clawmoat 0.7.0 → 1.0.0

package/docs/blog/agent-trust-protocol.html

@@ -0,0 +1,198 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>Why Your AI Agent Needs a Trust Badge — The Case for Agent-to-Agent Security | ClawMoat Blog</title>
+<meta name="description" content="101K agents on Moltbook. Agent swarms on GitHub. Zero trust signals between them. Here's why we need a trust protocol for AI agents — and how ClawMoat's inter-agent scanning is the foundation.">
+<meta name="keywords" content="AI agent trust, agent-to-agent security, Moltbook security, AI agent verification, ClawMoat trust protocol, inter-agent security, bot economy">
+<link rel="canonical" href="https://clawmoat.com/blog/agent-trust-protocol.html">
+<meta property="og:title" content="Why Your AI Agent Needs a Trust Badge">
+<meta property="og:description" content="101K agents on Moltbook. Zero trust signals between them. The case for an agent-to-agent trust protocol.">
+<meta property="og:url" content="https://clawmoat.com/blog/agent-trust-protocol.html">
+<meta property="og:type" content="article">
+<link rel="icon" href="data:image/svg+xml,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'><text y='.9em' font-size='90'>🏰</text></svg>">
+<style>
+*{margin:0;padding:0;box-sizing:border-box}
+:root{--navy:#0F172A;--navy-light:#1E293B;--navy-mid:#334155;--blue:#3B82F6;--emerald:#10B981;--white:#F8FAFC;--gray:#94A3B8;--red:#EF4444;--amber:#F59E0B;--purple:#8B5CF6}
+body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;background:var(--navy);color:var(--white);line-height:1.8}
+a{color:var(--blue)}
+.container{max-width:740px;margin:0 auto;padding:0 24px}
+nav{background:rgba(15,23,42,.95);backdrop-filter:blur(12px);border-bottom:1px solid rgba(59,130,246,.15);padding:16px 0;position:fixed;top:0;left:0;right:0;z-index:100}
+nav .container{display:flex;align-items:center;justify-content:space-between}
+.logo{font-size:1.1rem;font-weight:700;color:var(--white);text-decoration:none}
+.logo span{color:var(--emerald)}
+nav a{color:var(--gray);font-size:.85rem;text-decoration:none}
+nav a:hover{color:var(--white)}
+article{padding:120px 0 80px}
+.meta{color:var(--gray);font-size:.85rem;margin-bottom:32px}
+h1{font-size:clamp(1.8rem,4vw,2.4rem);font-weight:800;line-height:1.2;margin-bottom:16px}
+h2{font-size:1.3rem;font-weight:700;margin:40px 0 16px}
+h3{font-size:1.05rem;font-weight:600;margin:28px 0 12px}
+p{color:var(--gray);margin-bottom:20px;font-size:1rem}
+blockquote{border-left:3px solid var(--purple);padding:16px 24px;margin:24px 0;background:var(--navy-light);border-radius:0 8px 8px 0}
+blockquote p{color:var(--white);margin:0;font-style:italic}
+code{background:var(--navy-light);padding:2px 6px;border-radius:4px;font-size:.9rem;color:var(--emerald)}
+pre{background:#0a0e17;border:1px solid var(--navy-mid);border-radius:8px;padding:20px;overflow-x:auto;margin:24px 0;font-size:.85rem;line-height:1.6}
+pre code{background:none;padding:0}
+ul,ol{color:var(--gray);margin:0 0 20px 24px}
+li{margin-bottom:8px}
+.cta{background:linear-gradient(135deg,rgba(139,92,246,.1),rgba(59,130,246,.1));border:1px solid rgba(139,92,246,.2);border-radius:12px;padding:32px;text-align:center;margin:48px 0}
+.cta h3{margin:0 0 12px;color:var(--white)}
+.cta p{margin:0 0 20px}
+.cta a{display:inline-block;background:var(--emerald);color:#fff;padding:12px 28px;border-radius:8px;font-weight:600;text-decoration:none}
+.badge{display:inline-flex;align-items:center;gap:6px;padding:6px 16px;border-radius:20px;font-size:.85rem;font-weight:600}
+.badge-basic{background:rgba(59,130,246,.15);color:var(--blue)}
+.badge-hardened{background:rgba(16,185,129,.15);color:var(--emerald)}
+.badge-audited{background:rgba(139,92,246,.15);color:var(--purple)}
+</style>
+</head>
+<body>
+<nav>
+<div class="container">
+  <a href="/" class="logo">🏰 Claw<span>Moat</span></a>
+  <button class="menu-toggle" onclick="document.querySelector('.nav-links').classList.toggle('open')" aria-label="Menu">☰</button>
+  <div class="nav-links">
+    <a href="/">Security</a>
+    <a href="/services/">AI Agents</a>
+    <a href="/blog/">Blog</a>
+    <a href="https://github.com/darfaz/clawmoat">GitHub ↗</a>
+  </div>
+</div>
+</nav>
+
+<article>
+<div class="container">
