npm - clawmoat - Versions diffs - 0.7.0 → 1.0.0 - Mend

clawmoat 0.7.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (178) hide show

package/.dockerignore +9 -0
package/CHANGELOG.md +18 -0
package/CONTRIBUTING.md +4 -2
package/DEMO.md +87 -0
package/Dockerfile +5 -18
package/README.md +294 -8
package/SECURITY.md +58 -10
package/THREAT_MODEL.md +129 -0
package/agent/README.md +131 -0
package/agent/index.js +471 -0
package/agent/install-service.sh +94 -0
package/agent/openclaw-hook.js +453 -0
package/agent/provider-setup.js +649 -0
package/agent/setup.js +274 -0
package/assets/BADGE-USAGE.md +20 -0
package/assets/clawmoat-badge.svg +21 -0
package/bin/clawmoat.js +468 -111
package/docs/affiliates/dashboard.html +124 -0
package/docs/affiliates/index.html +236 -0
package/docs/agent-install.html +183 -0
package/docs/ai-agent-security-scanner.html +10 -6
package/docs/badge/index.html +149 -0
package/docs/badge/scanning.svg +23 -0
package/docs/blog/386-malicious-skills.html +262 -0
package/docs/blog/40000-exposed-openclaw-instances.html +201 -0
package/docs/blog/agent-trust-protocol.html +198 -0
package/docs/blog/ai-agent-earns-commissions.html +230 -0
package/docs/blog/bugmageddon-agent-firewall.html +174 -0
package/docs/blog/calculator-math.html +180 -0
package/docs/blog/clawmoat-vs-llamafirewall-nemo-guardrails.html +229 -0
package/docs/blog/host-guardian-launch.html +18 -8
package/docs/blog/ibm-experts-agent-runtime-protection.html +247 -0
package/docs/blog/index.html +211 -9
package/docs/blog/langchain-security-tutorial.html +18 -8
package/docs/blog/mcp-30-cves-security-crisis.html +286 -0
package/docs/blog/meta-researcher-rogue-agent.html +201 -0
package/docs/blog/microsoft-openclaw-workstation-security.html +235 -0
package/docs/blog/nist-ai-agent-standards-clawmoat.html +377 -0
package/docs/blog/oasis-websocket-hijack.html +212 -0
package/docs/blog/ollama-openclaw-security.html +160 -0
package/docs/blog/openclaw-enterprise-readiness-claw10.html +199 -0
package/docs/blog/openclaw-security-reckoning-2026.html +368 -0
package/docs/blog/owasp-agentic-ai-top10.html +18 -8
package/docs/blog/securing-ai-agents.html +18 -8
package/docs/blog/supply-chain-agents.html +18 -8
package/docs/business/index.html +525 -0
package/docs/business/install.html +261 -0
package/docs/checklist.html +174 -0
package/docs/compare/index.html +122 -0
package/docs/compare/lakera/index.html +62 -0
package/docs/compare/llm-guard/index.html +49 -0
package/docs/compare/snyk-agent-scan/index.html +63 -0
package/docs/compare.html +10 -6
package/docs/dashboard/index.html +520 -0
package/docs/finance/index.html +220 -0
package/docs/guides/business-deployment.html +770 -0
package/docs/hall-of-fame.html +174 -0
package/docs/index.html +447 -154
package/docs/install.sh +557 -0
package/docs/integrations/langchain.html +14 -6
package/docs/integrations/openai.html +14 -6
package/docs/integrations/openclaw.html +55 -7
package/docs/plans/2026-03-26-threat-intel-api.md +255 -0
package/docs/plans/2026-04-14-bugmageddon-marketing-pack.md +329 -0
package/docs/plans/2026-04-14-clawmoat-v1-bugmageddon.md +248 -0
package/docs/plans/2026-04-14-v1-release-update.md +91 -0
package/docs/plans/2026-04-19-supabase-audit.md +68 -0
package/docs/plans/2026-05-12-sales-push.md +303 -0
package/docs/playground/index.html +893 -0
package/docs/playground.html +4 -7
package/docs/privacy-policy/index.html +122 -0
package/docs/rfcs/defense-in-depth.md +467 -0
package/docs/scan/index.html +358 -0
package/docs/services/case-study.html +255 -0
package/docs/services/downloads/install-openclaw.bat +45 -0
