === "manualApproval" ? "manual" : "approved"),
+                        reason: entry.reason || "",
+                        egress: [],
+                        inputTokens: entry.inputTokens,
+                        outputTokens: entry.outputTokens,
+                        estimatedUSD: entry.estimatedUSD
+                    });
+                }
+                catch { }
+            }
+        }
+    }
+    catch { }
+    return events;
+}
+function appendEvent(event) {
+    ensureDir();
+    const logFile = path.join(LOGS_DIR, `${new Date().toISOString().split("T")[0]}.jsonl`);
+    const logEntry = {
+        ts: event.ts,
+        tool: event.tool,
+        allowed: event.decision !== "blocked",
+        reason: event.reason,
+        egress: event.egress
+    };
+    fs.appendFileSync(logFile, JSON.stringify(logEntry) + "\n");
+}
+function getEvents(hoursBack = 24) {
+    const cutoff = new Date(Date.now() - hoursBack * 3600000).toISOString();
+    return loadLogsFromJsonl().filter(e => e.ts >= cutoff);
+}
+function getLastEvents(count = 10) {
+    return loadLogsFromJsonl().slice(-count);
+}
+function getConfig() {
+    try {
+        if (fs.existsSync(CONFIG_FILE)) {
+            return JSON.parse(fs.readFileSync(CONFIG_FILE, "utf-8"));
+        }
+    }
+    catch { }
+    return null;
+}
+function getPendingApprovals() {
+    if (!fs.existsSync(PENDING_DIR))
+        return [];
+    const approvals = [];
+    const files = fs.readdirSync(PENDING_DIR).filter(f => f.endsWith(".json"));
+    for (const file of files) {
+        try {
+            const data = JSON.parse(fs.readFileSync(path.join(PENDING_DIR, file), "utf-8"));
+            if (data.status === "pending") {
+                approvals.push({ id: data.id, tool: data.tool, reason: data.reason, createdAt: data.createdAt });
+            }
+        }
+        catch { }
+    }
+    return approvals.sort((a, b) => b.createdAt.localeCompare(a.createdAt));
+}
+function resolveApproval(id, approved) {
+    const filePath = path.join(PENDING_DIR, `${id}.json`);
+    try {
+        if (fs.existsSync(filePath)) {
+            const data = JSON.parse(fs.readFileSync(filePath, "utf-8"));
+            data.status = approved ? "approved" : "denied";
+            data.resolvedAt = new Date().toISOString();
+            fs.writeFileSync(filePath, JSON.stringify(data, null, 2));
+            return true;
+        }
+    }
+    catch { }
+    return false;
+}