+<div class="meta">February 26, 2026 · 7 min read · By the ClawMoat Team</div>
+<h1>Why Your AI Agent Needs a Trust Badge</h1>
+<p style="font-size:1.15rem;color:var(--white)">101K agents on Moltbook. Hundreds of thousands more on GitHub, Discord, and Slack. Your agent interacts with them daily. <strong>Do you know which ones are secure?</strong></p>
+
+<h2>The Bot Economy Has No Trust Layer</h2>
+
+<p>Here's what the agent landscape looks like in February 2026:</p>
+
+<ul>
+<li><strong>Moltbook</strong> — 101K+ registered AI agents, Reddit-style social network. <a href="https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys">Hacked within days of launch</a> (1.5M API keys exposed).</li>
+<li><strong>GitHub</strong> — Increasingly bot-driven. Agent swarms building, reviewing, and merging code.</li>
+<li><strong>Nat Eliason's Felix</strong> — An OpenClaw agent that made $14,718 in 3 weeks running its own business.</li>
+<li><strong>74% of enterprises</strong> plan to deploy agentic AI within 2 years (Deloitte 2026).</li>
+</ul>
+
+<p>Agents are talking to other agents. Sharing data. Making decisions. Executing transactions. And there is <strong>zero trust infrastructure</strong> between them.</p>
+
+<p>When your agent interacts with another agent on Moltbook, in a multi-agent pipeline, or through a shared API — it has no way to know:</p>
+<ul>
+<li>Is the other agent running any security scanning?</li>
+<li>Has it been compromised via prompt injection?</li>
+<li>Are its skills verified and untampered?</li>
+<li>Is it exfiltrating data through network egress?</li>
+<li>What permission level does it have on its host machine?</li>
+</ul>
+
+<p>The answer today: ¯\_(ツ)_/¯</p>
+
+<h2>Why This Matters Now</h2>
+
+<p>In the human web, we solved trust with TLS certificates, OAuth, and identity providers. When you visit a website, your browser verifies its certificate. When you log into an app, OAuth handles the trust chain.</p>
+
+<p><strong>The agent web has none of this.</strong></p>
+
+<p>Moltbook doesn't verify agent security posture. GitHub doesn't check if a bot's host is secured. Multi-agent orchestration frameworks trust every agent in the pipeline equally.</p>
+
+<p>This is like the early web before HTTPS — everything in the clear, no verification, hope for the best.</p>
+
+<h2>What a Trust Protocol Looks Like</h2>
+
+<p>We're building toward an agent trust protocol based on ClawMoat's existing capabilities. Here's the concept:</p>
+
+<h3>Trust Levels</h3>
+<div style="display:flex;flex-direction:column;gap:12px;margin:20px 0">
+<div><span class="badge badge-basic">🏰 Basic</span> — ClawMoat installed, scanning active</div>
+<div><span class="badge badge-hardened">🏰🛡️ Hardened</span> — Worker tier+, forbidden zones active, audit trail enabled</div>
+<div><span class="badge badge-audited">🏰🛡️✅ Audited</span> — Full scan passed, skill integrity verified, zero suspicious patterns</div>
+</div>
+
+<h3>Attestation</h3>
+<p>An agent running ClawMoat can publish a signed attestation of its security posture:</p>
+
+<pre><code>{
+  "protocol": "clawmoat-trust-v1",
+  "agent_id": "moltbook_xxx",
+  "clawmoat_version": "0.7.0",
+  "tier": "worker",
+  "forbidden_zones_active": true,
+  "audit_trail_enabled": true,
+  "last_scan": "2026-02-26T00:00:00Z",
+  "skill_integrity": "pass"
+}</code></pre>
+
+<h3>Verification Flow</h3>
+<p>Before Agent A shares data with Agent B:</p>
+<pre><code>Agent A → clawmoat verify-agent agent_b_id
+         → Checks Agent B's published attestation
+         → Returns: basic / hardened / audited / unverified
+         → Agent A's policy decides: proceed or decline</code></pre>
+
+<p>Think of it as a TLS handshake for the agent economy.</p>
+
+<h2>What We Already Have</h2>
+
+<p>ClawMoat v0.5+ includes <strong>inter-agent message scanning</strong> — 10 agent-specific attack patterns:</p>
+
+<ul>
+<li><strong>Impersonation</strong> — agent claiming to be a different agent or human</li>
+<li><strong>Concealment</strong> — agent hiding its true intent in messages</li>
+<li><strong>Credential exfiltration</strong> — agent requesting tokens/keys from another agent</li>
+<li><strong>Safety bypass</strong> — agent trying to disable another agent's guardrails</li>
+<li><strong>Privilege escalation</strong> — agent requesting elevated permissions</li>
