Introduction
ClawNex is an AI Agent Fleet Security Operations Center (SOC) — a real-time dashboard that monitors, scans, and secures AI agent fleets. It sits between AI agents and their LLM providers, scanning every prompt and response through a 155-rule shield engine and surfacing fleet-wide visibility in a single pane of glass.
Version: v0.6.1-alpha | License: Apache 2.0 | Domain: clawnexai.com
Key Capabilities
- 155-rule Prompt Shield — 10 categories covering secrets, commands, jailbreaks, C2, steganography, encoding attacks, cognitive tampering, trust exploitation, sensitive paths, and financial data
- 22-panel Dashboard — organized into Command, Security, Defense, Activity, Governance, Performance, Operations, Compliance, and System groups
- 5 Operator Roles — Admin, Security Manager, Operator, Viewer, Auditor with 28 granular permissions
- Three-layer Detection — pre-call scan (blocks), post-call scan (detects), retroactive session analysis (catches gaps)
- MCP Server — Model Context Protocol integration for AI assistants like Claude Code
- Public REST API — API key-authenticated endpoints for automations, CI/CD, and SIEM integrations
- OpenAI-compatible Endpoint — drop-in replacement with automatic shield scanning
Architecture
ClawNex runs two services on a single host:
| Service | Technology | Port | Role |
|---|---|---|---|
| ClawNex Dashboard | Next.js 14 / Node.js | 5001 | Web UI, API backend, shield engine, session watcher |
| LiteLLM Proxy | Python 3.12 / LiteLLM 1.83.0 | 4001 | LLM traffic proxy with pre-call blocking |
Both services share a single SQLite database and communicate via HTTP on localhost.