Summary

Adds the OpenClaw Security Suite to the Security, Compliance, & Legal section.

openclaw-security is an 11-tool security suite purpose-built for AI agent workspaces. It covers:

• Workspace integrity (warden) -- injection detection, file-hash verification
• Secret scanning (sentry) -- credential and API key detection
• Permission auditing (arbiter) -- file/directory permission analysis
• Network DLP (egress) -- outbound data exfiltration detection
• Supply-chain security (sentinel) -- pre-install package scanning
• Injection defense (bastion) -- prompt injection detection, command allowlisting
• Credential lifecycle (vault) -- credential exposure auditing
• Compliance enforcement (marshal) -- policy rule enforcement
• Audit trails (ledger) -- hash-chained, tamper-evident logging
• Cryptographic signing (signet) -- skill/artifact signing and verification
• Incident response (triage) -- forensic analysis and response automation

Why Security, Compliance, & Legal?

Every tool in the suite directly addresses security, compliance, or governance concerns in agent-assisted development environments. The suite is designed for the Claude Code / OpenClaw ecosystem and aligns with the category's focus on keeping workspaces safe and auditable.

Note on link format

This entry links to an external GitHub repository rather than an internal ./plugins/ directory, since the suite is distributed as an OpenClaw skill package. Happy to adapt the format if maintainers prefer a different structure.