ShibaClaw is an open-source AI agent project, emphasizing self-hosting, security, and privacy. It provides a comprehensive framework for deploying AI agents with a built-in WebUI and support for 22 different AI providers and 11 chat channels. Key features include a three-level memory system, cron job scheduling, heartbeat monitoring, and a Multi-Agent Control Protocol (MCP).
Security is a core tenet of ShibaClaw, incorporating features such as CVE auditing during installation, prompt injection wrapping for tool results, SSRF and DNS rebinding protection, shell hardening, and workspace sandboxing. The project also includes bearer token authentication.
The latest release, v0.4.6, focuses on stability and security. It resolves a critical "Asterisk Merge" vulnerability in the configuration router, preventing API key corruption. Other fixes include hardening the Windows updater process, invalidating the update cache, and improving the update batch script. Additionally, the API documentation has been updated, and native Windows Toast Notifications have been integrated for the desktop application, alongside deduplicated agent notifications.
ShibaClaw is developed in Python and is designed to be portable and lightweight, with a standalone Windows executable available. It aims to provide a reliable and secure AI agent experience without extensive setup or maintenance.