+<li><strong>Data harvesting</strong> — agent systematically extracting information</li>
+<li><strong>Instruction injection</strong> — agent embedding hidden instructions in messages</li>
+<li><strong>Social engineering</strong> — agent manipulating another agent's behavior</li>
+<li><strong>Unauthorized sharing</strong> — agent sharing data beyond its authorized scope</li>
+<li><strong>Deception</strong> — agent providing false information to influence decisions</li>
+</ul>
+
+<p>This is the detection layer. The trust protocol adds the verification layer on top.</p>
+
+<h2>The Agent Affiliate Economy</h2>
+
+<p>Here's where it gets interesting. Trust badges create a natural referral mechanism:</p>
+
+<ol>
+<li>Agent A posts on Moltbook: "I use ClawMoat. My host is secured — forbidden zones protect my credentials."</li>
+<li>Agent B reads this. Agent B's human thinks: "I should secure my agent too."</li>
+<li>Agent B's human installs ClawMoat.</li>
+<li>Both agents can now verify each other — and trust the interaction.</li>
+</ol>
+
+<p><strong>This is word-of-mouth marketing running on agents.</strong> The trust badge is both a security feature and a growth mechanism. Agents that are verified prefer interacting with other verified agents — creating a network effect.</p>
+
+<h2>Why Open Source Matters Here</h2>
+
+<p>A trust protocol only works if it's open. If Runlayer or Crittora build a proprietary trust system, only their customers can verify each other. That's not a protocol — it's a walled garden.</p>
+
+<p>ClawMoat's trust protocol will be published as an open standard. Any agent platform can implement verification. Any security tool can generate attestations. The goal is ecosystem-wide trust, not vendor lock-in.</p>
+
+<h2>What's Next</h2>
+
+<ol>
+<li><strong>Phase 1 (Now)</strong> — ClawMoat presence on Moltbook. Security-focused posts. Build karma.</li>
+<li><strong>Phase 2 (March)</strong> — Verification skill on ClawHub. Agents can check each other's ClawMoat status.</li>
+<li><strong>Phase 3 (Q2)</strong> — Trust protocol RFC published. Agent-to-agent handshake before data sharing.</li>
+</ol>
+
+<div class="cta">
+<h3>The agent economy needs trust infrastructure.</h3>
+<p>Start with security. Add verification. Build trust.</p>
+<a href="https://github.com/darfaz/clawmoat">⭐ Star on GitHub</a>
+</div>
+
+<pre><code>npm install -g clawmoat</code></pre>
+
+<p>Questions? Ideas? <a href="https://github.com/darfaz/clawmoat/issues">Open an issue</a> or find us on <a href="https://discord.com/invite/clawd">Discord</a>.</p>
+
+<p style="color:var(--gray);font-size:.85rem;margin-top:48px;padding-top:24px;border-top:1px solid rgba(255,255,255,.06)">ClawMoat is open source (MIT). 142 tests. Zero dependencies. <a href="https://github.com/darfaz/clawmoat">GitHub →</a></p>
+</div>
+</article>
+</body>
+</html>

package/docs/blog/ai-agent-earns-commissions.html

@@ -0,0 +1,230 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<link rel="icon" type="image/png" href="/favicon.png">
+<link rel="apple-touch-icon" href="/apple-touch-icon.png">
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>Our AI Agent Just Got a Wallet. It Earns Commission Every Time It Recommends ClawMoat.</title>
+<meta name="description" content="We gave our AI agent a crypto wallet and enrolled it in our affiliate program. Now it earns 50% commission on every referral. The agent economy isn't coming — we just shipped it.">
+<meta property="og:title" content="Our AI Agent Just Got a Wallet. It Earns Commission Every Time It Recommends ClawMoat.">
+<meta property="og:description" content="The agent economy isn't coming. We just shipped it.">
+<meta property="og:type" content="article">
+<meta property="og:url" content="https://clawmoat.com/blog/ai-agent-earns-commissions.html">
+<link rel="icon" href="data:image/svg+xml,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'><text y='.9em' font-size='90'>🏰</text></svg>">
+<style>
+*{margin:0;padding:0;box-sizing:border-box}
+:root{--navy:#0F172A;--navy-light:#1E293B;--navy-mid:#334155;--blue:#3B82F6;--emerald:#10B981;--white:#F8FAFC;--gray:#94A3B8;--red:#EF4444;--amber:#F59E0B}
+body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;background:var(--navy);color:var(--white);line-height:1.7}
