ShieldCortex for OpenClaw
Persistent memory + security for every OpenClaw session. Three commands to install. Works on macOS, Linux (including headless servers), and Windows.
Setup in Three Commands
Local memory and security need no account. Team Cloud adds one more step.
Install the package globally
Install the OpenClaw hook into your agent
Connect to your team's Cloud sync after activating a Team licence key.
Requires Node.js 18+ — works with OpenClaw, Moltbot, and Clawdbot.
Re-installing (npm install -g shieldcortex) auto-refreshes your OpenClaw hook and plugin files. Opt out with SHIELDCORTEX_SKIP_AUTO_OPENCLAW=1.
Onboard Your Team
Adding a developer or server? Give them a Team licence key, a Cloud API key, and the exact commands below.
What you give them
- 1. A Team licence key plus an API key from your Cloud dashboard
- 2. The install, config, and worker commands below
What happens automatically
- Their device appears in your Cloud dashboard
- Every scan syncs audit metadata to the team
- Threats are visible to the whole team in real time
Headless servers need the persistent worker.
Install ShieldCortex, activate the Team licence, set the Cloud API key, enable cloud sync, then run shieldcortex service install --headless. In Cloud, online means a recent ShieldCortex heartbeat, not just that the machine is powered on.
Server / Team Cloud Onboarding
shieldcortex license statusshieldcortex config --cloud-statusshieldcortex service statusWhat the OpenClaw Hook Does
Session Start During Session Session End (/new)
β β β
βΌ βΌ βΌ
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β Inject past β β "remember β β Auto-extractβ
β context β β this: ..." β β (opt-in) β
β into agent β β β save β β with dedupe β
βββββββββββββββ βββββββββββββββ βββββββββββββββ | Hook | When | What it does |
|---|---|---|
| SessionStart | Session begins | Auto-retrieves relevant memories from past sessions and injects them into your agent's bootstrap context. No blank slate. |
| /new | Session reset | Scans last 30 messages and extracts up to 5 high-value memories (architecture decisions, learnings, bug fixes). Off by default β enable with openclawAutoMemory: true in config. When enabled, memories are deduplicated before write. |
| Keyword Trigger | During session | Say "remember this:" or "don't forget:" followed by content to save it immediately with critical importance. |
6-Layer Defence Pipeline
Every memory write passes through input sanitisation, pattern detection, semantic analysis, structural validation, behavioural scoring, and credential leak detection before storage.
Cross-Tool Sync
Memories stored in ~/.shieldcortex/memories.db are immediately available in Claude Code sessions too. Same brain, multiple tools.
Auto-Memory Configuration
Auto-memory extraction at session end is off by default. Keyword triggers (remember this:) always work regardless.
| Config Key | Default | Description |
|---|---|---|
| openclawAutoMemory | false | Enable automatic memory extraction on session end |
| openclawAutoMemoryDedupe | true | Deduplicate against existing memories before writing |
| openclawAutoMemoryNoveltyThreshold | 0.88 | Minimum novelty score (0.6–0.99) to save a memory. Higher = stricter |
| openclawAutoMemoryMaxRecent | 300 | Number of recent memories to check for duplicates (50–1000) |
Enable via CLI:
Or edit ~/.shieldcortex/config.json:
{
"openclawAutoMemory": true,
"openclawAutoMemoryDedupe": true,
"openclawAutoMemoryNoveltyThreshold": 0.88
} These settings can also be adjusted from the OpenClaw Memory Panel in the local dashboard.
Use With Any Memory Backend
ShieldCortex doesn't have to be your memory system — it can guard someone else's.
The ShieldCortexGuardedMemoryBridge wraps any external memory backend with the full 6-layer defence pipeline. Every write is scanned before it reaches your storage.
import {
ShieldCortexGuardedMemoryBridge,
MarkdownMemoryBackend
} from 'shieldcortex';
const bridge = new ShieldCortexGuardedMemoryBridge(
new MarkdownMemoryBackend('/path/to/MEMORY.md')
);
// Every write is scanned before it reaches your backend
const result = await bridge.save({
title: 'Database config',
content: 'Using PostgreSQL with connection pooling'
});
if (!result.allowed) {
console.log('Blocked:', result.defence.firewall.reason);
} MarkdownMemoryBackend
Any Markdown file
OpenClawMarkdownBackend
OpenClaw MEMORY.md format
ExternalMemoryBackend
Implement for custom backends
See Everything in One Dashboard
Every scan from every team member, across every device.
Audit Logs
Full forensic trail of every scan, with trust scores and threat classifications.
Threat Timeline
Visualise attacks as they happen across your entire team.
Device Tracking
See which machines are connected, their scan activity, and last seen times.
CLI Reference
Free to Start
Local (always free)
- ✓ Unlimited local scans
- ✓ Full 6-layer defence pipeline
- ✓ Persistent memory + semantic search
- ✓ Local dashboard + API
Cloud (free tier included)
- ✓ 500 scans/month
- ✓ 7-day audit retention
- ✓ 1 team member
- See Pro & Team plans →
Ready to Protect Your OpenClaw Agent?
Three commands. Under a minute. Free.