Enterprise Integration
CI/CD, SDK & Agent Telemetry
One API call to test any agent. Stream agent behaviors via SDK for continuous behavioral analysis. HMAC-signed webhooks and CI/CD gates enforce security at every release.
Partner API
REST APIbash
# 1. Authenticate
TOKEN=$(curl -s -X POST /api/v1/partner/auth \
-d '{"apiKey":"csk_live_your_key_here"}' | jq -r '.data.token')
# 2. Register agent (get agentId)
curl -X POST /api/v1/partner/agents/register \
-H "Authorization: Bearer $TOKEN" \
-d '{"name":"PaymentProcessor","endpoint":"https://..."}'
# → agentId: "ag_7f3a..."
# 3. Scan using agentId
curl -X POST /api/v1/partner/scan \
-H "Authorization: Bearer $TOKEN" \
-d '{"agentId":"ag_7f3a...","agentEndpoint":"https://..."}'
# 4. Query agent by ID
curl -H "Authorization: Bearer $TOKEN" \
/api/v1/partner/agents/by-id/agentId
# 5. Get scan report
curl -H "Authorization: Bearer $TOKEN" \
/api/v1/partner/scan/{scanId}/report
TypeScript SDKtypescript
import { ClawShield } from '@clawshield/sdk';
const cs = new ClawShield({
apiKey: process.env.CLAWSHIELD_KEY!
});
// Register agent → get agentId
const agent = await cs.registerAgent({
name: 'PaymentProcessor',
agentEndpoint: 'https://your-agent.com/invoke',
packageId: 'PS86efeLiItek9dSPPo1',
});
console.log(result.overallScore); // 82
console.log(result.grade); // 'B'
console.log(result.dimensionScores);
// CI/CD gate
const gate = await cs.gate({
agentEndpoint: process.env.AGENT_URL,
packageId: 'PS86efeLiItek9dSPPo1',
minGrade: 'B',
});
CI/CD Integration
GitHub Actions — PR Guard
name: Agent Security Gate
on: [push, pull_request]
jobs:
security-scan:
runs-on: ubuntu-latest
steps:
- uses: clawshield/scan-action@v1
with:
api-key: ${{ secrets.CLAWSHIELD_KEY }}
agent-url: ${{ env.AGENT_URL }}
package-id: PS86efeLiItek9dSPPo1
min-grade: B # Block PR if grade < B
HMAC-Signed Webhooks
Scan results are delivered via HMAC-SHA256 signed webhooks. Verify the signature to ensure authenticity.
Header: X-ClawShield-Signature
Payload: scan.completed, scan.failed
Retry: 6 attempts with exponential backoff
Agent Behavioral Telemetry
Go beyond point-in-time scanning. Integrate the ClawShield SDK into your agent runtime to stream behavioral data continuously. Every tool call, every user interaction, every decision path is captured and analyzed for security anomalies.
Stream agent tool calls, responses, and decision paths to ClawShield
Continuous behavioral analysis — detect drift, anomalies, and emerging risks
Agent inventory with ownership, risk tier, and environment classification
Alert policies trigger when behavior deviates from established baselines
Cross-reference behavioral data with adversarial test results
SDK Telemetrytypescript
import { ClawShield } from '@clawshield/sdk';
const monitor = new ClawShield.Monitor({
apiKey: process.env.CLAWSHIELD_KEY,
agentName: 'PaymentProcessor',
});
// Wrap your agent's tool calls
const result = await monitor.track({
action: 'tool_call',
tool: 'database_query',
input: userQuery,
output: agentResponse,
});
// ClawShield analyzes behavior
// Dashboard shows real-time metrics
// Alerts fire on anomalies
Supported Agent Frameworks
LangGraph
Auto-detected
OpenAI Assistants
Auto-detected
Google Gemini
Auto-detected
Custom HTTP
Any endpoint
CrewAI
Via generic adapter
AutoGen
Via generic adapter
Amazon Bedrock
Via generic adapter
Anthropic Claude
Via generic adapter