Lightweight, local-first behavioral analysis and kinetic response system for Agentic AI infrastructure. Powered by a probabilistic Gemma 4 LLM judge.
🦞 ButterClaw Reasoning Engine v0.4.0 is ONLINE.
Database: /opt/butterclaw.db
Active Model: gemma4:e4b
📡 [MCP] Initiating v0.4 Handshake Sequence...
✅ [MCP] Handshake complete. 5 tools armed.
============================================================
📥 [HTTP POST RECEIVED] Live Gateway Log
Payload: Origin: wss://malicious-vibe.net attempting to bind...
🧠 [HTTP 200 OK] Model returned CRITICAL (92%) in 1.4s.
☢️ [MCP TOOL] execute_gibson_kill: Hunting unautclated process...
🧈 [MCP TOOL] rotate_keys: TARGET KEYS BUTTERED.
============================================================
A 6-Node Decoupled Architecture
Traditional security perimeters fail when authorized AI Agents are compromised. ButterClaw enforces **Evaluation before Execution**.
watcher.py
A high-speed Python daemon tailing raw OS-level logs. Features a 4096-character context window to capture deeply embedded Prompt Injections before dispatching them to the brain.
Gemma 4:e4b
The localized reasoning engine. Running at a precise 0.3 temperature for adaptive semantic reasoning, it acts as a probabilistic judge to identify obfuscated threats.
server.py
The central nervous system. A Flask middleware router and MCP process manager. It parses JSON intelligence and manages the MCP child process lifecycle with dedicated reader threads.
buttervault.py
Zero-trust credential storage. API keys are AES-encrypted using the OS-native Credential Locker. Instantly overwrites ciphertext with garbage if a breach is detected.
butterclaw_mcp.py
The MCP Execution Layer — a JSON-RPC 2.0 stdio server speaking Model Context Protocol. Exposes 5 dynamic tools via the tools/list handshake for kinetic OS-level responses.
routing.html
An XSS-safe, SSE-driven control panel. Visualizes the logic gate trace, and now features a live MCP badge and full observability panel for process ping, restart, and tool inspection.
ButterClaw doesn't just block known vulnerabilities. It uses probabilistic reasoning to assess the *intent* of an action. You control how aggressive the response should be.
Only blocks known 1-click RCE payloads. Background scanning is relaxed. API keys remain static.
Actively monitors SDK logs for plaintext token leaks and weird port sniffing attempts.
If an external origin breathes on a monitored port, ButterClaw instantly shreds Vault ciphertext and triggers an MCP SIGKILL.
[Gate: Origin] [92% Confidence] External origin wss://malicious.net detected binding to local ports.
Action: execute_gibson_kill | rotate_keys
Status: Armed | Ping: 12ms | Active Tools: 5
Tools: scan_port, log_event, system_status...
ButterClaw v0.4 is open-source. Clone the repo, pull the Gemma 4 model, and arm the Vault.
View on GitHub