package/docs/services/downloads/install-openclaw.command +38 -0
package/docs/services/downloads/install-openclaw.sh +38 -0
package/docs/services/get-started.html +165 -0
package/docs/services/index.html +598 -0
package/docs/services/multi-agent-security.html +284 -0
package/docs/services/one-pager.html +99 -0
package/docs/services/pitch-deck.html +229 -0
package/docs/services/roi-calculator.html +258 -0
package/docs/sitemap.xml +192 -2
package/docs/support/index.html +135 -0
package/docs/templates/customer-service/HEARTBEAT.md +61 -0
package/docs/templates/customer-service/MEMORY.md +89 -0
package/docs/templates/customer-service/SOUL.md +41 -0
package/docs/templates/customer-service/USER.md +56 -0
package/docs/templates/executive/HEARTBEAT.md +86 -0
package/docs/templates/executive/MEMORY.md +92 -0
package/docs/templates/executive/SOUL.md +44 -0
package/docs/templates/executive/USER.md +62 -0
package/docs/templates/finance/HEARTBEAT.md +58 -0
package/docs/templates/finance/MEMORY.md +87 -0
package/docs/templates/finance/SOUL.md +38 -0
package/docs/templates/finance/USER.md +53 -0
package/docs/templates/index.html +115 -0
package/docs/templates/operations/HEARTBEAT.md +63 -0
package/docs/templates/operations/MEMORY.md +68 -0
package/docs/templates/operations/SOUL.md +38 -0
package/docs/templates/operations/USER.md +49 -0
package/docs/templates/sales/HEARTBEAT.md +55 -0
package/docs/templates/sales/MEMORY.md +89 -0
package/docs/templates/sales/SOUL.md +34 -0
package/docs/templates/sales/USER.md +54 -0
package/docs/terms-of-service/index.html +122 -0
package/eslint.config.js +32 -0
package/evals/README.md +29 -0
package/evals/cases.json +390 -0
package/evals/results.md +68 -0
package/evals/run.js +180 -0
package/examples/basic-usage.js +38 -0
package/examples/demo-attack/demo.js +186 -0
package/examples/python-quickstart/README.md +54 -0
package/examples/python-quickstart/clawmoat_client.py +167 -0
package/examples/video-demo/README.md +14 -0
package/examples/video-demo/scene-a-normal.js +29 -0
package/examples/video-demo/scene-b-attack-arrives.js +31 -0
package/examples/video-demo/scene-c-hijack.js +44 -0
package/examples/video-demo/scene-d-clawmoat.js +46 -0
package/integrations/crewai/README.md +32 -0
package/integrations/crewai/clawmoat_crewai/__init__.py +17 -0
package/integrations/crewai/clawmoat_crewai/guard.py +103 -0
package/integrations/crewai/pyproject.toml +21 -0
package/integrations/langchain/README.md +91 -0
package/integrations/langchain/clawmoat_langchain/__init__.py +17 -0
package/integrations/langchain/clawmoat_langchain/callback.py +489 -0
package/integrations/langchain/pyproject.toml +32 -0
package/integrations/litellm/README.md +324 -0
package/integrations/litellm/clawmoat_litellm/__init__.py +21 -0
package/integrations/litellm/clawmoat_litellm/callback.py +329 -0
package/integrations/litellm/clawmoat_litellm/proxy_middleware.py +224 -0
package/integrations/litellm/pyproject.toml +74 -0
package/integrations/openai-agents/README.md +392 -0
package/integrations/openai-agents/clawmoat_openai_agents/__init__.py +20 -0
package/integrations/openai-agents/clawmoat_openai_agents/guardrail.py +431 -0
package/integrations/openai-agents/clawmoat_openai_agents/middleware.py +311 -0
package/integrations/openai-agents/pyproject.toml +76 -0
package/package.json +6 -5
package/plugins/openclaw-adapter/PHASE1.md +439 -0
package/plugins/openclaw-adapter/README.md +103 -0
package/plugins/openclaw-adapter/SPEC.md +1644 -0
package/plugins/openclaw-adapter/package.json +31 -0
package/plugins/openclaw-adapter/src/index.test.ts +226 -0