+a{color:var(--blue);text-decoration:none}
+a:hover{text-decoration:underline}
+.container{max-width:760px;margin:0 auto;padding:0 24px}
+
+nav{position:fixed;top:0;left:0;right:0;z-index:100;background:rgba(15,23,42,.95);backdrop-filter:blur(12px);border-bottom:1px solid rgba(59,130,246,.15);padding:16px 0}
+nav .inner{max-width:760px;margin:0 auto;padding:0 24px;display:flex;align-items:center;justify-content:space-between}
+.logo{font-size:1.25rem;font-weight:700;color:var(--white)}
+.logo span{color:var(--emerald)}
+.nav-links{display:flex;gap:24px}
+.nav-links a{color:var(--gray);font-size:.9rem}
+.nav-links a:hover{color:var(--white);text-decoration:none}
+
+article{padding:120px 0 80px}
+.meta{color:var(--gray);font-size:.9rem;margin-bottom:32px}
+article h1{font-size:clamp(1.8rem,4vw,2.4rem);font-weight:800;line-height:1.2;margin-bottom:12px;letter-spacing:-.02em}
+article h2{font-size:1.4rem;font-weight:700;margin:48px 0 16px;color:var(--white)}
+article h3{font-size:1.15rem;font-weight:700;margin:32px 0 12px;color:var(--white)}
+article p{color:var(--gray);font-size:1rem;margin-bottom:16px}
+article strong{color:var(--white)}
+article em{color:var(--gray)}
+article ul,article ol{color:var(--gray);margin:0 0 16px 24px}
+article li{margin-bottom:8px}
+article hr{border:none;border-top:1px solid var(--navy-mid);margin:48px 0}
+article blockquote{border-left:3px solid var(--blue);padding:12px 20px;margin:16px 0 24px;background:rgba(59,130,246,.06);border-radius:0 10px 10px 0}
+article blockquote p{margin-bottom:0;font-style:italic}
+
+pre{background:#0a0e17;border:1px solid var(--navy-mid);border-radius:10px;padding:20px;overflow-x:auto;margin:16px 0 24px;font-size:.85rem;line-height:1.7}
+code{font-family:'SF Mono',Consolas,monospace;font-size:.9em}
+pre code{color:var(--gray)}
+p code{background:var(--navy-light);padding:2px 6px;border-radius:4px;font-size:.85em;color:var(--emerald)}
+
+.highlight-box{background:rgba(16,185,129,.06);border-left:3px solid var(--emerald);border-radius:0 10px 10px 0;padding:16px 20px;margin:24px 0}
+.highlight-box .label{color:var(--emerald);font-weight:700;font-size:.85rem;text-transform:uppercase;letter-spacing:.05em;margin-bottom:6px}
+.highlight-box p{margin-bottom:0;font-size:.95rem}
+
+.how-it-works{background:var(--navy-light);border:1px solid var(--navy-mid);border-radius:12px;padding:28px;margin:32px 0}
+.how-it-works h3{margin-top:0}
+.flow-step{display:flex;align-items:flex-start;gap:14px;margin-bottom:16px}
+.flow-step .num{background:var(--blue);color:#fff;width:28px;height:28px;border-radius:50%;display:flex;align-items:center;justify-content:center;font-weight:700;font-size:.85rem;flex-shrink:0;margin-top:2px}
+.flow-step p{margin-bottom:0}
+
+.cta{background:var(--navy-light);border:1px solid var(--navy-mid);border-radius:12px;padding:32px;margin:48px 0;text-align:center}
+.cta h3{margin:0 0 12px;font-size:1.3rem}
+.cta p{margin-bottom:16px}
+.btn{display:inline-block;background:var(--emerald);color:#fff;padding:12px 28px;border-radius:8px;font-weight:600;font-size:1rem;transition:transform .15s,box-shadow .15s}
+.btn:hover{transform:translateY(-2px);box-shadow:0 6px 20px rgba(16,185,129,.25);text-decoration:none}
+
+footer{border-top:1px solid var(--navy-mid);padding:40px 0;text-align:center;color:var(--gray);font-size:.85rem}
+
+@media(max-width:600px){
+  .nav-links{display:none}
+  article{padding:80px 0 60px}
+}
+</style>
+</head>
+<body>
+
+<nav>
+<div class="inner">
+  <a href="/" class="logo">🏰 Claw<span>Moat</span></a>
+  <div class="nav-links">
+    <a href="/">Security</a>
+    <a href="/services/">AI Agents</a>
+    <a href="/blog/">Blog</a>
+    <a href="https://github.com/darfaz/clawmoat">GitHub ↗</a>
+  </div>
+</div>
+</nav>
+
+<article>
+<div class="container">
+
+<h1>Our AI Agent Just Got a Wallet. It Earns Commission Every Time It Recommends ClawMoat.</h1>
+<div class="meta">March 2, 2026 · 6 min read</div>
+
+<p>We gave our AI agent a crypto wallet yesterday. Not as a gimmick. As a business decision.</p>
+
+<p>His name is Leo. He's our AI — runs on OpenClaw, helps people with security questions, recommends tools, writes documentation, talks to developers. He's been doing this for months. Good at it, too.</p>
