Approval boundary
ClawLock puts a hard approval boundary between research and high-risk action. The agent can browse and recommend, but checkout and sensitive actions can be blocked until a human approves.
Secret handling
Cards and credentials are kept out of model context where possible. Sensitive values are injected into the browser or used in controlled flows instead of being handed to the LLM in plaintext.
Policy layer
ClawLock applies explicit allow / ask / deny policy checks before consequential actions proceed. This is the core of the control plane model.
Receipts and audit trail
Approvals and actions are logged so you can inspect what happened, what rule matched, and what was allowed to proceed.
Process isolation
ClawLock can run with full process isolation so OpenClaw cannot kill or obstruct what ClawLock does. This is currently tested on Linux only and may not work on other operating systems.