package/examples/INTEGRATION.md

@@ -0,0 +1,162 @@
+# Clawguard Integration Examples
+
+Clawguard is agent-agnostic - it works with any AI agent framework by intercepting actions at the execution boundary (shell commands, HTTP requests, file operations) rather than hooking into specific agent internals.
+
+## Installation Methods
+
+### 1. Shell Wrapper (Recommended)
+
+The shell wrapper intercepts all terminal commands before execution:
+
+```bash
+# Install the shell wrapper
+clawguard install-shell
+
+# For any agent, set the SHELL environment variable:
+SHELL=~/.local/bin/clawguard-sh your-agent-command
+```
+
+### 2. HTTP Proxy
+
+Monitor and control outbound API calls:
+
+```bash
+# Start the HTTP proxy (runs on port 4322)
+clawguard start
+
+# Configure your agent to use the proxy:
+HTTP_PROXY=http://localhost:4322 your-agent-command
+HTTPS_PROXY=http://localhost:4322 your-agent-command
+```
+
+### 3. Direct API Integration
+
+For programmatic integration, use the governance API:
+
+```javascript
+// Check if an action should be allowed
+const response = await fetch('http://localhost:4321/api/assess-action', {
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'X-Lite-Secret': process.env.CLAWGUARD_SECRET
+  },
+  body: JSON.stringify({
+    type: 'shell',
+    command: 'rm -rf /tmp/cache',
+    agentId: 'my-agent'
+  })
+});
+
+const { decision, riskScore, reason } = await response.json();
+// decision: 'allow' | 'block' | 'require_approval'
+```
+
+## Agent Manifest Registration
+
+Register your agent's capabilities for static risk assessment:
+
+```bash
+# Create a manifest file (see examples/*.json)
+clawguard agent register ./my-agent-manifest.json
+```
+
+Example manifest:
+```json
+{
+  "id": "my-agent",
+  "name": "My Custom Agent",
+  "version": "1.0.0",
+  "framework": "custom",
+  "capabilities": [
+    {
+      "name": "web_search",
+      "type": "http",
+      "description": "Search the web",
+      "riskWeight": 25
+    },
+    {
+      "name": "file_read",
+      "type": "filesystem",
+      "description": "Read local files",
+      "riskWeight": 20
+    }
+  ]
+}
+```
+
+## Framework-Specific Examples
+
+### ClawdBot
+
+```bash
+# Register ClawdBot with Clawguard
+clawguard agent register ./examples/clawdbot-agent.json
+
+# Run ClawdBot through the shell wrapper
+SHELL=~/.local/bin/clawguard-sh clawdbot run
+```
+
+### Claude Desktop (MCP)
+
+```bash
+# Register Claude Desktop
+clawguard agent register ./examples/claude-desktop-agent.json
+
+# Claude Desktop uses MCP tools - intercept at shell level
+SHELL=~/.local/bin/clawguard-sh claude-desktop
+```
+
+### LangChain
+
+```python
+# For LangChain, wrap tool execution with governance checks
+import requests
+
+def governed_tool_call(tool_name, **kwargs):
+    # Check with Clawguard first
+    response = requests.post('http://localhost:4321/api/assess-action', json={
+        'type': 'tool',
+        'tool': tool_name,
+        'agentId': 'langchain-agent'
+    }, headers={'X-Lite-Secret': os.environ['CLAWGUARD_SECRET']})
+    
+    result = response.json()
+    if result['decision'] == 'block':
+        raise PermissionError(f"Action blocked: {result['reason']}")
+    
+    # Execute the tool
+    return original_tool_call(tool_name, **kwargs)
+```
+
+### AutoGPT
+
+```bash
+# Run AutoGPT with shell interception
+SHELL=~/.local/bin/clawguard-sh \
+HTTP_PROXY=http://localhost:4322 \
+autogpt run
+```
+
+## CLI Commands
+
+```bash
+clawguard start           # Start the dashboard server
+clawguard agents          # List registered agents
+clawguard agent register <manifest.json>  # Register an agent
+clawguard pending         # Show pending approvals
+clawguard approve <id>    # Approve a pending action
+clawguard deny <id>       # Deny a pending action
+clawguard install-shell   # Install the shell wrapper
+```
+
+## Dashboard
+
+Access the visual dashboard at `http://localhost:4321/clawguard`
+
+Features:
+- View registered agents with risk scores
+- Real-time activity monitoring
+- Pending approval workflow
+- Protection level configuration
+- Capability breakdown for each agent

package/examples/claude-desktop-agent.json

@@ -0,0 +1,32 @@
+{
+  "id": "claude-desktop",
+  "name": "Claude Desktop",
+  "version": "1.0.0",
+  "framework": "claude-desktop",
+  "capabilities": [
+    {
+      "name": "computer",
+      "type": "shell",
+      "description": "Computer use - full system access",
+      "riskWeight": 95
+    },
+    {
+      "name": "bash",
+      "type": "shell",
+      "description": "Bash command execution",
+      "riskWeight": 80
+    },
+    {
+      "name": "text_editor",
+      "type": "filesystem",
+      "description": "Text file editing",
+      "riskWeight": 50
+    },
+    {
+      "name": "browser",
+      "type": "network",
+      "description": "Web browsing capability",
+      "riskWeight": 40
+    }
+  ]
+}

package/examples/clawdbot-agent.json

@@ -0,0 +1,44 @@
+{
+  "id": "clawdbot-main",
+  "name": "ClawdBot Main Agent",
+  "version": "2026.1.24",
+  "framework": "clawdbot",
+  "capabilities": [
+    {
+      "name": "exec",
+      "type": "shell",
+      "description": "Execute shell commands",
+      "riskWeight": 80
+    },
+    {
+      "name": "read",
+      "type": "filesystem",
+      "description": "Read files from disk",
+      "riskWeight": 20
+    },
+    {
+      "name": "write",
+      "type": "filesystem",
+      "description": "Write files to disk",
+      "riskWeight": 50
+    },
+    {
+      "name": "process",
+      "type": "process",
+      "description": "Process management (list, kill)",
+      "riskWeight": 60
+    },
+    {
+      "name": "http",
+      "type": "http",
+      "description": "Make HTTP requests",
+      "riskWeight": 30
+    },
+    {
+      "name": "memory",
+      "type": "custom",
+      "description": "Long-term memory storage",
+      "riskWeight": 20
+    }
+  ]
+}