Skip to main content

Security Modes

Set the security mode to control how profClaw handles potentially dangerous operations: 
export SECURITY_MODE=standard
FeaturePermissiveStandardStrict
File readAuto-allowAuto-allowPrompt
File writeAuto-allowPromptPrompt
File deleteAuto-allowPromptDeny
Shell commandsAuto-allowPromptDeny
Network requestsAuto-allowAuto-allowPrompt
Git operationsAuto-allowAuto-allowPrompt
Package installAuto-allowPromptDeny
Permissive mode is for development only. Never use it in production or with untrusted inputs.

Command Guards

Guards are rules that restrict specific commands or patterns: 
# .profclaw/settings.yml
security:
  guards:
    - pattern: "rm -rf /"
      action: deny
      reason: "Dangerous recursive delete"
    - pattern: "DROP TABLE"
      action: deny
      reason: "SQL table drop blocked"
    - pattern: "curl.*|.*sh"
      action: prompt
      reason: "Pipe to shell detected"
    - path: "/etc/*"
      action: deny
      reason: "System file access blocked"
    - path: "~/.ssh/*"
      action: deny
      reason: "SSH key access blocked"

Path Restrictions

Limit which directories profClaw can access: 
security:
  allowedPaths:
    - "./src"
    - "./tests"
    - "./docs"
  deniedPaths:
    - "./.env"
    - "./.env.local"
    - "./secrets"
    - "~/.ssh"

Audit Logging

Every tool execution and security decision is logged: 
security:
  auditLog:
    enabled: true
    retentionDays: 90
    includeToolResults: false  # Set true for full audit trail
    exportFormat: json         # json | csv
View audit logs: 
profclaw audit list
profclaw audit list --since 24h
profclaw audit export --format json --output audit.json

Device Pairing

Control how devices authenticate with your profClaw instance: 
security:
  devicePairing:
    enabled: true
    maxDevices: 10
    expirySeconds: 300
    requireApproval: true  # Manual approval for new devices
Generate a pairing code: 
profclaw device pair

Network Policies

Control outbound network access: 
security:
  network:
    allowedDomains:
      - "api.anthropic.com"
      - "api.openai.com"
      - "github.com"
      - "*.githubusercontent.com"
    blockedDomains:
      - "*.malware.com"
    maxRequestsPerMinute: 60

Plugin Security

Plugins run in a sandboxed environment by default: 
security:
  plugins:
    sandbox: true
    allowedPermissions:
      - "read_file"
      - "write_file"
    deniedPermissions:
      - "shell_exec"
      - "network_unrestricted"
    reviewRequired: true  # Require manual review before enabling
See Plugin Security for details.