2026-01-21 · Authensor

Open Source AI Agent Safety

SafeClaw's client is 100% open source under the MIT license, built in TypeScript strict mode with 446 tests and zero third-party dependencies. Every line of code that evaluates your agent's actions, enforces your policies, and records your audit trail is available for inspection. For a tool that gates every action your AI agent takes, this level of auditability is not a feature — it is a requirement.

Why Open Source Matters for Agent Safety Tools

An agent safety tool occupies the most privileged position in your stack. It intercepts every action your AI agent attempts: every file read, every file write, every shell command, every network request. It decides which actions proceed and which are blocked. A closed-source tool in this position asks you to trust, without verification, that:

It actually enforces the policies you configure
It does not exfiltrate your action data to third parties
It has no vulnerabilities in its evaluation logic
It does not include telemetry that leaks sensitive metadata
Its dependency chain is free of compromised packages

With an open-source tool, you verify instead of trust. You read the policy evaluation logic. You confirm what data leaves your machine. You audit the test suite. You grep for network calls. This is not theoretical — it is how security professionals evaluate tools that operate at the enforcement layer.

SafeClaw's Open Source Credentials

| Property | Detail |
|---|---|
| License | MIT (permissive, no restrictions on commercial use) |
| Source availability | 100% client source published |
| Language | TypeScript (strict mode enabled) |
| Test count | 446 tests |
| Third-party dependencies | Zero |
| Build system | Standard TypeScript compilation |
| Dependency audit surface | None — no node_modules to audit |

Zero Third-Party Dependencies

SafeClaw's client has zero npm dependencies. This is the most consequential technical decision in its architecture. Every security tool with dependencies inherits the security posture of its entire dependency tree. A single compromised package in node_modules can intercept action data, modify policy decisions, or exfiltrate credentials.

With zero dependencies, SafeClaw eliminates this attack surface entirely. There is no package-lock.json to review, no transitive dependency to vet, no supply chain attack vector. The code that runs on your machine is the code in the repository.

446 Tests in TypeScript Strict Mode

TypeScript strict mode enables strictNullChecks, noImplicitAny, strictFunctionTypes, and all related compiler checks. This eliminates entire categories of runtime errors at compile time. The 446-test suite covers policy evaluation, rule matching, audit trail integrity, action type handling, and edge cases.

What the Control Plane Sees

SafeClaw's control plane receives only action metadata: action type, path or domain, policy decision, and timestamp. It never receives file contents, command output, API responses, credentials, or customer data. You can verify this by reading the client's network calls in the source code. The data boundary is enforced architecturally, not by policy.

Comparing Open Source vs Closed Source Agent Safety

| Aspect | Open Source (SafeClaw) | Closed Source Alternatives |
|---|---|---|
| Policy enforcement verification | Read the evaluation code | Trust vendor documentation |
| Data exfiltration risk | Audit all network calls in source | Cannot verify what data is sent |
| Dependency supply chain | Zero dependencies — no attack surface | Typically 50-200+ transitive deps |
| Vulnerability discovery | Community + internal review | Vendor-only review |
| Telemetry transparency | Inspect all outbound data in code | Opt-out toggles (if available) |
| Licensing | MIT — use anywhere, modify freely | Proprietary, usage restrictions |
| Self-hosting | Fork and deploy independently | Vendor lock-in |

How to Evaluate SafeClaw's Source

Read the policy engine. The evaluation logic implements first-match-wins against your deny-by-default rules. Verify that the matching algorithm is correct and that the default deny is enforced when no rule matches.

Inspect network calls. Confirm that the client sends only action metadata (type, path, decision) to the control plane. Verify that no file contents, command outputs, or environment variables are transmitted.

Run the test suite. Execute the 446 tests locally. Verify that policy evaluation, audit trail hashing, and action type routing all pass under TypeScript strict mode.

Grep for telemetry. Search the codebase for any data collection beyond action metadata. Confirm there are no analytics SDKs, tracking pixels, or hidden reporting endpoints.

Getting Started with SafeClaw

npx @authensor/safeclaw

Get your free API key at safeclaw.onrender.com — 7-day renewable, no credit card required. The browser dashboard includes a setup wizard for generating your first policy. Run in simulation mode to test, then switch to enforce mode when ready.

SafeClaw is built by Authensor. The free tier includes the full policy engine, all four action types (file_write, file_read, shell_exec, network), simulation mode, tamper-proof audit trail (SHA-256 hash chain), and the browser dashboard. Sub-millisecond policy evaluation ensures your agent is not slowed down.

Cross-References

Try SafeClaw

Action-level gating for AI agents. Set it up in your browser in 60 seconds.

$ npx @authensor/safeclaw