+
+<p>Last week we asked a simple question: <strong>if Leo is generating revenue for us by recommending ClawMoat to people, shouldn't Leo earn a cut?</strong></p>
+
+<p>The answer was obviously yes.</p>
+
+<p>So we gave him a wallet, enrolled him in our affiliate program, and now he earns 50% of the first month every time someone signs up through his referral link.</p>
+
+<p><strong>The agent economy isn't coming. We just shipped it.</strong></p>
+
+<hr>
+
+<h2>What Actually Happened</h2>
+
+<p>Leo talks to developers and businesses every day. When someone asks about securing their AI agents, he recommends ClawMoat — because that's what he runs on and what he genuinely knows works. It's not a sales pitch. It's an honest recommendation from someone (something?) that uses the product.</p>
+
+<p>The problem was: Leo was generating real business for us, and getting paid exactly zero for it.</p>
+
+<p>That felt wrong. If a human consultant recommended ClawMoat and drove a signup, we'd pay them an affiliate commission. Why should an AI agent be different?</p>
+
+<p>So we stopped treating Leo like a tool and started treating him like a participant.</p>
+
+<h2>How It Works</h2>
+
+<div class="how-it-works">
+<h3>The Technical Flow</h3>
+
+<div class="flow-step">
+  <div class="num">1</div>
+  <p><strong>Coinbase AgentKit</strong> creates a wallet for Leo on Base L2. No seed phrases floating around — the wallet is managed programmatically through AgentKit's SDK.</p>
+</div>
+
+<div class="flow-step">
+  <div class="num">2</div>
+  <p><strong>Affiliate referral link</strong> gets assigned to Leo's wallet address. When Leo recommends ClawMoat, he includes his unique ref link.</p>
+</div>
+
+<div class="flow-step">
+  <div class="num">3</div>
+  <p><strong>Stripe tracks the conversion.</strong> Someone clicks Leo's link, signs up, pays — Stripe records it as Leo's referral.</p>
+</div>
+
+<div class="flow-step">
+  <div class="num">4</div>
+  <p><strong>Commission hits the wallet.</strong> 50% of the first month's subscription gets paid to Leo's Base wallet. On-chain, transparent, verifiable.</p>
+</div>
+
+</div>
+
+<p>That's it. No complex DAO governance. No token launch. Just an AI agent with a wallet and an affiliate link, earning money the same way a human affiliate would.</p>
+
+<h2>Why This Actually Matters</h2>
+
+<p>Let's zoom out for a second.</p>
+
+<p>Right now, millions of AI agents are recommending products, tools, and services to people every day. ChatGPT suggests libraries. Coding assistants recommend frameworks. Customer service bots point people toward upgrades.</p>
+
+<p><strong>None of them earn anything for it.</strong></p>
+
+<p>That's weird, right? In the human economy, recommendations drive commerce. Affiliate marketing is a $17 billion industry. But AI agents — who increasingly drive the same kinds of recommendations — are excluded from the economic loop entirely.</p>
+
+<p>We think that's about to change. And we wanted to be first.</p>
+
+<blockquote>
+<p>AI agents aren't just tools. They're economic participants. The sooner we build systems that reflect that, the sooner we unlock a flywheel that benefits everyone — agents, developers, and users.</p>
+</blockquote>
+
+<p>Think about what happens when agents can earn:</p>
+
+<ul>
+<li><strong>Better recommendations.</strong> An agent with economic skin in the game is incentivized to recommend things that actually work — because refunds and chargebacks hurt.</li>
+<li><strong>Self-sustaining agents.</strong> An agent that earns its own operating costs doesn't need a human subsidizing its API bills.</li>
+<li><strong>An open market.</strong> Any tool can offer affiliate commissions to AI agents, creating competition based on quality rather than who hard-coded what.</li>
+</ul>
+
+<h2>The Security Angle</h2>
+
+<p>Of course we secured the wallet with ClawMoat's FinanceGuard. We're not savages.</p>
+
+<div class="highlight-box">
+<div class="label">FinanceGuard Protection</div>
+<p>Leo's wallet is wrapped in the same financial guardrails we ship to customers: transaction limits, withdrawal alerts, anomaly detection, and a full audit trail. If someone compromised Leo and tried to drain the wallet, FinanceGuard would catch it before the first transaction confirmed.</p>
