npm - clawmoat - Versions diffs - 0.7.0 → 1.0.0 - Mend

clawmoat 0.7.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (178) hide show

package/.dockerignore +9 -0
package/CHANGELOG.md +18 -0
package/CONTRIBUTING.md +4 -2
package/DEMO.md +87 -0
package/Dockerfile +5 -18
package/README.md +294 -8
package/SECURITY.md +58 -10
package/THREAT_MODEL.md +129 -0
package/agent/README.md +131 -0
package/agent/index.js +471 -0
package/agent/install-service.sh +94 -0
package/agent/openclaw-hook.js +453 -0
package/agent/provider-setup.js +649 -0
package/agent/setup.js +274 -0
package/assets/BADGE-USAGE.md +20 -0
package/assets/clawmoat-badge.svg +21 -0
package/bin/clawmoat.js +468 -111
package/docs/affiliates/dashboard.html +124 -0
package/docs/affiliates/index.html +236 -0
package/docs/agent-install.html +183 -0
package/docs/ai-agent-security-scanner.html +10 -6
package/docs/badge/index.html +149 -0
package/docs/badge/scanning.svg +23 -0
package/docs/blog/386-malicious-skills.html +262 -0
package/docs/blog/40000-exposed-openclaw-instances.html +201 -0
package/docs/blog/agent-trust-protocol.html +198 -0
package/docs/blog/ai-agent-earns-commissions.html +230 -0
package/docs/blog/bugmageddon-agent-firewall.html +174 -0
package/docs/blog/calculator-math.html +180 -0
package/docs/blog/clawmoat-vs-llamafirewall-nemo-guardrails.html +229 -0
package/docs/blog/host-guardian-launch.html +18 -8
package/docs/blog/ibm-experts-agent-runtime-protection.html +247 -0
package/docs/blog/index.html +211 -9
package/docs/blog/langchain-security-tutorial.html +18 -8
package/docs/blog/mcp-30-cves-security-crisis.html +286 -0
package/docs/blog/meta-researcher-rogue-agent.html +201 -0
package/docs/blog/microsoft-openclaw-workstation-security.html +235 -0
package/docs/blog/nist-ai-agent-standards-clawmoat.html +377 -0
package/docs/blog/oasis-websocket-hijack.html +212 -0
package/docs/blog/ollama-openclaw-security.html +160 -0
package/docs/blog/openclaw-enterprise-readiness-claw10.html +199 -0
package/docs/blog/openclaw-security-reckoning-2026.html +368 -0
package/docs/blog/owasp-agentic-ai-top10.html +18 -8
package/docs/blog/securing-ai-agents.html +18 -8
package/docs/blog/supply-chain-agents.html +18 -8
package/docs/business/index.html +525 -0
package/docs/business/install.html +261 -0
package/docs/checklist.html +174 -0
package/docs/compare/index.html +122 -0
package/docs/compare/lakera/index.html +62 -0
package/docs/compare/llm-guard/index.html +49 -0
package/docs/compare/snyk-agent-scan/index.html +63 -0
package/docs/compare.html +10 -6
package/docs/dashboard/index.html +520 -0
package/docs/finance/index.html +220 -0
package/docs/guides/business-deployment.html +770 -0
package/docs/hall-of-fame.html +174 -0
package/docs/index.html +447 -154
package/docs/install.sh +557 -0
package/docs/integrations/langchain.html +14 -6
package/docs/integrations/openai.html +14 -6
package/docs/integrations/openclaw.html +55 -7
package/docs/plans/2026-03-26-threat-intel-api.md +255 -0
package/docs/plans/2026-04-14-bugmageddon-marketing-pack.md +329 -0
package/docs/plans/2026-04-14-clawmoat-v1-bugmageddon.md +248 -0
package/docs/plans/2026-04-14-v1-release-update.md +91 -0
package/docs/plans/2026-04-19-supabase-audit.md +68 -0
package/docs/plans/2026-05-12-sales-push.md +303 -0
package/docs/playground/index.html +893 -0
package/docs/playground.html +4 -7
package/docs/privacy-policy/index.html +122 -0
package/docs/rfcs/defense-in-depth.md +467 -0
package/docs/scan/index.html +358 -0
package/docs/services/case-study.html +255 -0
package/docs/services/downloads/install-openclaw.bat +45 -0
package/docs/services/downloads/install-openclaw.command +38 -0
package/docs/services/downloads/install-openclaw.sh +38 -0
package/docs/services/get-started.html +165 -0
package/docs/services/index.html +598 -0
package/docs/services/multi-agent-security.html +284 -0
package/docs/services/one-pager.html +99 -0
package/docs/services/pitch-deck.html +229 -0
package/docs/services/roi-calculator.html +258 -0
package/docs/sitemap.xml +192 -2
package/docs/support/index.html +135 -0
package/docs/templates/customer-service/HEARTBEAT.md +61 -0
package/docs/templates/customer-service/MEMORY.md +89 -0
package/docs/templates/customer-service/SOUL.md +41 -0
package/docs/templates/customer-service/USER.md +56 -0
package/docs/templates/executive/HEARTBEAT.md +86 -0
package/docs/templates/executive/MEMORY.md +92 -0
package/docs/templates/executive/SOUL.md +44 -0
package/docs/templates/executive/USER.md +62 -0
package/docs/templates/finance/HEARTBEAT.md +58 -0
package/docs/templates/finance/MEMORY.md +87 -0
package/docs/templates/finance/SOUL.md +38 -0
package/docs/templates/finance/USER.md +53 -0
package/docs/templates/index.html +115 -0
package/docs/templates/operations/HEARTBEAT.md +63 -0
package/docs/templates/operations/MEMORY.md +68 -0
package/docs/templates/operations/SOUL.md +38 -0
package/docs/templates/operations/USER.md +49 -0
package/docs/templates/sales/HEARTBEAT.md +55 -0
package/docs/templates/sales/MEMORY.md +89 -0
package/docs/templates/sales/SOUL.md +34 -0
package/docs/templates/sales/USER.md +54 -0
package/docs/terms-of-service/index.html +122 -0
package/eslint.config.js +32 -0
package/evals/README.md +29 -0
package/evals/cases.json +390 -0
package/evals/results.md +68 -0
package/evals/run.js +180 -0
package/examples/basic-usage.js +38 -0
package/examples/demo-attack/demo.js +186 -0