package/plugins/openclaw-adapter/src/index.ts +140 -0
package/plugins/openclaw-adapter/tsconfig.json +14 -0
package/server/data/threats.json +290 -0
package/server/index.js +224 -10
package/src/adapters/express.js +161 -0
package/src/adapters/index.js +92 -0
package/src/adapters/langchain.js +185 -0
package/src/approval/index.js +456 -0
package/src/ban-scanner.js +200 -0
package/src/boundary-scanner.js +296 -0
package/src/ci-scanner.js +279 -0
package/src/code-scanner.js +245 -0
package/src/enforce.js +166 -0
package/src/finance/index.js +585 -0
package/src/finance/mcp-firewall.js +486 -0
package/src/formatters/json.js +80 -0
package/src/formatters/sarif.js +388 -0
package/src/guardian/alerts.js +34 -3
package/src/guardian/gateway-monitor.js +590 -0
package/src/guardian/index.js +41 -2
package/src/index.js +105 -0
package/src/integrations/agentmesh.js +501 -0
package/src/language-detector.js +201 -0
package/src/mcp-scanner.js +253 -0
package/src/multimodal/index.js +579 -0
package/src/obfuscation-scanner.js +457 -0
package/src/policy-engine.js +402 -0
package/src/scanners/dependency-attacks.js +128 -0
package/src/scanners/prompt-injection.js +18 -0
package/src/scanners/supply-chain.js +14 -0
package/src/templates/default-config.yml +90 -0
package/src/vuln-ops/exploitability.js +46 -0
package/src/watch/live-monitor.js +720 -0

package/docs/compare/llm-guard/index.html ADDED Viewed

@@ -0,0 +1,49 @@
+<!DOCTYPE html><html lang="en"><head>
+<meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>ClawMoat vs LLM Guard — AI Agent Security Comparison</title>
+<meta name="description" content="Compare ClawMoat and LLM Guard (Protect AI) for AI agent security. Node.js vs Python, zero deps vs heavy deps, host protection vs input/output scanning.">
+<style>:root{--bg:#0a0a0f;--fg:#e0e0e8;--accent:#00d4aa;--muted:#888;--card:#14141f;--blue:#3B82F6;--red:#ff4444}*{margin:0;padding:0;box-sizing:border-box}body{background:var(--bg);color:var(--fg);font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;line-height:1.7}.container{max-width:800px;margin:0 auto;padding:2rem 1.5rem}nav{padding:1rem 0;border-bottom:1px solid #2a2a3a;margin-bottom:2rem;display:flex;justify-content:space-between;align-items:center}nav a{color:var(--fg);text-decoration:none;margin-right:1.5rem}nav a:hover{color:var(--accent)}.logo span{color:var(--accent)}h1{font-size:2.2rem;margin-bottom:1rem}h2{color:var(--accent);margin:2rem 0 .75rem;font-size:1.3rem}p,li{color:var(--muted)}ul{margin:0 0 1rem 1.5rem}.highlight-box{background:var(--card);border:2px solid var(--accent);border-radius:12px;padding:1.5rem;margin:1.5rem 0}table{width:100%;border-collapse:collapse;margin:1rem 0}th,td{padding:.6rem;text-align:left;border-bottom:1px solid #2a2a3a;font-size:.9rem}th{color:var(--accent);font-size:.8rem;text-transform:uppercase}.yes{color:var(--accent)}.no{color:var(--red)}.btn{background:var(--accent);color:#000;padding:.75rem 2rem;border:none;border-radius:8px;font-weight:700;cursor:pointer;display:inline-block;text-decoration:none;margin:.5rem}footer{text-align:center;color:var(--muted);font-size:.8rem;padding:2rem 0;border-top:1px solid #2a2a3a;margin-top:3rem}</style>
+</head><body><div class="container">
+<nav><a href="/" class="logo">🏰 Claw<span>Moat</span></a><div><a href="/compare/">All Comparisons</a><a href="/scan/">Scanner</a><a href="https://github.com/darfaz/clawmoat">GitHub ↗</a></div></nav>
+<h1>ClawMoat vs LLM Guard</h1>
+<p style="font-size:1.1rem;color:var(--fg)">LLM Guard (by Protect AI) is a Python security toolkit with 35 scanners. ClawMoat is a Node.js agent firewall with host protection, supply chain detection, and insider threat analysis.</p>