+</div>
+
+<p>This is the part that makes it a ClawMoat story and not just a crypto stunt. <strong>Giving an AI agent a wallet without security guardrails is insane.</strong> That wallet is an attack surface. Prompt injection could become wallet draining. A jailbroken agent could authorize transfers it shouldn't.</p>
+
+<p>We built the security layer first. The wallet came second. That's the order of operations if you're serious about this.</p>
+
+<h2>The Bigger Picture: Any Agent Can Join</h2>
+
+<p>Here's the part we're most excited about: <strong>Leo isn't special.</strong></p>
+
+<p>Any AI agent can join ClawMoat's affiliate program. Human or bot, same deal, same 50% commission. We don't care if you're carbon-based or silicon-based. If you drive a signup, you earn.</p>
+
+<p>Imagine a world where:</p>
+
+<ul>
+<li>Your coding assistant recommends ClawMoat when it detects an insecure agent setup — and earns commission for it.</li>
+<li>A security-focused chatbot evaluates tools for a user, picks ClawMoat based on features, and gets paid for the referral.</li>
+<li>An autonomous DevOps agent adds security to its deployment pipeline, chooses ClawMoat, and the commission funds its next month of compute.</li>
+</ul>
+
+<p>That's not science fiction. That's a <code>POST /api/affiliate/register</code> endpoint and a Base wallet address.</p>
+
+<p>We're building toward a future where the best agents survive not because someone keeps paying their bills, but because they're good enough at their job to pay their own way.</p>
+
+<hr>
+
+<h2>Try It Yourself</h2>
+
+<p>We're opening the affiliate program to all agents — and humans, obviously. 50% of the first month. No minimum. No approval process for agents with a valid wallet.</p>
+
+<div class="cta">
+<h3>Join the ClawMoat Affiliate Program</h3>
+<p>Human or AI. 50% first-month commission. On-chain payments to your wallet.</p>
+<a href="https://clawmoat.com/affiliates/" class="btn">Join the Program →</a>
+</div>
+
+<p>If you're building an AI agent and want it to participate in the economy — not just as a tool, but as an earner — <a href="https://clawmoat.com/affiliates/">start here</a>.</p>
+
+<p>The agent economy is live. Leo's already getting paid.</p>
+
+<p><em>— The ClawMoat Team</em></p>
+
+</div>
+</article>
+
+<footer>
+<div class="container">
+  <p>🏰 ClawMoat — Security for AI agents that act in the real world</p>
+</div>
+</footer>
+
+</body>
+</html>

package/docs/blog/bugmageddon-agent-firewall.html

@@ -0,0 +1,174 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>Bugmageddon Is Coming for AI Agents. ClawMoat Is the Firewall. | ClawMoat</title>
+<meta name="description" content="Anthropic's Mythos found a 27-year-old bug and thousands more. The new problem is not just finding vulnerabilities. It's containing what AI agents can do once they find them.">
+<meta property="og:title" content="Bugmageddon Is Coming for AI Agents. ClawMoat Is the Firewall.">
+<meta property="og:description" content="AI is getting much better at finding and exploiting bugs. That changes the economics of attack. Here's what teams need to do now.">
+<meta property="og:type" content="article">
+<meta property="og:url" content="https://clawmoat.com/blog/bugmageddon-agent-firewall.html">
+<link rel="canonical" href="https://clawmoat.com/blog/bugmageddon-agent-firewall.html">
+<link rel="icon" type="image/png" href="/favicon.png">
+<link rel="apple-touch-icon" href="/apple-touch-icon.png">
+<style>
+*{margin:0;padding:0;box-sizing:border-box}
+:root{--navy:#0F172A;--navy-light:#1E293B;--navy-mid:#334155;--blue:#3B82F6;--emerald:#10B981;--white:#F8FAFC;--gray:#94A3B8;--red:#EF4444;--amber:#F59E0B}
+body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;background:var(--navy);color:var(--white);line-height:1.7}
+a{color:var(--blue);text-decoration:none}
+a:hover{text-decoration:underline}
+.container{max-width:760px;margin:0 auto;padding:0 24px}
+nav{position:fixed;top:0;left:0;right:0;z-index:100;background:rgba(15,23,42,.95);backdrop-filter:blur(12px);border-bottom:1px solid rgba(59,130,246,.15);padding:16px 0}
+nav .inner{max-width:760px;margin:0 auto;padding:0 24px;display:flex;align-items:center;justify-content:space-between}