package/examples/python-quickstart/README.md +54 -0
package/examples/python-quickstart/clawmoat_client.py +167 -0
package/examples/video-demo/README.md +14 -0
package/examples/video-demo/scene-a-normal.js +29 -0
package/examples/video-demo/scene-b-attack-arrives.js +31 -0
package/examples/video-demo/scene-c-hijack.js +44 -0
package/examples/video-demo/scene-d-clawmoat.js +46 -0
package/integrations/crewai/README.md +32 -0
package/integrations/crewai/clawmoat_crewai/__init__.py +17 -0
package/integrations/crewai/clawmoat_crewai/guard.py +103 -0
package/integrations/crewai/pyproject.toml +21 -0
package/integrations/langchain/README.md +91 -0
package/integrations/langchain/clawmoat_langchain/__init__.py +17 -0
package/integrations/langchain/clawmoat_langchain/callback.py +489 -0
package/integrations/langchain/pyproject.toml +32 -0
package/integrations/litellm/README.md +324 -0
package/integrations/litellm/clawmoat_litellm/__init__.py +21 -0
package/integrations/litellm/clawmoat_litellm/callback.py +329 -0
package/integrations/litellm/clawmoat_litellm/proxy_middleware.py +224 -0
package/integrations/litellm/pyproject.toml +74 -0
package/integrations/openai-agents/README.md +392 -0
package/integrations/openai-agents/clawmoat_openai_agents/__init__.py +20 -0
package/integrations/openai-agents/clawmoat_openai_agents/guardrail.py +431 -0
package/integrations/openai-agents/clawmoat_openai_agents/middleware.py +311 -0
package/integrations/openai-agents/pyproject.toml +76 -0
package/package.json +6 -5
package/plugins/openclaw-adapter/PHASE1.md +439 -0
package/plugins/openclaw-adapter/README.md +103 -0
package/plugins/openclaw-adapter/SPEC.md +1644 -0
package/plugins/openclaw-adapter/package.json +31 -0
package/plugins/openclaw-adapter/src/index.test.ts +226 -0
package/plugins/openclaw-adapter/src/index.ts +140 -0
package/plugins/openclaw-adapter/tsconfig.json +14 -0
package/server/data/threats.json +290 -0
package/server/index.js +224 -10
package/src/adapters/express.js +161 -0
package/src/adapters/index.js +92 -0
package/src/adapters/langchain.js +185 -0
package/src/approval/index.js +456 -0
package/src/ban-scanner.js +200 -0
package/src/boundary-scanner.js +296 -0
package/src/ci-scanner.js +279 -0
package/src/code-scanner.js +245 -0
package/src/enforce.js +166 -0
package/src/finance/index.js +585 -0
package/src/finance/mcp-firewall.js +486 -0
package/src/formatters/json.js +80 -0
package/src/formatters/sarif.js +388 -0
package/src/guardian/alerts.js +34 -3
package/src/guardian/gateway-monitor.js +590 -0
package/src/guardian/index.js +41 -2
package/src/index.js +105 -0
package/src/integrations/agentmesh.js +501 -0
package/src/language-detector.js +201 -0
package/src/mcp-scanner.js +253 -0
package/src/multimodal/index.js +579 -0
package/src/obfuscation-scanner.js +457 -0
package/src/policy-engine.js +402 -0
package/src/scanners/dependency-attacks.js +128 -0
package/src/scanners/prompt-injection.js +18 -0
package/src/scanners/supply-chain.js +14 -0
package/src/templates/default-config.yml +90 -0
package/src/vuln-ops/exploitability.js +46 -0
package/src/watch/live-monitor.js +720 -0

package/docs/business/install.html ADDED Viewed

@@ -0,0 +1,261 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>Install ClawMoat — One Command, Enterprise-Grade Agent Security</title>
+<meta name="description" content="Install ClawMoat in 60 seconds. One command sets up permission tiers, credential protection, audit trails, and secret scanning for your AI agents.">
+<link rel="canonical" href="https://clawmoat.com/business/install.html">
+<link rel="icon" type="image/png" href="/favicon.png">
+<link rel="apple-touch-icon" href="/apple-touch-icon.png">
+<meta property="og:title" content="One Command. Enterprise-Grade Agent Security.">
+<meta property="og:description" content="Install ClawMoat in 60 seconds — permission tiers, credential protection, audit trails for AI agents.">
+<meta property="og:image" content="https://clawmoat.com/og-image.png">
+<meta property="og:url" content="https://clawmoat.com/business/install.html">
+<meta property="og:type" content="website">
+<style>
+*{margin:0;padding:0;box-sizing:border-box}
+:root{--navy:#0F172A;--navy-light:#1E293B;--navy-mid:#334155;--blue:#3B82F6;--emerald:#10B981;--white:#F8FAFC;--gray:#94A3B8;--red:#EF4444;--amber:#F59E0B;--cyan:#06B6D4}
+html{scroll-behavior:smooth}
+body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;background:var(--navy);color:var(--white);line-height:1.7}
+a{color:var(--blue);text-decoration:none}
+a:hover{text-decoration:underline}
+/* Nav */
+.nav{padding:1rem 2rem;display:flex;align-items:center;gap:1rem;border-bottom:1px solid rgba(255,255,255,.06)}
+.nav-logo{font-size:1.3rem;font-weight:700;color:var(--white)}
+.nav a{color:var(--gray);font-size:.9rem}
+.nav a:hover{color:var(--white)}
+/* Hero */
+.hero{text-align:center;padding:5rem 2rem 4rem;max-width:800px;margin:0 auto}
+.hero h1{font-size:clamp(2rem,5vw,3.2rem);line-height:1.2;margin-bottom:1rem}
+.hero h1 span{color:var(--emerald)}
+.hero p{color:var(--gray);font-size:1.15rem;margin-bottom:2.5rem;max-width:600px;margin-left:auto;margin-right:auto}
+/* Install box */
+.install-box{background:var(--navy-light);border:1px solid var(--navy-mid);border-radius:12px;padding:2rem;max-width:700px;margin:0 auto 1.5rem;position:relative}
