Open Source Developer

Building Secure Foundations for Autonomous AI

Open source infrastructure for deterministic access control, MCP security, and enterprise authorization — built to make AI agents safe for production.

OpenClaw FGAC Visualization
Security Infrastructure

OpenClaw FGAC

A deterministic access control plugin for OpenClaw. Unlike prompt-based security which is non-deterministic and often unreliable, this plugin provides deterministic protection by validating tool calls in real-time against pre-defined policies.

By enforcing granular control over authorized tools and inspecting arguments—ensuring an agent can't perform destructive actions like formatting a disk or wiping out emails—it enables full autonomy without a constant human-in-the-loop.

It features a visual Policy Editor and log-based rule generation, providing a secure-by-default foundation for truly safe and independent AI agents.

OpenClaw Fine-Grained Auth Agent Security
View Project
MCP Security Infrastructure
MCP Security Suite
Security & Authorization

MCP Gateway

A centralized security and authorization hub for the Model Context Protocol. It handles OAuth2 token validation and fine-grained access control defined by your security configuration.

Leveraging obligations from the access control response, it dynamically transforms requests and responses—applying security filters, masking sensitive data, and injecting obligations.

MCP Gateway Authorization OAuth
View Project
Client-Side Authentication

MCP OAuth Proxy

A high-performance client-side proxy co-located with your AI agent that streamlines MCP OAuth2 authentication and enables robust Human-in-the-Loop (HITL) approval workflows for sensitive agent actions.

Built for enterprise security, it features native keychain integration and browser-based OAuth2 + PKCE. It coordinates with the MCP Gateway to enforce policy-driven manual confirmations, ensuring users maintain control over critical tool calls.

MCP Proxy Authentication Enterprise
View Project
Entitlement Services Visualization
Enterprise Authorization

Entitlement Services

An enterprise-grade authorization platform designed for high-scale environments. It provides unified APIs for functional/UI and data entitlement, allowing for consistent security enforcement across all layers of your application.

The system features native support for obligations, enabling automated data redaction and masking to protect sensitive information during real-time access requests.

By leveraging an intuitive rule grammar and a fully extensible architecture, teams can rapidly master complex policy definitions and integrate custom data retrievers for dynamic evaluation.

XACML FGAC Entitlements
View Project