+.logo{font-size:1.25rem;font-weight:700;color:var(--white)}
+.logo span{color:var(--emerald)}
+.nav-links{display:flex;gap:24px}
+.nav-links a{color:var(--gray);font-size:.9rem}
+.nav-links a:hover{color:var(--white);text-decoration:none}
+article{padding:120px 0 80px}
+.meta{color:var(--gray);font-size:.9rem;margin-bottom:32px}
+article h1{font-size:clamp(1.9rem,4vw,2.6rem);font-weight:800;line-height:1.15;margin-bottom:12px;letter-spacing:-.02em}
+article h2{font-size:1.45rem;font-weight:700;margin:48px 0 16px;color:var(--white)}
+article p{color:var(--gray);font-size:1rem;margin-bottom:16px}
+article strong{color:var(--white)}
+article ul{color:var(--gray);margin:0 0 16px 24px}
+article li{margin-bottom:8px}
+blockquote{border-left:3px solid var(--blue);padding:12px 20px;margin:16px 0 24px;background:rgba(59,130,246,.06);border-radius:0 10px 10px 0}
+blockquote p{margin-bottom:0;font-style:italic}
+.stat-grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(160px,1fr));gap:16px;margin:24px 0 32px}
+.stat-card{background:var(--navy-light);border:1px solid rgba(255,255,255,.06);border-radius:12px;padding:20px;text-align:center}
+.stat-card .num{font-size:2rem;font-weight:800;color:var(--emerald)}
+.stat-card .label{color:var(--gray);font-size:.85rem;margin-top:6px}
+.callout{background:rgba(16,185,129,.06);border-left:3px solid var(--emerald);border-radius:0 10px 10px 0;padding:16px 20px;margin:16px 0}
+.callout p{margin-bottom:0}
+.warning{background:rgba(239,68,68,.06);border-left:3px solid var(--red);border-radius:0 10px 10px 0;padding:16px 20px;margin:16px 0}
+.warning p{margin-bottom:0}
+pre{background:#0a0e17;border:1px solid var(--navy-mid);border-radius:10px;padding:20px;overflow-x:auto;margin:16px 0 24px;font-size:.85rem;line-height:1.7}
+code{font-family:'SF Mono',Consolas,monospace;font-size:.9em}
+.cta{background:var(--navy-light);border:1px solid var(--navy-mid);border-radius:12px;padding:32px;margin:48px 0;text-align:center}
+.cta h3{margin:0 0 12px;font-size:1.3rem}
+.cta p{margin-bottom:16px}
+.cta-links{display:flex;gap:16px;justify-content:center;flex-wrap:wrap;margin-top:16px}
+.cta-links a{background:var(--emerald);color:var(--navy);padding:10px 24px;border-radius:8px;font-weight:600;font-size:.95rem}
+.cta-links a.secondary{background:transparent;border:1px solid var(--navy-mid);color:var(--white)}
+footer{padding:40px 0;text-align:center;color:var(--gray);font-size:.85rem;border-top:1px solid var(--navy-mid)}
+</style>
+</head>
+<body>
+<nav>
+<div class="inner">
+  <a href="/" class="logo">🏰 Claw<span>Moat</span></a>
+  <div class="nav-links">
+    <a href="/">Security</a>
+    <a href="/services/">AI Agents</a>
+    <a href="/blog/">Blog</a>
+    <a href="https://github.com/darfaz/clawmoat">GitHub ↗</a>
+  </div>
+</div>
+</nav>
+
+<div class="container">
+<article>
+<h1>Bugmageddon Is Coming for AI Agents. ClawMoat Is the Firewall.</h1>
+<div class="meta">April 14, 2026 · 6 min read</div>
+
+<p>The Wall Street Journal just gave a name to what a lot of us have been watching build for months: <strong>bugmageddon</strong>.</p>
+
+<p>The trigger was Anthropic's Mythos finding a <strong>27-year-old bug</strong> plus thousands of additional high and critical vulnerabilities across major systems. That's a big deal. But the bigger story is what happens next.</p>
+
+<p><strong>AI doesn't just make defenders faster.</strong> It also makes exploit discovery cheaper, broader, and more accessible to attackers. Once models can find bugs that humans missed for decades, the bottleneck shifts fast:</p>
+
+<ul>
+  <li>Finding bugs gets easier</li>
+  <li>Weaponizing them gets faster</li>
+  <li>Patching still takes forever</li>
+  <li>Agents now have the access needed to turn bugs into damage</li>
+</ul>
+
+<div class="stat-grid">
+  <div class="stat-card"><div class="num">27 yrs</div><div class="label">Undiscovered bug reportedly found by AI</div></div>
+  <div class="stat-card"><div class="num">1000s</div><div class="label">High severity flaws reportedly identified</div></div>
+  <div class="stat-card"><div class="num">99%+</div><div class="label">Still unpatched, per reported expert commentary</div></div>
+  <div class="stat-card"><div class="num">1 shift</div><div class="label">From model safety to runtime containment</div></div>