+<div class="highlight-box">
+<p style="color:var(--fg);margin:0"><strong>TL;DR:</strong> Building in Python? LLM Guard is solid. Building in Node.js/TypeScript, or need host-level protection and supply chain scanning? ClawMoat.</p>
+</div>
+<h2>Ecosystem</h2>
+<p><strong>LLM Guard</strong> is Python-only. 2,500 GitHub stars, 15 input scanners, 20 output scanners. Heavy dependencies (transformers, torch, spacy). Backed by Protect AI ($60M+ raised).</p>
+<p><strong>ClawMoat</strong> is Node.js/TypeScript native. Zero dependencies. Built for the JavaScript agent ecosystem (OpenClaw, Claude Code, MCP SDK). 142 tests, MIT licensed.</p>
+<h2>Scope Difference</h2>
+<p>LLM Guard focuses on <strong>input/output scanning</strong> — it inspects what goes into and comes out of an LLM. That's one layer.</p>
+<p>ClawMoat covers <strong>three layers</strong>: input/output scanning, host-level protection (forbidden zones, command blocking, permission tiers), and supply chain detection (compromised packages, C2 indicators). Plus insider threat detection based on Anthropic's research.</p>
+<table>
+<tr><th>Capability</th><th>ClawMoat</th><th>LLM Guard</th></tr>
+<tr><td>Language</td><td class="yes">Node.js/TypeScript</td><td>Python</td></tr>
+<tr><td>Dependencies</td><td class="yes">Zero</td><td class="no">Heavy (torch, transformers)</td></tr>
+<tr><td>Prompt injection</td><td class="yes">✓</td><td class="yes">✓</td></tr>
+<tr><td>Jailbreak detection</td><td class="yes">✓</td><td class="yes">✓</td></tr>
+<tr><td>Secret scanning</td><td class="yes">✓</td><td class="yes">✓</td></tr>
+<tr><td>PII detection</td><td>Basic patterns</td><td class="yes">✓ NER-based</td></tr>
+<tr><td>Toxicity detection</td><td class="no">✗</td><td class="yes">✓</td></tr>
+<tr><td>Host protection</td><td class="yes">✓ 4 tiers, forbidden zones</td><td class="no">✗</td></tr>
+<tr><td>Supply chain detection</td><td class="yes">✓ 15+ patterns</td><td class="no">✗</td></tr>
+<tr><td>Insider threat detection</td><td class="yes">✓ 6 detectors</td><td class="no">✗</td></tr>
+<tr><td>Network egress logging</td><td class="yes">✓</td><td class="no">✗</td></tr>
+<tr><td>Install size</td><td class="yes">~50KB</td><td class="no">~2GB+ (with models)</td></tr>
+</table>
+<h2>When to Use Each</h2>
+<p><strong>LLM Guard</strong> is the right choice if you're building Python LLM applications and need deep NLP-based detection (toxicity, bias, language models). It's a mature, well-backed project.</p>
+<p><strong>ClawMoat</strong> is the right choice if you're building JS/TS agents, need host-level protection beyond just prompt scanning, want zero dependencies, or need supply chain attack detection.</p>
+<div style="text-align:center;margin:2rem 0">
+<a href="https://github.com/darfaz/clawmoat" class="btn">Try ClawMoat Free →</a>
+<a href="/compare/" class="btn" style="background:transparent;border:2px solid var(--accent);color:var(--accent)">All Comparisons</a>
+</div>
+<footer><p>🏰 ClawMoat — The Open-Source Agent Firewall</p></footer>
+</div></body></html>

package/docs/compare/snyk-agent-scan/index.html ADDED Viewed

@@ -0,0 +1,63 @@
+<!DOCTYPE html><html lang="en"><head>
+<meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>ClawMoat vs Snyk agent-scan — AI Agent Security Comparison</title>
+<meta name="description" content="Compare ClawMoat and Snyk agent-scan for AI agent and MCP security. Zero-auth vs API token, Node.js vs Python, transparent pricing vs enterprise licensing.">