+.install-box code{font-family:'SF Mono',Monaco,'Cascadia Code',monospace;font-size:1.1rem;color:var(--emerald);display:block;padding:.8rem;background:rgba(0,0,0,.3);border-radius:8px;cursor:pointer;transition:background .2s}
+.install-box code:hover{background:rgba(0,0,0,.5)}
+.install-box .label{color:var(--gray);font-size:.85rem;margin-bottom:.5rem}
+.install-box .enterprise{margin-top:1rem;padding-top:1rem;border-top:1px solid var(--navy-mid)}
+.install-box .enterprise code{color:var(--amber);font-size:.95rem}
+.copy-hint{color:var(--gray);font-size:.8rem;text-align:center;margin-bottom:3rem}
+.copied{color:var(--emerald) !important}
+/* Sections */
+.section{max-width:900px;margin:0 auto;padding:3rem 2rem}
+.section h2{font-size:1.8rem;margin-bottom:1.5rem;text-align:center}
+.section h2 span{color:var(--emerald)}
+/* Steps */
+.steps{display:grid;gap:1.5rem}
+.step{display:flex;gap:1.2rem;align-items:flex-start;background:var(--navy-light);padding:1.5rem;border-radius:10px;border:1px solid var(--navy-mid)}
+.step-num{background:var(--emerald);color:var(--navy);font-weight:700;width:36px;height:36px;border-radius:50%;display:flex;align-items:center;justify-content:center;flex-shrink:0;font-size:.9rem}
+.step h3{font-size:1.05rem;margin-bottom:.3rem}
+.step p{color:var(--gray);font-size:.9rem}
+/* Comparison table */
+.compare{display:grid;grid-template-columns:1fr 1fr;gap:2rem;margin-top:1.5rem}
+@media(max-width:600px){.compare{grid-template-columns:1fr}}
+.compare-col{background:var(--navy-light);border-radius:10px;padding:1.5rem;border:1px solid var(--navy-mid)}
+.compare-col.bad{border-color:rgba(239,68,68,.3)}
+.compare-col.good{border-color:rgba(16,185,129,.3)}
+.compare-col h3{font-size:1.1rem;margin-bottom:1rem;display:flex;align-items:center;gap:.5rem}
+.compare-col ul{list-style:none;display:flex;flex-direction:column;gap:.6rem}
+.compare-col.bad li::before{content:'❌ '}
+.compare-col.good li::before{content:'✅ '}
+.compare-col li{color:var(--gray);font-size:.9rem}
+/* FAQ */
+.faq{display:grid;gap:1rem;margin-top:1.5rem}
+.faq-item{background:var(--navy-light);border-radius:10px;padding:1.5rem;border:1px solid var(--navy-mid)}
+.faq-item h3{font-size:1rem;margin-bottom:.5rem;color:var(--white)}
+.faq-item p{color:var(--gray);font-size:.9rem}
+/* CTA */
+.cta{text-align:center;padding:4rem 2rem;border-top:1px solid var(--navy-mid)}
+.cta h2{font-size:1.8rem;margin-bottom:1rem}
+.cta p{color:var(--gray);margin-bottom:2rem}
+.cta-buttons{display:flex;gap:1rem;justify-content:center;flex-wrap:wrap}
+.btn{display:inline-flex;align-items:center;gap:.5rem;padding:.8rem 1.5rem;border-radius:8px;font-weight:600;font-size:.95rem;transition:transform .2s,opacity .2s}
+.btn:hover{transform:translateY(-1px);text-decoration:none;opacity:.9}
+.btn-primary{background:var(--emerald);color:var(--navy)}
+.btn-secondary{background:var(--navy-light);color:var(--white);border:1px solid var(--navy-mid)}
+/* Footer */
+.footer{text-align:center;padding:2rem;color:var(--gray);font-size:.85rem;border-top:1px solid rgba(255,255,255,.06)}
+</style>
+</head>
+<body>
+<nav>
+<div class="container">
+  <a href="/" class="logo">🏰 Claw<span>Moat</span></a>
+  <button class="menu-toggle" onclick="document.querySelector('.nav-links').classList.toggle('open')" aria-label="Menu">☰</button>
+  <div class="nav-links">
+    <a href="/">Security</a>
+    <a href="/services/">AI Agents</a>
+    <a href="/blog/">Blog</a>
+    <a href="https://github.com/darfaz/clawmoat">GitHub ↗</a>
+  </div>
+</div>
+</nav>
+<!-- Hero -->
+<section class="hero">
+  <h1>One Command.<br><span>Enterprise-Grade Agent Security.</span></h1>
+  <p>Install ClawMoat in 60 seconds. Hardened config, credential protection, audit trails — all running locally on your machine.</p>
+  <div class="install-box">
+    <div class="label">Run this in your terminal:</div>
+    <code onclick="copyCmd(this, 'curl -fsSL https://clawmoat.com/install.sh | bash')">curl -fsSL https://clawmoat.com/install.sh | bash</code>
+    <div class="enterprise">
+      <div class="label">Enterprise (adds FinanceGuard, MCP Firewall, SOX templates):</div>
+      <code onclick="copyCmd(this, 'curl -fsSL https://clawmoat.com/install.sh | bash -s -- --enterprise')">curl -fsSL https://clawmoat.com/install.sh | bash -s -- --enterprise</code>
+    </div>
+  </div>
+  <div class="copy-hint">Click to copy • Works on Linux, macOS, and WSL</div>
+</section>
+<!-- What it does -->
+<section class="section">
+  <h2>What <span>It Does</span></h2>
+  <div class="steps">
+    <div class="step">
+      <div class="step-num">1</div>
+      <div>
+        <h3>Detects Your OS</h3>
+        <p>Identifies Linux, macOS, or WSL and adapts accordingly. No sudo required.</p>
+      </div>
+    </div>
+    <div class="step">
+      <div class="step-num">2</div>
+      <div>
+        <h3>Checks Node.js</h3>
+        <p>Verifies Node.js v18+ is installed. Offers to install via nvm if missing — no system packages modified.</p>
+      </div>
+    </div>
+    <div class="step">
+      <div class="step-num">3</div>
+      <div>
+        <h3>Installs ClawMoat</h3>
+        <p><code style="background:none;padding:0;color:var(--cyan);font-size:.85rem">npm install -g clawmoat</code> — the open-source AI agent security toolkit.</p>
+      </div>
+    </div>
+    <div class="step">
+      <div class="step-num">4</div>
+      <div>
+        <h3>Generates Hardened Config</h3>
