Onyx AI just published the CLAW-10 Enterprise Readiness Matrix — the first structured framework for evaluating autonomous AI agents against enterprise requirements.
OpenClaw scored 1.2 out of 5. The enterprise threshold is 4.0.
Every dimension scored below threshold. But 4 of those 10 gaps can be addressed today.
The Scores
| # | Dimension | OpenClaw | With ClawMoat | Threshold |
|---|---|---|---|---|
| 1 | Identity & Authentication | 1/5 | 1/5 | 4 |
| 2 | Authorization & Access Control | 1/5 | 3/5 | 4.5 |
| 3 | Audit Logging & Observability | 2/5 | 4/5 | 4.5 |
| 4 | Data Isolation & Residency | 1/5 | 1.5/5 | 4 |
| 5 | Execution Sandboxing | 1/5 | 2/5 | 4.5 |
| 6 | Compliance Certifications | 1/5 | 1.5/5 | 4 |
| 7 | Supply Chain Security | 1/5 | 2.5/5 | 4 |
| 8 | Network Exposure | 2/5 | 3.5/5 | 4 |
| 9 | Privilege Model | 1/5 | 3.5/5 | 4 |
| 10 | Vendor Support | 1/5 | 1/5 | 3 |
| Composite | 1.2/5 | 2.2/5 | 4.0 |
ClawMoat raises the composite from 1.2 to 2.2. Not enterprise-ready yet, but a significant step.
The 4 Dimensions ClawMoat Addresses
Authorization & Access Control (1 → 3)
ClawMoat Host Guardian provides 4 permission tiers (observer/worker/standard/full) + 20+ forbidden zones that block access to ~/.ssh, ~/.aws, browser data, crypto wallets — regardless of tier.
Audit Logging & Observability (2 → 4)
Full audit trail of every file access, shell command, and network request. Credential file monitoring. Network egress logging. Real-time alerts via webhook/Slack/email. Exportable logs for compliance.
Privilege Model (1 → 3.5)
Least privilege enforced at the OS level. Tiered command blocking, file system restrictions, forbidden zones always active. Runtime tier switching without restart.
Supply Chain Security (1 → 2.5)
Skill integrity checker with hash-based verification + 14 suspicious pattern detectors. CLI: clawmoat skill-audit ~/.openclaw/skills/
What It Doesn't Fix
Honesty matters:
- Identity (1/5) — needs upstream fix
- Data Isolation (1/5) — needs VM-level separation
- Execution Sandboxing (1/5) — see ClawShell for process isolation
- Compliance Certs (1/5) — we generate reports, not certifications
The Defense Stack
| Layer | Tool | CLAW-10 Dimensions |
|---|---|---|
| Host Security | ClawMoat | Authorization, Audit, Privilege, Supply Chain |
| Process Isolation | ClawShell | Data Isolation, Sandboxing |
| Prompt Scanning | LlamaFirewall | Network Exposure |
| Enterprise Governance | Runlayer | Identity, Compliance |
No single tool gets OpenClaw to 4.0. Defense in depth is the only real answer.
Get Started
npm install -g clawmoat
clawmoat scan ~/.openclaw/
clawmoat skill-audit ~/.openclaw/skills/
clawmoat report
Zero dependencies. MIT licensed. 142 tests.
- GitHub
- Full analysis with detailed scoring
- ClawMoat for Business — managed setup in under an hour
Sources: Onyx AI CLAW-10 · Microsoft Security Blog · Cato Networks
Top comments (0)