+<style>:root{--bg:#0a0a0f;--fg:#e0e0e8;--accent:#00d4aa;--muted:#888;--card:#14141f;--blue:#3B82F6;--red:#ff4444}*{margin:0;padding:0;box-sizing:border-box}body{background:var(--bg);color:var(--fg);font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;line-height:1.7}.container{max-width:800px;margin:0 auto;padding:2rem 1.5rem}nav{padding:1rem 0;border-bottom:1px solid #2a2a3a;margin-bottom:2rem;display:flex;justify-content:space-between;align-items:center}nav a{color:var(--fg);text-decoration:none;margin-right:1.5rem}nav a:hover{color:var(--accent)}.logo span{color:var(--accent)}h1{font-size:2.2rem;margin-bottom:1rem}h2{color:var(--accent);margin:2rem 0 .75rem;font-size:1.3rem}p,li{color:var(--muted)}ul{margin:0 0 1rem 1.5rem}.highlight-box{background:var(--card);border:2px solid var(--accent);border-radius:12px;padding:1.5rem;margin:1.5rem 0}table{width:100%;border-collapse:collapse;margin:1rem 0}th,td{padding:.6rem;text-align:left;border-bottom:1px solid #2a2a3a;font-size:.9rem}th{color:var(--accent);font-size:.8rem;text-transform:uppercase}.yes{color:var(--accent)}.no{color:var(--red)}.btn{background:var(--accent);color:#000;padding:.75rem 2rem;border:none;border-radius:8px;font-weight:700;cursor:pointer;display:inline-block;text-decoration:none;margin:.5rem}footer{text-align:center;color:var(--muted);font-size:.8rem;padding:2rem 0;border-top:1px solid #2a2a3a;margin-top:3rem}</style>
+</head><body><div class="container">
+<nav><a href="/" class="logo">🏰 Claw<span>Moat</span></a><div><a href="/compare/">All Comparisons</a><a href="/scan/">Scanner</a><a href="https://github.com/darfaz/clawmoat">GitHub ↗</a></div></nav>
+<h1>ClawMoat vs Snyk agent-scan</h1>
+<p style="font-size:1.1rem;color:var(--fg)">Snyk agent-scan launched at RSAC 2026 with MCP server scanning. ClawMoat has been shipping agent security since February 2026. Different approaches, different trade-offs.</p>
+<div class="highlight-box">
+<p style="color:var(--fg);margin:0"><strong>TL;DR:</strong> Snyk agent-scan is great for MCP server governance in enterprise environments. ClawMoat is better for developers who want zero-friction security with host protection, supply chain detection, and no account required.</p>
+</div>
+<h2>Philosophy</h2>
+<p><strong>Snyk</strong> is an enterprise security platform. agent-scan is one product in their suite. It requires a Snyk account and API token. It feeds into Snyk Evo for centralized management. Enterprise-first, developer-useful.</p>
+<p><strong>ClawMoat</strong> is developer-first. npm install. No account. No API key. No network calls. Start scanning in 30 seconds. Upgrade to paid plans when you need dashboards and alerts.</p>
+<h2>What Snyk Does Better</h2>
+<ul>
+<li><strong>MCP server scanning</strong> — protocol-level inspection of tool definitions, prompts, resources</li>
+<li><strong>Agent discovery</strong> — auto-discovers Claude, Cursor, Windsurf, VS Code, Gemini CLI configs</li>
+<li><strong>Background daemon</strong> — runs continuously, reports to central Snyk Evo dashboard</li>
+<li><strong>Enterprise integration</strong> — MDM deployment, CrowdStrike integration, centralized reporting</li>
+<li><strong>Red teaming</strong> — built-in attack profiles (fast, security, safety)</li>
+<li><strong>Brand trust</strong> — Snyk has 4,800 enterprise customers</li>
+</ul>
+<h2>What ClawMoat Does Better</h2>
+<ul>
+<li><strong>Zero friction</strong> — no account, no API token, no Python/uv dependency chain</li>
+<li><strong>Supply chain detection</strong> — real-time TeamPCP indicators, compromised package versions, C2 domains</li>