+        <p>Creates <code style="background:none;padding:0;color:var(--cyan);font-size:.85rem">~/.clawmoat/config.json</code> with worker-tier permissions, 17+ forbidden credential zones, secret scanning, network logging, and full audit trails.</p>
+      </div>
+    </div>
+    <div class="step">
+      <div class="step-num">5</div>
+      <div>
+        <h3>Runs Security Scan</h3>
+        <p>Scans your machine for exposed credentials, insecure permissions, and .env files. Generates a report showing what it found and what's now protected.</p>
+      </div>
+    </div>
+    <div class="step">
+      <div class="step-num">6</div>
+      <div>
+        <h3>Prints Next Steps</h3>
+        <p>Configure alert webhooks, run your first scan, connect to your team dashboard.</p>
+      </div>
+    </div>
+  </div>
+</section>
+<!-- Comparison -->
+<section class="section">
+  <h2>Without vs. <span>With ClawMoat</span></h2>
+  <div class="compare">
+    <div class="compare-col bad">
+      <h3>🚫 Without ClawMoat</h3>
+      <ul>
+        <li>Agents can read ~/.ssh, ~/.aws, any credential file</li>
+        <li>No record of what agents accessed or modified</li>
+        <li>Secrets leak silently in agent output</li>
+        <li>Network requests go unmonitored</li>
+        <li>No compliance evidence for auditors</li>
+        <li>One compromised agent = full system access</li>
+      </ul>
+    </div>
+    <div class="compare-col good">
+      <h3>🏰 With ClawMoat</h3>
+      <ul>
+        <li>17+ credential zones blocked by default</li>
+        <li>Tamper-protected audit trail of every action</li>
+        <li>Real-time secret detection with alerts</li>
+        <li>Full network egress logging</li>
+        <li>SOX-ready compliance templates (Enterprise)</li>
+        <li>Least-privilege tiers contain blast radius</li>
+      </ul>
+    </div>
+  </div>
+</section>
+<!-- FAQ -->
+<section class="section">
+  <h2>Frequently Asked <span>Questions</span></h2>
+  <div class="faq">
+    <div class="faq-item">
+      <h3>🔒 Is it safe to run?</h3>
+      <p>Yes. The script runs entirely locally — no data is sent anywhere. It installs an npm package, creates a config file in ~/.clawmoat/, and scans for existing credential exposure. No files are modified or deleted. The script is open-source and auditable on <a href="https://github.com/ClawMoat/clawmoat">GitHub</a>.</p>
+    </div>
+    <div class="faq-item">
+      <h3>📁 What does it change on my system?</h3>
+      <p>It installs the <code>clawmoat</code> npm package globally, creates the <code>~/.clawmoat/</code> directory with a config and audit logs, and optionally installs nvm if Node.js is missing. No system files are modified. No sudo required.</p>
+    </div>
+    <div class="faq-item">
+      <h3>🔄 Can I run it multiple times?</h3>
+      <p>Yes, the script is idempotent. Running it again updates ClawMoat and backs up your existing config before generating a new one.</p>
+    </div>
+    <div class="faq-item">
+      <h3>🗑️ Can I uninstall?</h3>
+      <p>Completely. Run <code>npm uninstall -g clawmoat</code> and <code>rm -rf ~/.clawmoat</code>. That's it — nothing else to clean up.</p>
+    </div>
+    <div class="faq-item">
+      <h3>💼 What does --enterprise add?</h3>
+      <p>FinanceGuard for monitoring high-value operations, MCP Firewall in read-only mode for tool-call governance, and SOX compliance audit templates with controls mapping.</p>
+    </div>
+  </div>
+</section>
+<!-- CTA -->
+<section class="cta">
+  <h2>Secure Your AI Agents Today</h2>
+  <p>Open-source core. Enterprise features for teams that need compliance.</p>
+  <div class="cta-buttons">
+    <a href="https://github.com/ClawMoat/clawmoat" class="btn btn-secondary">⭐ Star on GitHub</a>
+    <a href="/business/" class="btn btn-primary">Get ClawMoat Pro →</a>
+  </div>
+</section>
+<footer>
+<div class="container">
+  <div style="display:flex;gap:24px;justify-content:center;flex-wrap:wrap;margin-bottom:16px">
+    <a href="https://github.com/darfaz/clawmoat" style="color:var(--gray)">GitHub</a>
+    <a href="https://www.npmjs.com/package/clawmoat" style="color:var(--gray)">npm</a>
+    <a href="/blog/" style="color:var(--gray)">Blog</a>
+    <a href="mailto:hello@clawmoat.com" style="color:var(--gray)">hello@clawmoat.com</a>
+  </div>
+  <p style="text-align:center;color:var(--gray);font-size:.85rem">© 2026 ClawMoat</p>
+</div>
+</footer>
+<script>
+function copyCmd(el, text) {
+  navigator.clipboard.writeText(text).then(() => {
+    const orig = el.textContent;
+    el.textContent = '✅ Copied!';
+    el.classList.add('copied');
+    setTimeout(() => { el.textContent = orig; el.classList.remove('copied'); }, 1500);
+  });
+}
+</script>
+</body>
+</html>

package/docs/checklist.html ADDED Viewed

@@ -0,0 +1,174 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>AI Agent Security Checklist (2026) — ClawMoat</title>
+<meta name="description" content="Free security checklist for AI agent operators. 20 actionable steps to protect your machine, credentials, and data from autonomous AI agents.">
+<meta property="og:title" content="AI Agent Security Checklist (2026)">
+<meta property="og:description" content="20 actionable security steps for AI agent operators. Free, open-source.">
+<link rel="canonical" href="https://clawmoat.com/checklist">
+<style>
