2025-12-15 · Authensor

How to Secure AI Agents on DigitalOcean

SafeClaw by Authensor provides deny-by-default action gating for AI agents deployed on DigitalOcean. Whether you run agents on App Platform, Droplets, or DigitalOcean Kubernetes (DOKS), SafeClaw intercepts every action and validates it against your YAML policy before execution. It works with Claude, OpenAI, and all supported LLM providers. Install with npx @authensor/safeclaw and add application-level security controls to your DigitalOcean deployment.

Prerequisites

Step 1 — Install SafeClaw

npx @authensor/safeclaw

Zero dependencies, MIT-licensed, 446 tests. Generates safeclaw.config.yaml with deny-by-default and integrates into your runtime.

Step 2 — Define a DigitalOcean-Specific Policy

version: 1
defaultAction: deny


rules:
  - action: "file:read"
    path: "/app/**"
    effect: allow



- action: "file:write"
    path: "/tmp/**"
    effect: allow



- action: "network:request"
    host: "api.openai.com"
    effect: allow



- action: "network:request"
    host: "api.anthropic.com"
    effect: allow



- action: "network:request"
    host: "*.digitaloceanspaces.com"
    method: "GET"
    effect: allow



- action: "network:request"
    host: "*.digitaloceanspaces.com"
    method: "PUT"
    effect: deny
    reason: "Agent is read-only for Spaces"



- action: "network:request"
    host: "169.254.169.254"
    effect: deny
    reason: "Block Droplet metadata endpoint"



- action: "env:read"
    key: "DIGITALOCEAN_TOKEN"
    effect: deny



- action: "env:read"
    key: "DATABASE_*"
    effect: deny



- action: "shell:execute"
    effect: deny

Step 3 — Deploy on App Platform

DigitalOcean App Platform auto-detects Node.js projects. Create an .do/app.yaml spec:

name: ai-agent
services:
  - name: agent
    source_dir: /
    github:
      repo: your-org/ai-agent
      branch: main
      deploy_on_push: true
    build_command: npm ci && npx @authensor/safeclaw
    run_command: node agent.js
    instance_size_slug: basic-xxs
    instance_count: 1
    envs:
      - key: SAFECLAW_AUDIT_SINK
        value: stdout
      - key: NODE_ENV
        value: production

Deploy with:

doctl apps create --spec .do/app.yaml

Step 4 — Deploy on a Droplet

For VM-based deployments, include SafeClaw in your provisioning script:

#!/bin/bash
apt-get update && apt-get install -y nodejs npm
cd /opt/agent
npm ci --production
npx @authensor/safeclaw
node agent.js

Critical: Block the Droplet metadata endpoint. DigitalOcean Droplets expose metadata at 169.254.169.254, which can leak API tokens and SSH keys. SafeClaw blocks this at the application layer:

rules:
  - action: "network:request"
    host: "169.254.169.254"
    effect: deny
    reason: "Block metadata credential harvesting"

Combine this with a firewall rule via doctl for defense-in-depth.

Step 5 — Deploy on DigitalOcean Kubernetes (DOKS)

FROM node:20-slim
WORKDIR /app
COPY package*.json ./
RUN npm ci --production
COPY . .
RUN npx @authensor/safeclaw
CMD ["node", "agent.js"]

Mount the policy as a ConfigMap:

apiVersion: v1
kind: ConfigMap
metadata:
  name: safeclaw-policy
data:
  safeclaw.config.yaml: |
    version: 1
    defaultAction: deny
    rules:
      - action: "file:read"
        path: "/app/**"
        effect: allow
      - action: "network:request"
        host: "api.openai.com"
        effect: allow


apiVersion: apps/v1
kind: Deployment
metadata:
  name: ai-agent
spec:
  replicas: 2
  template:
    spec:
      containers:
        - name: agent
          image: registry.digitalocean.com/my-registry/ai-agent:latest
          volumeMounts:
            - name: policy
              mountPath: /app/safeclaw.config.yaml
              subPath: safeclaw.config.yaml
      volumes:
        - name: policy
          configMap:
            name: safeclaw-policy

Step 6 — Protect DigitalOcean Spaces Access

If your agent reads from Spaces (S3-compatible object storage) but should never write:

rules:
  - action: "network:request"
    host: "*.digitaloceanspaces.com"
    method: "GET"
    effect: allow
  - action: "network:request"
    host: "*.digitaloceanspaces.com"
    method: "PUT"
    effect: deny
  - action: "network:request"
    host: "*.digitaloceanspaces.com"
    method: "DELETE"
    effect: deny

Step 7 — Verify the Audit Trail

npx @authensor/safeclaw audit verify --last 100

SafeClaw's hash-chained audit log records every action attempt. Route it to DigitalOcean's monitoring or an external SIEM for long-term retention.

Related Pages

Try SafeClaw

Action-level gating for AI agents. Set it up in your browser in 60 seconds.

$ npx @authensor/safeclaw