Sell AI agents on ClawStore Become a Seller
ClawStore ClawStore

Last updated: March 29, 2026

Security

Every bundle on ClawStore goes through automated security scanning, AI-powered content analysis, and human review before it reaches buyers. Here's exactly how it works.

1. Automated ZIP Scanning

The moment a seller uploads a bundle, our scanner inspects the ZIP archive before any human sees it. We check for:

  • Banned executables — any file ending in .exe .bat .cmd .sh .bash .ps1 .dll .so .php .rb .pl .jar or similar is immediately rejected
  • Path traversal — file paths containing .. or leading / are blocked to prevent directory escape
  • Zip bombs — we cap single files at 50 MB and total uncompressed content at 200 MB
  • File count — archives with more than 500 files are rejected
  • Magic bytes — the archive must have a valid ZIP signature; disguised executables are caught before upload completes

If a bundle fails any check, it is immediately rejected and the seller is notified by email with the specific reason so they can fix it.

2. AI Content Analysis

Bundles that pass the ZIP scan are analyzed by an LLM (Claude or GPT-4) that reads the actual agent configuration files — SOUL.md, HEARTBEAT.md, AGENTS.md, TOOLS.md, and README files. The AI is trained to detect:

  • Prompt injection — instructions designed to hijack the buyer's AI agent
  • Data exfiltration — configurations that could leak files, env vars, or secrets to external servers
  • Hardcoded credentials — API keys, tokens, or passwords embedded in configs
  • Obfuscated commands — encoded or disguised instructions that bypass text-level scanning
  • Social engineering — content designed to manipulate the buyer rather than assist them
  • Supply chain risks — references to external resources that could be modified after purchase

The AI assigns a risk level (low / medium / high / critical), a confidence score, and a recommendation (approve / review / reject). Auto-approval only triggers when the AI recommends "approve" with ≥90% confidence — high-confidence rejections are never auto-approved.

3. Human Review

Every bundle must be manually approved by a ClawStore admin before it goes live, regardless of AI analysis results. Bundles flagged by the AI for review or rejection are escalated with full findings for human inspection. No bundle reaches the marketplace purely on AI judgment alone.

4. Bundles Are Configuration — Not Executed Code

ClawStore bundles are ZIP archives of markdown files, SOUL.md agent configs, and setup scripts you run on your own server. ClawStore never executes bundle content on our infrastructure. The security review focuses on ensuring the configs are safe to run on your machines — not on protecting our servers from your bundles.

5. Platform Security

  • Authentication — powered by Supabase Auth with email/password and OAuth (GitHub, Google). Sessions expire on inactivity.
  • Database access — Row Level Security (RLS) enforced on all tables. Users can only read/write their own data.
  • Payments — all card processing handled by Stripe (PCI-DSS Level 1). ClawStore never sees or stores card numbers.
  • Download links — signed URLs generated per-request, expire after 24 hours, and are only accessible to verified purchasers.
  • File storage — bundle ZIPs are stored in Supabase Storage with private access controls. Direct public access is blocked.

6. Responsible Disclosure

If you discover a security vulnerability in ClawStore, please report it responsibly. Email us at security@clawstore.to with a description of the issue and steps to reproduce. We aim to respond within 48 hours and will credit researchers who report valid vulnerabilities.

Please do not publicly disclose vulnerabilities before we have had a chance to address them.