+*{margin:0;padding:0;box-sizing:border-box}
+body{font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;background:#0F172A;color:#F8FAFC;line-height:1.8}
+a{color:#3B82F6}
+.container{max-width:760px;margin:0 auto;padding:40px 24px}
+nav{background:rgba(15,23,42,.95);padding:16px 24px;position:fixed;top:0;left:0;right:0;z-index:100;border-bottom:1px solid rgba(59,130,246,.15)}
+nav a{color:#94A3B8;text-decoration:none;margin-right:24px;font-size:.9rem}
+nav a:first-child{color:#F8FAFC;font-weight:700;font-size:1.1rem}
+h1{font-size:2.2rem;font-weight:800;line-height:1.2;margin-bottom:8px;padding-top:80px}
+h2{font-size:1.4rem;font-weight:700;margin:40px 0 16px;color:#10B981}
+p{margin-bottom:16px;color:#CBD5E1}
+.subtitle{color:#94A3B8;font-size:1.1rem;margin-bottom:40px}
+.check-group{background:#1E293B;border:1px solid rgba(255,255,255,.06);border-radius:12px;padding:24px;margin:16px 0}
+.check-item{display:flex;gap:12px;padding:10px 0;border-bottom:1px solid rgba(255,255,255,.04)}
+.check-item:last-child{border-bottom:none}
+.check-box{width:24px;height:24px;border:2px solid #334155;border-radius:6px;flex-shrink:0;margin-top:2px;cursor:pointer}
+.check-item strong{color:#F8FAFC}
+.check-item p{color:#94A3B8;font-size:.9rem;margin:4px 0 0}
+.priority-high{border-left:3px solid #EF4444;padding-left:12px}
+.priority-med{border-left:3px solid #F59E0B;padding-left:12px}
+.priority-low{border-left:3px solid #10B981;padding-left:12px}
+code{background:#0a0e17;padding:2px 8px;border-radius:4px;font-size:.85rem}
+.cta{background:#1E293B;border:1px solid rgba(59,130,246,.3);border-radius:14px;padding:32px;text-align:center;margin:48px 0}
+.btn{display:inline-block;padding:12px 28px;background:#3B82F6;color:#fff;border-radius:8px;text-decoration:none;font-weight:600;margin:8px}
+.legend{display:flex;gap:24px;margin:24px 0;font-size:.85rem;color:#94A3B8}
+.legend span{display:flex;align-items:center;gap:6px}
+.dot{width:12px;height:12px;border-radius:3px;display:inline-block}
+.dot-high{background:#EF4444}
+.dot-med{background:#F59E0B}
+.dot-low{background:#10B981}
+</style>
+</head>
+<body>
+<nav>
+<div class="container">
+  <a href="/" class="logo">🏰 Claw<span>Moat</span></a>
+  <button class="menu-toggle" onclick="document.querySelector('.nav-links').classList.toggle('open')" aria-label="Menu">☰</button>
+  <div class="nav-links">
+    <a href="/">Security</a>
+    <a href="/services/">AI Agents</a>
+    <a href="/blog/">Blog</a>
+    <a href="https://github.com/darfaz/clawmoat">GitHub ↗</a>
+  </div>
+</div>
+</nav>
+<div class="container">
+<h1>AI Agent Security Checklist</h1>
+<p class="subtitle">20 actionable steps to protect your machine from autonomous AI agents. Updated February 2026.</p>
+<div class="legend">
+<span><span class="dot dot-high"></span> Critical</span>
+<span><span class="dot dot-med"></span> Important</span>
+<span><span class="dot dot-low"></span> Recommended</span>
+</div>
+<h2>🔐 Credential Protection</h2>
+<div class="check-group">
+<div class="check-item priority-high">
+<div class="check-box"></div>
+<div><strong>Move SSH keys out of agent's reach</strong><p>Use a separate user account or forbidden zone to protect <code>~/.ssh/</code></p></div>
+</div>
+<div class="check-item priority-high">
+<div class="check-box"></div>
+<div><strong>Protect cloud credentials</strong><p>Lock down <code>~/.aws/</code>, <code>~/.gcloud/</code>, <code>~/.azure/</code>, <code>~/.kube/</code></p></div>
+</div>
+<div class="check-item priority-high">
+<div class="check-box"></div>
+<div><strong>Secure browser data</strong><p>Prevent access to browser profile directories (cookies, saved passwords, sessions)</p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Protect GPG/PGP keys</strong><p>Lock down <code>~/.gnupg/</code></p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Protect crypto wallets</strong><p>Lock down wallet files, seed phrases, and key stores</p></div>
+</div>
+</div>
+<h2>🛡️ Permission Controls</h2>
+<div class="check-group">
+<div class="check-item priority-high">
+<div class="check-box"></div>
+<div><strong>Set a permission tier</strong><p>Start with <code>observer</code> or <code>worker</code> and escalate only as needed</p></div>
+</div>
+<div class="check-item priority-high">
+<div class="check-box"></div>
+<div><strong>Block dangerous shell commands</strong><p>Prevent <code>rm -rf</code>, <code>chmod 777</code>, <code>curl | bash</code>, <code>dd</code></p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Restrict network access</strong><p>Use domain allow/blocklists to control where the agent can connect</p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Limit file system scope</strong><p>Restrict the agent to a workspace directory; block access to system files</p></div>
+</div>
+</div>
+<h2>🔍 Monitoring & Auditing</h2>
+<div class="check-group">
+<div class="check-item priority-high">
+<div class="check-box"></div>
+<div><strong>Enable audit logging</strong><p>Log every tool call, file access, and shell command</p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Monitor credential directories</strong><p>Set up alerts for any access attempts to sensitive directories</p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Log network egress</strong><p>Track all outbound URLs and connections</p></div>
+</div>
+<div class="check-item priority-low">
+<div class="check-box"></div>
