ClawSecurity is the first open-source platform built specifically for this threat model. It runs outside the agent's trust boundary as a separate system-level process, so a compromised agent cannot disable its own security monitoring. It provides real-time monitoring across four surfaces (file system, process, network, output), 50+ prompt injection detection patterns, 30+ secret detection patterns, supply chain verification, data loss prevention, a programmable policy engine with five enforcement rails, and SIGSTOP/SIGKILL quarantine to pause or terminate rogue agents instantly.