Comprehensive security platform that protects AI agents at every layer โ endpoint monitoring, real-time interception, policy enforcement, compliance breach detection, DLP, and LLM response inspection. Install once, everything is automatic. Zero code changes.
We launched Breach Intel as a standalone compliance audit layer. Sentinel is the full security platform that includes Breach Intel and adds seven more defense layers around it.
| Capability | Breach Intel | Sentinel |
|---|---|---|
| Compliance breach detection | ✓ 40+ types, 3 verticals | ✓ Included (same engine) |
| SHA-256 immutable audit log | ✓ | ✓ Included |
| Auto-instrumentation (sitecustomize.py) | ✓ | ✓ Included |
| Prompt injection blocking | — | ✓ 3-layer analysis (<1ms / <50ms / LLM) |
| DLP & content scanning | — | ✓ 9 scanners + LLM classification |
| LLM response proxy (cost/latency/tokens) | — | ✓ 16-model pricing table |
| Endpoint monitoring | — | ✓ 5 monitors (process, behavioral, file, honeypot, privilege) |
| OpenClaw plugin (8 hooks) | 1 hook (message:sent) | ✓ 8 hooks + 2 secure tools |
| Block rules engine | — | ✓ keyword / regex / recipient / channel |
| Channel security (Telegram, WhatsApp, etc.) | — | ✓ message_sending + before_message_write |
| Honeypot traps | — | ✓ Decoy .env, .aws/credentials, .ssh/id_rsa |
| Hardened Docker containers | — | ✓ seccomp, cap_drop, read-only rootfs |
| Unified dashboard | Breach dashboard only | ✓ 6 tabs: Overview, Live Events, Traces, Breaches, Rules, Settings |
| Trace visualization & cost tracking | — | ✓ Expandable span trees, per-model cost |
| Background services (auto-start on boot) | Docker only | ✓ LaunchAgent (macOS) / systemd (Linux) |
In short: Breach Intel answers "what compliance violations did my AI commit?" โ Sentinel answers that and "how do I prevent them from happening in the first place?" Think of Breach Intel as one layer inside Sentinel. If you're already using Breach Intel, Sentinel wraps it with prompt blocking, DLP, endpoint monitoring, channel security, and a unified dashboard.
Sentinel combines five previously separate tools into a single platform. Every layer works together, every event feeds the same dashboard.
| Layer | What | How |
|---|---|---|
| Endpoint Monitoring | Detect malicious processes, behavioral anomalies, file access | 5 concurrent monitors |
| Policy Engine | Block dangerous prompts, tool calls, LLM responses | 3-layer analysis (regex + rules + LLM) |
| Breach Compliance | Detect PII leaks, card exposure, HIPAA violations, scope creep | Rule-based <1ms, 3 verticals |
| DLP & Content Analysis | Detect PII, credentials, financial data in content | 9 scanners + LLM classification |
| LLM Proxy | Intercept LLM responses, enforce block rules, track cost/latency | HTTP reverse proxy with tracing |
| Auto-Instrumentation | Monitor any Python agent with zero code changes | Monkey-patches OpenAI/Anthropic/LangChain |
| OpenClaw Plugin | Enforce security at 8 hook points inside the agent | Unified TypeScript plugin |
| Channel Security | Block PII/credentials from reaching Telegram/WhatsApp/Discord/Slack | message_sending hook + block rules |
message_received, before_tool_call, after_tool_call, before_prompt_build, llm_input, llm_output, message_sending, before_message_write.
Layer 0: pattern matching (<1ms). Layer 1: weighted risk scoring (<50ms). Layer 2: local Ollama LLM for ambiguous cases (1-5s).
Every breach record is checksummed and chained. No UPDATE or DELETE. Tamper detection runs automatically.
Sits between agent and LLM APIs. Measures latency, extracts tokens, computes cost (16-model pricing), enforces block rules.
Overview, Live Events, Traces, Breach Monitor, Block Rules, Settings โ real-time SSE, click-to-inspect, severity heatmaps.
Persistent sitecustomize.py hook patches OpenAI, Anthropic, and LangChain at import time. No code changes ever.
keyword, regex, recipient, channel block rules. Seed defaults for passwords, API keys, SSNs, credit cards. CLI management.
Decoy files at ~/.honeypot/.env, .aws/credentials, .ssh/id_rsa โ any access triggers an immediate alert.
Non-root, read-only rootfs, cap_drop: ALL, no-new-privileges, custom seccomp profile. 9-point verification script.
All services start on boot via LaunchAgent. Auto-instrumentation hooks into every Python process. Nothing to configure.
| Service | Port | Auto-starts? | Purpose |
|---|---|---|---|
| OpenClaw Gateway | 18789 | Yes (LaunchAgent) | AI agent runtime with 8 security hooks |
| Policy Engine | 8000 | Yes (LaunchAgent) | Prompt analysis, DLP, unified dashboard |
| Breach Intel | 8081 | Yes (LaunchAgent) | Compliance breach classification & audit |
| LLM Proxy | 18790 | Yes (LaunchAgent) | Intercept & inspect LLM API responses |
| Auto-Instrumentation | โ | Yes (sitecustomize.py) | Monkey-patch all LLM frameworks |
| OpenClaw Plugin | โ | Yes (loaded by gateway) | 8-hook + 2-tool security enforcement |
Fintech (PCI-DSS, SOX, GDPR), Healthcare (HIPAA, 42 CFR Part 2), Pharma (FDA 21-CFR Part 11, ICH-E6, GMP). Rule-based, deterministic, <1ms detection.
Five repos unified into a single platform. Every component talks to every other.
Sentinel unifies code from five repositories into a single, cohesive platform.
| Source | What It Contributed |
|---|---|
| log-prompt-agent | Real-time interception, LLM proxy, block rules, content analyzer, plugin system |
| security-plugin-junaid | FastAPI policy engine, 3-layer detection, dashboards |
| SecurityAgent | Endpoint monitoring, scanners, secure filesystem, alerting, Docker, tests |
| openclaw (upstream) | llm_input / llm_output hook compatibility |
| breach-intel | Compliance monitoring, multi-vertical classifiers, immutable audit log, SDK, auto-instrumentation |
The installer does everything: configures the gateway, installs hooks, seeds block rules, generates credentials, starts services, and sets up auto-start on boot.
Install in minutes. Zero code changes. Every agent monitored. Every breach logged.