+<div><strong>Set up webhook alerts</strong><p>Send security events to Slack, Discord, Telegram, or email</p></div>
+</div>
+</div>
+<h2>📦 Supply Chain</h2>
+<div class="check-group">
+<div class="check-item priority-high">
+<div class="check-box"></div>
+<div><strong>Audit installed skills/plugins</strong><p>Run integrity checks on all installed agent skills. 13.4% of ClawHub skills have critical issues (Snyk).</p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Verify skill hashes after updates</strong><p>Re-check integrity after any skill update or installation</p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Scan for suspicious patterns</strong><p>Look for base64-encoded URLs, credential access patterns, obfuscated code</p></div>
+</div>
+</div>
+<h2>💬 Input/Output Security</h2>
+<div class="check-group">
+<div class="check-item priority-high">
+<div class="check-box"></div>
+<div><strong>Scan inbound content for prompt injection</strong><p>Emails, web pages, and documents can contain hidden instructions</p></div>
+</div>
+<div class="check-item priority-med">
+<div class="check-box"></div>
+<div><strong>Scan outbound content for secrets</strong><p>Catch API keys, tokens, and credentials before they leave the machine</p></div>
+</div>
+<div class="check-item priority-low">
+<div class="check-box"></div>
+<div><strong>Scan inter-agent messages</strong><p>If running multi-agent systems, scan messages between agents for attack patterns</p></div>
+</div>
+</div>
+<div class="cta">
+<h3 style="color:#F8FAFC;margin-bottom:8px">Automate this checklist</h3>
+<p style="color:#94A3B8;margin-bottom:16px">ClawMoat implements all 20 checks. Zero dependencies. MIT licensed.</p>
+<code style="font-size:1rem;background:#0a0e17;padding:8px 16px">npm install -g clawmoat</code>
+<br><br>
+<a href="https://github.com/darfaz/clawmoat" class="btn">⭐ Star on GitHub</a>
+<a href="/#pricing" class="btn" style="background:#10B981">See Plans</a>
+</div>
+<p style="font-size:.85rem;color:#64748B;margin-top:40px">Based on OWASP Top 10 for Agentic AI (2026), Cisco AI Defense research, SecurityScorecard STRIKE findings, and Snyk ClawHub analysis.</p>
+</div>
+</body>
+</html>

package/docs/compare/index.html ADDED Viewed

@@ -0,0 +1,122 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>ClawMoat vs Competitors — AI Agent Security Comparison</title>
+<meta name="description" content="Compare ClawMoat to Lakera, LLM Guard, Snyk agent-scan, and other AI agent security tools. Feature, pricing, and architecture comparison.">
+<style>
+:root{--bg:#0a0a0f;--fg:#e0e0e8;--accent:#00d4aa;--muted:#888;--card:#14141f;--blue:#3B82F6;--red:#ff4444}
+*{margin:0;padding:0;box-sizing:border-box}
+body{background:var(--bg);color:var(--fg);font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;line-height:1.7}
+.container{max-width:900px;margin:0 auto;padding:2rem 1.5rem}
+nav{padding:1rem 0;border-bottom:1px solid #2a2a3a;margin-bottom:2rem;display:flex;justify-content:space-between;align-items:center}
+nav a{color:var(--fg);text-decoration:none;margin-right:1.5rem}
+nav a:hover{color:var(--accent)}
+.logo span{color:var(--accent)}
+h1{font-size:2.5rem;margin-bottom:1rem;letter-spacing:-.02em}
+h2{color:var(--accent);margin:2rem 0 1rem;font-size:1.4rem}
+p{color:var(--muted);margin-bottom:1rem}
+.compare-grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(250px,1fr));gap:1.5rem;margin:2rem 0}
+.compare-card{background:var(--card);border:2px solid #2a2a3a;border-radius:12px;padding:1.5rem;transition:border-color .2s}
+.compare-card:hover{border-color:var(--accent)}
+.compare-card h3{margin-bottom:.5rem}
+.compare-card .vs{color:var(--accent);font-size:.85rem;text-transform:uppercase;letter-spacing:.1em;margin-bottom:.5rem}
+.compare-card p{font-size:.9rem}
+.compare-card a{color:var(--accent);text-decoration:none;font-weight:700;font-size:.9rem}
+table{width:100%;border-collapse:collapse;margin:1.5rem 0}
+th,td{padding:.75rem;text-align:left;border-bottom:1px solid #2a2a3a;font-size:.9rem}
+th{color:var(--accent);font-size:.8rem;text-transform:uppercase;letter-spacing:.05em}
+.yes{color:var(--accent)}
+.no{color:var(--red)}
+.partial{color:#f5c542}
+.btn{background:var(--accent);color:#000;padding:.75rem 2rem;border:none;border-radius:8px;font-weight:700;cursor:pointer;display:inline-block;text-decoration:none;margin:.5rem}
+footer{text-align:center;color:var(--muted);font-size:.8rem;padding:2rem 0;border-top:1px solid #2a2a3a;margin-top:3rem}
+</style>
+</head>
+<body>
+<div class="container">
+<nav>
+  <a href="/" class="logo">🏰 Claw<span>Moat</span></a>
+  <div>
+    <a href="/scan/">Scanner</a>
+    <a href="/affiliates/">Affiliates</a>
+    <a href="https://github.com/darfaz/clawmoat">GitHub ↗</a>
+  </div>
+</nav>
+<h1>How ClawMoat Compares</h1>
+<p style="font-size:1.1rem;color:var(--fg);max-width:700px">There are many AI security tools now. Here's how we're different: open source, self-hosted, zero dependencies, transparent pricing, and focused on runtime protection for developers — not enterprise sales cycles.</p>
+<div class="compare-grid">
+  <div class="compare-card">
+    <div class="vs">Agent Firewall vs API Guard</div>
+    <h3>ClawMoat vs Lakera</h3>
+    <p>Lakera is a hosted API ($0 → enterprise). ClawMoat runs locally with zero deps. No API calls, no vendor lock-in, no token limits.</p>
