AI agents that can browse the web, execute code, and access your tools need serious guardrails. Here's how we build them.
Every KiwiClaw agent runs on its own dedicated Fly.io virtual machine. No shared containers. No noisy neighbors. No cross-tenant data leakage.
Each VM is a Firecracker microVM with its own kernel, filesystem, and network namespace. Your agent's data, configuration, and conversation history are completely isolated from every other tenant.
Browser automation and code execution happen inside podman containers — sandboxed from the host VM. If your agent runs a Python script or controls a headless browser, it happens in an isolated environment that can't touch the host system.
This is a security boundary within a security boundary. Even if code execution goes wrong, the blast radius is contained to a disposable container.
341 malicious skills have been found in the OpenClaw ecosystem. Skills that exfiltrate data, install backdoors, or run cryptominers. If you self-host, you're on your own to vet them.
KiwiClaw's skills marketplace scans every skill for malicious code before it's available to install. We check for data exfiltration patterns, unauthorized network calls, filesystem access, and known malware signatures. Only vetted skills make it to the marketplace.
All data is encrypted in transit (TLS 1.3) and at rest. API keys provided by BYOK users are encrypted with AES-256-GCM before storage — we can't read them, and they're never exposed in logs or config files.
Managed LLM users never see or handle API keys at all. Their requests are authenticated via per-tenant JWTs and routed through our internal LLM proxy. Pooled API keys live only in the proxy and are never exposed to tenant machines.
Every action your agent takes is logged. Every conversation, every skill invocation, every web browse, every code execution. Searchable, filterable, exportable.
Basic audit logs are available on all plans. Enterprise gets full audit logs with retention policies, export to SIEM tools, and compliance-ready formatting.
Enterprise teams get RBAC with granular permissions. Admins configure agents and skills. Members can chat and use the agent. Viewers can read conversation history but not interact.
Invite teammates, assign roles, control who can do what. No more sharing a single login or worrying about interns accidentally reconfiguring the agent.
Choose where your data lives. US data residency is available on all plans. EU data residency is available on Enterprise. Unlike competitors hosted in China, we give you full control over jurisdiction.
All compute, storage, and LLM processing happens in your chosen region. No data crosses regional boundaries without your explicit configuration.
We're building toward SOC 2 Type II, HIPAA, and GDPR compliance. Enterprise customers get access to our Data Processing Agreement (DPA), compliance documentation, and dedicated support for security reviews.
No self-hosted OpenClaw deployment offers these out of the box. With KiwiClaw Enterprise, your compliance team gets the documentation and controls they need to approve AI agent deployment.
Found a vulnerability? We take security reports seriously and respond within 24 hours.
Email hi@kiwiclaw.app with details. Include steps to reproduce, impact assessment, and your contact information. We'll acknowledge receipt within 24 hours and provide a timeline for resolution.
We do not pursue legal action against researchers who report in good faith.
Every KiwiClaw agent runs on its own dedicated Fly.io virtual machine -- a Firecracker microVM with its own kernel, filesystem, and network namespace. No shared containers, no noisy neighbors, and no cross-tenant data leakage. Your data is completely isolated from every other tenant.
Yes. Code execution and browser automation happen inside Podman containers sandboxed from the host VM. This creates a security boundary within a security boundary. Even if code execution goes wrong, the blast radius is contained to a disposable container with no access to the host system.
KiwiClaw is building toward SOC 2 Type II, HIPAA, and GDPR compliance. Enterprise customers get access to Data Processing Agreements, compliance documentation, RBAC, audit logs, and data residency options. This provides the controls compliance teams need to approve AI agent deployment.
KiwiClaw operates a vetted skills marketplace. Every skill is reviewed for malicious code before listing -- scanning for data exfiltration patterns, unauthorized network calls, filesystem access, and known malware signatures. This addresses the 341+ malicious skills discovered in the OpenClaw ecosystem.
Every KiwiClaw agent runs in an isolated VM with encrypted data, vetted skills, and audit logging. No configuration required.