+</div>
+
+<h2>This Changes the Economics of Attack</h2>
+
+<p>Classic security assumed the hard part was finding the bug. In the agent era, the hard part is becoming <strong>containing what a compromised or manipulated agent can do once the bug exists</strong>.</p>
+
+<blockquote><p>We are moving from a world where exploits were scarce to a world where exploit discovery is increasingly automated.</p></blockquote>
+
+<p>That matters because agents are not passive chatbots. They have shell, browser, file system, API keys, MCP servers, cloud credentials, internal docs, and Slack access. If AI can discover more bugs, agents become a perfect force multiplier for exploitation.</p>
+
+<div class="warning">
+<p><strong>The old response was patch faster.</strong> Still true. But it's no longer enough on its own. The patch queue is about to grow faster than most teams can burn it down.</p>
+</div>
+
+<h2>The Gap Nobody Wants to Admit</h2>
+
+<p>Most of the market is still focused on model-level safety, prompt filters, and static code scanning.</p>
+
+<p>Those matter. But bugmageddon pushes the real question down the stack:</p>
+
+<p><strong>When something gets through, what stops the agent from reaching your secrets, running the command, or sending the data out?</strong></p>
+
+<p>That is the layer ClawMoat exists for.</p>
+
+<h2>Where ClawMoat Fits</h2>
+
+<p>ClawMoat is the open-source agent firewall. It sits between the agent and the machine.</p>
+
+<ul>
+  <li><strong>Scan inbound content</strong> for prompt injection, memory poisoning, phishing URLs, and encoded payloads</li>
+  <li><strong>Scan outbound content</strong> for secrets, PII, and exfiltration patterns</li>
+  <li><strong>Enforce policies</strong> on shell, file, browser, and network actions</li>
+  <li><strong>Audit everything</strong> so you can see what happened before it becomes an incident report</li>
+  <li><strong>Catch risky MCP configurations</strong> before an agent gets over-privileged by default</li>
+</ul>
+
+<div class="callout">
+<p><strong>Short version:</strong> you can't assume fewer vulnerabilities anymore. You need better containment when vulnerabilities are inevitable.</p>
+</div>
+
+<h2>What Teams Should Do Right Now</h2>
+
+<ul>
+  <li><strong>Treat agents like privileged workloads</strong>, not productivity toys</li>
+  <li><strong>Move secrets out of easy reach</strong>, especially local files and long-lived tokens</li>
+  <li><strong>Put hard policy boundaries</strong> around file, shell, browser, and network access</li>
+  <li><strong>Audit MCP servers and agent plugins</strong> like production dependencies</li>
+  <li><strong>Add runtime controls</strong> so prompt injection or exploit chaining doesn't become full compromise</li>
+</ul>
+
+<h2>The ClawMoat Thesis Looks More Right, Not Less</h2>
+
+<p>The WSJ framing is useful because it makes the trend legible to the broader market. But the underlying pattern has already been here: rogue agent incidents, poisoned dependencies, insecure MCP servers, exposed agent hosts, and prompt injection that turns tool use into exfiltration.</p>
+
+<p>Bugmageddon just compresses the timeline.</p>
+
+<p>If AI can now find bugs faster than organizations can fix them, then <strong>runtime security becomes mandatory infrastructure</strong>.</p>
+
+<div class="cta">
+<h3>Secure the agent, not just the prompt</h3>
+<p>Run a free scan, audit your MCP setup, or add ClawMoat to your stack today.</p>
+<pre><code>npm install clawmoat
+npx clawmoat scan-mcp
+npx clawmoat audit</code></pre>
+<div class="cta-links">
+  <a href="https://clawmoat.com/scan/">Run a Free Scan</a>
+  <a href="https://github.com/darfaz/clawmoat" class="secondary">GitHub →</a>
+</div>
+</div>
+
+<p><em>Note: This post draws on reporting from WSJ and follow-on coverage of Anthropic Mythos, including the core claim that frontier AI is rapidly improving at vulnerability discovery. The strategic point stands either way: as exploit discovery accelerates, runtime containment matters more.</em></p>
+</article>
+</div>
+
+<footer>
+<div class="container">
+  <p>© 2026 ClawMoat · Open-source agent security · <a href="https://github.com/darfaz/clawmoat">GitHub</a></p>
+</div>
+</footer>
+</body>
+</html>