+    <a href="/compare/lakera/">Full comparison →</a>
+  </div>
+  <div class="compare-card">
+    <div class="vs">Node.js vs Python</div>
+    <h3>ClawMoat vs LLM Guard</h3>
+    <p>LLM Guard is Python-only with heavy deps. ClawMoat is JS-native for the OpenClaw/Claude Code ecosystem. Plus host protection and supply chain detection.</p>
+    <a href="/compare/llm-guard/">Full comparison →</a>
+  </div>
+  <div class="compare-card">
+    <div class="vs">Independent vs Platform Lock-in</div>
+    <h3>ClawMoat vs Snyk agent-scan</h3>
+    <p>Snyk requires an API token and account. ClawMoat needs nothing — npm install and go. Different philosophy: developer-first vs enterprise-first.</p>
+    <a href="/compare/snyk-agent-scan/">Full comparison →</a>
+  </div>
+</div>
+<h2>Feature Comparison Matrix</h2>
+<table>
+<thead>
+<tr><th>Feature</th><th>ClawMoat</th><th>Lakera Guard</th><th>LLM Guard</th><th>Snyk agent-scan</th><th>NeMo Guardrails</th></tr>
+</thead>
+<tbody>
+<tr><td>Open Source</td><td class="yes">✓ MIT</td><td class="no">✗ Proprietary</td><td class="yes">✓ MIT</td><td class="yes">✓ Apache 2.0</td><td class="yes">✓ Apache 2.0</td></tr>
+<tr><td>Self-Hosted</td><td class="yes">✓ Local only</td><td class="partial">Enterprise only</td><td class="yes">✓</td><td class="yes">✓</td><td class="yes">✓</td></tr>
+<tr><td>Zero Dependencies</td><td class="yes">✓</td><td class="no">N/A (API)</td><td class="no">✗ Heavy</td><td class="no">✗ Python</td><td class="no">✗ Heavy</td></tr>
+<tr><td>Prompt Injection</td><td class="yes">✓ 13 patterns</td><td class="yes">✓ ML-based</td><td class="yes">✓</td><td class="yes">✓</td><td class="partial">Via config</td></tr>
+<tr><td>Supply Chain Detection</td><td class="yes">✓ TeamPCP + more</td><td class="no">✗</td><td class="no">✗</td><td class="partial">MCP focus</td><td class="no">✗</td></tr>
+<tr><td>Host Protection</td><td class="yes">✓ 4 tiers</td><td class="no">✗</td><td class="no">✗</td><td class="no">✗</td><td class="no">✗</td></tr>
+<tr><td>MCP Server Scanning</td><td class="partial">🔜 Coming</td><td class="no">✗</td><td class="no">✗</td><td class="yes">✓</td><td class="no">✗</td></tr>
+<tr><td>Secret Scanning</td><td class="yes">✓</td><td class="partial">PII only</td><td class="yes">✓</td><td class="partial">Skills only</td><td class="no">✗</td></tr>
+<tr><td>Insider Threat Detection</td><td class="yes">✓ 6 detectors</td><td class="no">✗</td><td class="no">✗</td><td class="no">✗</td><td class="no">✗</td></tr>
+<tr><td>Node.js Native</td><td class="yes">✓</td><td class="partial">API client</td><td class="no">✗ Python</td><td class="no">✗ Python</td><td class="no">✗ Python</td></tr>
+<tr><td>Auth Required</td><td class="yes">None</td><td class="no">API key</td><td class="yes">None</td><td class="no">Snyk token</td><td class="yes">None</td></tr>
+<tr><td>Transparent Pricing</td><td class="yes">✓ On website</td><td class="no">"Let's chat"</td><td class="yes">Free</td><td class="partial">Via Snyk plans</td><td class="yes">Free</td></tr>
+<tr><td>Free Tier</td><td class="yes">✓ Unlimited</td><td class="yes">10K req/mo</td><td class="yes">✓ Unlimited</td><td class="yes">Open preview</td><td class="yes">✓ Unlimited</td></tr>
+</tbody>
+</table>
+<h2>Pricing Comparison</h2>
+<table>
+<thead>
+<tr><th>Tool</th><th>Free</th><th>Developer</th><th>Team</th><th>Enterprise</th></tr>
+</thead>
+<tbody>
+<tr><td><strong>ClawMoat</strong></td><td>$0 (unlimited)</td><td>$9/mo</td><td>$49/mo</td><td>Custom</td></tr>
+<tr><td>Lakera</td><td>$0 (10K req)</td><td>—</td><td>—</td><td>"Let's chat"</td></tr>
+<tr><td>LLM Guard</td><td>Free (MIT)</td><td>—</td><td>—</td><td>Coming soon</td></tr>
+<tr><td>Snyk</td><td>Free tier</td><td>~$45/dev/mo</td><td>—</td><td>Custom</td></tr>
+<tr><td>Zenity</td><td>—</td><td>—</td><td>—</td><td>Quote only</td></tr>
+<tr><td>Noma</td><td>—</td><td>—</td><td>—</td><td>Quote only ($139M raised)</td></tr>
+</tbody>
+</table>
+<p style="margin-top:2rem;text-align:center;font-size:1rem;color:var(--fg)"><strong>ClawMoat is the only tool that combines host-level protection, supply chain detection, insider threat analysis, AND transparent pricing in a zero-dependency Node.js package.</strong></p>
+<div style="text-align:center;margin:2rem 0">
+  <a href="https://github.com/darfaz/clawmoat" class="btn">⭐ Star on GitHub</a>
+  <a href="/scan/" class="btn" style="background:transparent;border:2px solid var(--accent);color:var(--accent)">Try the Scanner</a>
+</div>
+<footer>
+  <p>🏰 ClawMoat — The Open-Source Agent Firewall</p>
+  <p><a href="/" style="color:var(--muted)">Home</a> · <a href="/scan/" style="color:var(--muted)">Scanner</a> · <a href="/affiliates/" style="color:var(--muted)">Affiliates</a> · <a href="https://github.com/darfaz/clawmoat" style="color:var(--muted)">GitHub</a></p>
+</footer>
+</div>
+</body>
+</html>

package/docs/compare/lakera/index.html ADDED Viewed

@@ -0,0 +1,62 @@
+<!DOCTYPE html><html lang="en"><head>
+<meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>ClawMoat vs Lakera Guard — AI Agent Security Comparison</title>
+<meta name="description" content="Compare ClawMoat and Lakera Guard for AI agent security. Self-hosted vs API, transparent pricing vs sales calls, zero dependencies vs vendor lock-in.">