+<li><strong>Host protection</strong> — forbidden zones, permission tiers, dangerous command blocking</li>
+<li><strong>Insider threat detection</strong> — 6 behavioral detectors for agentic misalignment</li>
+<li><strong>Network egress logging</strong> — tracks and blocks agent outbound connections</li>
+<li><strong>Node.js native</strong> — Snyk is Python-only; ClawMoat serves the JS agent ecosystem</li>
+<li><strong>Transparent pricing</strong> — $0 / $29 / $149 vs Snyk enterprise licensing</li>
+<li><strong>Privacy</strong> — everything runs locally, nothing phones home (Snyk requires API calls)</li>
+</ul>
+<h2>Can You Use Both?</h2>
+<p style="color:var(--fg)"><strong>Yes.</strong> They're complementary. Snyk agent-scan for MCP governance and enterprise reporting. ClawMoat for runtime protection, supply chain scanning, and host security. Different layers, different strengths.</p>
+<table>
+<tr><th>Dimension</th><th>ClawMoat</th><th>Snyk agent-scan</th></tr>
+<tr><td>Account required</td><td class="yes">No</td><td class="no">Yes (Snyk token)</td></tr>
+<tr><td>Language</td><td>Node.js</td><td>Python</td></tr>
+<tr><td>Install</td><td class="yes">npm i -g clawmoat</td><td>uvx snyk-agent-scan</td></tr>
+<tr><td>MCP scanning</td><td>Coming soon</td><td class="yes">✓</td></tr>
+<tr><td>Supply chain</td><td class="yes">✓ 15+ patterns</td><td class="no">✗</td></tr>
+<tr><td>Host protection</td><td class="yes">✓</td><td class="no">✗</td></tr>
+<tr><td>Runtime scanning</td><td class="yes">✓</td><td>CLI-based</td></tr>
+<tr><td>Pricing</td><td class="yes">Free → $29 → $149</td><td>Via Snyk plans</td></tr>
+<tr><td>Privacy</td><td class="yes">100% local</td><td class="no">Sends to Snyk API</td></tr>
+</table>
+<div style="text-align:center;margin:2rem 0">
+<a href="https://github.com/darfaz/clawmoat" class="btn">Try ClawMoat Free →</a>
+<a href="/compare/" class="btn" style="background:transparent;border:2px solid var(--accent);color:var(--accent)">All Comparisons</a>
+</div>
+<footer><p>🏰 ClawMoat — The Open-Source Agent Firewall</p></footer>
+</div></body></html>

package/docs/compare.html CHANGED Viewed

@@ -110,12 +110,10 @@ footer a{color:var(--gray)}
   <a href="/" class="logo">🏰 Claw<span>Moat</span></a>
   <button class="menu-toggle" onclick="document.querySelector('.nav-links').classList.toggle('open')" aria-label="Menu">☰</button>
   <div class="nav-links">
-    <a href="/#features">Features</a>
-    <a href="/compare.html" class="active">Compare</a>
-    <a href="/#pricing">Pricing</a>
+    <a href="/">Security</a>
+    <a href="/services/">AI Agents</a>
     <a href="/blog/">Blog</a>
-    <a href="https://github.com/darfaz/clawmoat">GitHub</a>
-    <a href="/#waitlist" class="btn-sm">Get Early Access</a>
+    <a href="https://github.com/darfaz/clawmoat">GitHub ↗</a>
   </div>
 </div>
 </nav>
@@ -306,7 +304,13 @@ footer a{color:var(--gray)}
 <!-- Footer -->
 <footer>
 <div class="container">
-  <p>🏰 ClawMoat — Security moat for AI agents · <a href="https://github.com/darfaz/clawmoat">GitHub</a> · <a href="/">Home</a></p>
+  <div style="display:flex;gap:24px;justify-content:center;flex-wrap:wrap;margin-bottom:16px">
+    <a href="https://github.com/darfaz/clawmoat" style="color:var(--gray)">GitHub</a>
+    <a href="https://www.npmjs.com/package/clawmoat" style="color:var(--gray)">npm</a>
+    <a href="/blog/" style="color:var(--gray)">Blog</a>
+    <a href="mailto:hello@clawmoat.com" style="color:var(--gray)">hello@clawmoat.com</a>
+  </div>
+  <p style="text-align:center;color:var(--gray);font-size:.85rem">© 2026 ClawMoat</p>
 </div>
 </footer>