ShieldCortex for OpenClaw
Persistent memory + security for every OpenClaw session. Native hook and plugin install in three commands. Optional Cloud sync adds one more.
Native Setup in Three Commands
Local memory and security need no account. Team Cloud sync is optional and adds one more command.
Install the session hook from the main ShieldCortex package
Install the standalone real-time OpenClaw plugin package
Reload OpenClaw so the hook and plugin are active
Requires Node.js 18+ — works with OpenClaw, Moltbot, and Clawdbot.
Existing installs can keep using npm install -g shieldcortex and shieldcortex openclaw install. Use the wrapper once if you need legacy hook migration or duplicate cleanup.
Optional Cloud sync after you activate a Team licence key on that machine:
Onboard Your Team
Adding a developer or server to a paid Team rollout? Give them a Team licence key for that machine, a Cloud API key from your dashboard, and the exact commands below.
What you give them
- 1. A Team licence key for that machine plus a Cloud API key from your dashboard
- 2. The install, config, and worker commands below
What happens automatically
- Their device appears in your Cloud dashboard
- Every scan syncs audit metadata to the team
- Threats are visible to the whole team in real time
Headless servers need the persistent worker.
Install ShieldCortex, activate the Team licence on that machine, set the Cloud API key, enable cloud sync, then run shieldcortex service install --headless. In Cloud, online means a recent ShieldCortex heartbeat, not just that the machine is powered on.
Server / Team Cloud Onboarding
shieldcortex license statusshieldcortex config --cloud-statusshieldcortex service statusWhat the OpenClaw Hook and Plugin Do
Session Start During Session Session End (/new)
β β β
βΌ βΌ βΌ
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β Inject past β β "remember β β Auto-extractβ
β context β β this: ..." β β (opt-in) β
β into agent β β β save β β with dedupe β
βββββββββββββββ βββββββββββββββ βββββββββββββββ | Hook | When | What it does |
|---|---|---|
| SessionStart | Session begins | Auto-retrieves relevant memories from past sessions and injects them into your agent's bootstrap context. No blank slate. |
| /new | Session reset | Scans last 30 messages and extracts up to 5 high-value memories (architecture decisions, learnings, bug fixes). Off by default β enable with openclawAutoMemory: true in config. When enabled, memories are deduplicated before write. |
| Keyword Trigger | During session | Say "remember this:" or "don't forget:" followed by content to save it immediately with critical importance. |
6-Layer Defence Pipeline
Every memory write passes through input sanitisation, pattern detection, semantic analysis, structural validation, behavioural scoring, and credential leak detection before storage.
Cross-Tool Sync
Memories stored in ~/.shieldcortex/memories.db are immediately available in Claude Code sessions too. Same brain, multiple tools.
Auto-Memory Configuration
Auto-memory extraction at session end is off by default. Keyword triggers (remember this:) always work regardless.
| Config Key | Default | Description |
|---|---|---|
| openclawAutoMemory | false | Enable automatic memory extraction on session end |
| openclawAutoMemoryDedupe | true | Deduplicate against existing memories before writing |
| openclawAutoMemoryNoveltyThreshold | 0.88 | Minimum novelty score (0.6–0.99) to save a memory. Higher = stricter |
| openclawAutoMemoryMaxRecent | 300 | Number of recent memories to check for duplicates (50–1000) |
Enable via CLI:
Or edit ~/.shieldcortex/config.json:
{
"openclawAutoMemory": true,
"openclawAutoMemoryDedupe": true,
"openclawAutoMemoryNoveltyThreshold": 0.88
} These settings can also be adjusted from the OpenClaw Memory Panel in the local dashboard.
Use With Any Memory Backend
ShieldCortex doesn't have to be your memory system — it can guard someone else's.
The ShieldCortexGuardedMemoryBridge wraps any external memory backend with the full 6-layer defence pipeline. Every write is scanned before it reaches your storage.
import {
ShieldCortexGuardedMemoryBridge,
MarkdownMemoryBackend
} from 'shieldcortex';
const bridge = new ShieldCortexGuardedMemoryBridge(
new MarkdownMemoryBackend('/path/to/MEMORY.md')
);
// Every write is scanned before it reaches your backend
const result = await bridge.save({
title: 'Database config',
content: 'Using PostgreSQL with connection pooling'
});
if (!result.allowed) {
console.log('Blocked:', result.defence.firewall.reason);
} MarkdownMemoryBackend
Any Markdown file
OpenClawMarkdownBackend
OpenClaw MEMORY.md format
ExternalMemoryBackend
Implement for custom backends
See Everything in One Dashboard
Every scan from every team member, across every device.
Audit Logs
Full forensic trail of every scan, with trust scores and threat classifications.
Threat Timeline
Visualise attacks as they happen across your entire team.
Device Tracking
See which machines are connected, their scan activity, and last seen times.
CLI Reference
Free to Start
Local (always free)
- ✓ Unlimited local scans
- ✓ Full 6-layer defence pipeline
- ✓ Persistent memory + semantic search
- ✓ Local dashboard + API
Cloud (free tier included)
- ✓ 500 scans/month
- ✓ 7-day audit retention
- ✓ 1 team member
- See Pro & Team plans →
Ready to Protect Your OpenClaw Agent?
Native hook and plugin install. Under a minute. Free.