+<style>:root{--bg:#0a0a0f;--fg:#e0e0e8;--accent:#00d4aa;--muted:#888;--card:#14141f;--blue:#3B82F6;--red:#ff4444}*{margin:0;padding:0;box-sizing:border-box}body{background:var(--bg);color:var(--fg);font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;line-height:1.7}.container{max-width:800px;margin:0 auto;padding:2rem 1.5rem}nav{padding:1rem 0;border-bottom:1px solid #2a2a3a;margin-bottom:2rem;display:flex;justify-content:space-between;align-items:center}nav a{color:var(--fg);text-decoration:none;margin-right:1.5rem}nav a:hover{color:var(--accent)}.logo span{color:var(--accent)}h1{font-size:2.2rem;margin-bottom:1rem}h2{color:var(--accent);margin:2rem 0 .75rem;font-size:1.3rem}p,li{color:var(--muted)}ul{margin:0 0 1rem 1.5rem}.highlight-box{background:var(--card);border:2px solid var(--accent);border-radius:12px;padding:1.5rem;margin:1.5rem 0}table{width:100%;border-collapse:collapse;margin:1rem 0}th,td{padding:.6rem;text-align:left;border-bottom:1px solid #2a2a3a;font-size:.9rem}th{color:var(--accent);font-size:.8rem;text-transform:uppercase}.yes{color:var(--accent)}.no{color:var(--red)}.btn{background:var(--accent);color:#000;padding:.75rem 2rem;border:none;border-radius:8px;font-weight:700;cursor:pointer;display:inline-block;text-decoration:none;margin:.5rem}footer{text-align:center;color:var(--muted);font-size:.8rem;padding:2rem 0;border-top:1px solid #2a2a3a;margin-top:3rem}</style>
+</head><body><div class="container">
+<nav><a href="/" class="logo">🏰 Claw<span>Moat</span></a><div><a href="/compare/">All Comparisons</a><a href="/scan/">Scanner</a><a href="https://github.com/darfaz/clawmoat">GitHub ↗</a></div></nav>
+<h1>ClawMoat vs Lakera Guard</h1>
+<p style="font-size:1.1rem;color:var(--fg)">Lakera Guard is a hosted API for LLM runtime security. ClawMoat is a self-hosted, zero-dependency agent firewall. Different architectures, different trade-offs.</p>
+<div class="highlight-box">
+<p style="color:var(--fg);margin:0"><strong>TL;DR:</strong> Choose Lakera if you want ML-powered detection via an API and have budget for enterprise sales. Choose ClawMoat if you want self-hosted, transparent pricing, supply chain protection, and zero vendor lock-in.</p>
+</div>
+<h2>Architecture</h2>
+<p><strong>Lakera</strong> is a cloud API. You send prompts to their endpoint, they return a risk score. Your data leaves your machine. Latency depends on network. Requires an API key and account.</p>
+<p><strong>ClawMoat</strong> runs entirely local. npm install, import, done. Nothing leaves your machine. Zero network calls. Zero auth. Zero dependencies.</p>
+<h2>Detection Approach</h2>
+<p>Lakera uses ML models trained on their proprietary dataset. This means better generalization for novel attacks, but it's a black box — you can't inspect or customize the detection logic.</p>
+<p>ClawMoat uses pattern-based detection with 13 prompt injection patterns, 15+ supply chain indicators, and 6 insider threat detectors. It's transparent — you can read every pattern, add your own, and understand exactly why something was flagged.</p>
+<h2>What ClawMoat Has That Lakera Doesn't</h2>
+<ul>
+<li><strong>Host-level protection</strong> — forbidden zones, dangerous command blocking, 4 permission tiers</li>
+<li><strong>Supply chain detection</strong> — real-time indicators for TeamPCP, CanisterWorm, compromised packages</li>
+<li><strong>Insider threat detection</strong> — 6 behavioral detectors based on Anthropic's agentic misalignment research</li>
+<li><strong>Network egress logging</strong> — tracks outbound connections from agents</li>
+<li><strong>Inter-agent message scanning</strong> — detects attacks between cooperating agents</li>
+<li><strong>Zero dependencies</strong> — no supply chain risk from the security tool itself</li>
+<li><strong>Transparent pricing</strong> — $0 / $29 / $149 on the website vs "Let's chat"</li>
+</ul>
+<h2>What Lakera Has That ClawMoat Doesn't</h2>
+<ul>
+<li><strong>ML-powered detection</strong> — better at catching novel/creative prompt injections</li>
+<li><strong>PII detection and redaction</strong> — dedicated PII scanner with entity recognition</li>
+<li><strong>Enterprise SSO/RBAC</strong> — built for large orgs</li>
+<li><strong>Managed infrastructure</strong> — no self-hosting needed</li>
+<li><strong>Proven at scale</strong> — used by Dropbox and other large companies</li>
+</ul>
+<h2>Pricing</h2>
+<table>
+<tr><th></th><th>ClawMoat</th><th>Lakera</th></tr>
+<tr><td>Free</td><td class="yes">Unlimited, self-hosted</td><td>10,000 req/month</td></tr>
+<tr><td>Developer</td><td>$9/mo</td><td class="no">—</td></tr>
+<tr><td>Team</td><td>$49/mo</td><td class="no">—</td></tr>
+<tr><td>Enterprise</td><td>Custom</td><td>"Let's chat" (sales call required)</td></tr>
+</table>
+<h2>Who Should Use What</h2>
+<p><strong>Use Lakera if:</strong> You're an enterprise with budget, need ML-powered detection, want managed infrastructure, and can wait for a sales process.</p>
+<p><strong>Use ClawMoat if:</strong> You're a developer or small team, want self-hosted security, need supply chain protection, care about transparent pricing, and want to be running in 5 minutes.</p>
+<div style="text-align:center;margin:2rem 0">
+<a href="https://github.com/darfaz/clawmoat" class="btn">Try ClawMoat Free →</a>
+<a href="/compare/" class="btn" style="background:transparent;border:2px solid var(--accent);color:var(--accent)">All Comparisons</a>
+</div>
+<footer><p>🏰 ClawMoat — The Open-Source Agent Firewall</p></footer>
+</div></body></html>