Deno is open-sourcing Claw Patrol, a security firewall gateway for AI agents that goes beyond HTTP. The tool routes agent traffic through WireGuard or Tailscale tunnels to a gateway that terminates TLS, parses inner protocols (HTTP, SQL, Kubernetes API), holds and injects real credentials, and evaluates requests against HCL rules. Unlike LLM gateways, HTTP proxies, or process sandboxes, Claw Patrol can gate non-HTTP protocols like Postgres and Kubernetes, block specific SQL verbs (e.g., DROP TABLE), and tunnel into networks the agent host can't reach. Credentials never live on the agent — it sends placeholders that the gateway swaps for real tokens. Verdicts can be allow, deny, or a chain involving LLM judges and human approvers via Slack. Released under MIT license as alpha software.
Sort: