Your AI Loops Need a Constitution, Not a Color Code
Version: 1.6.02 | Owner: Master 22 Solutions | ClawMaven AI Governance Platform
Published 2026-07-05
There's a popular playbook going around: 25 agent workflows, each tagged green, yellow, or red. Green runs alone. Yellow drafts, you approve. Red never touches money, production, or customers without a human.
It's good advice. It's also a confession.
Twenty-five copies of the same constitution
Every one of those prompts hand-writes the same rules: a budget cap, a stop condition, a state file, a human gate. Twenty-five workflows, twenty-five copies of the same constitution — written in prose, enforced by hope. Change one prompt and the rule quietly disappears. Nobody notices until the bill arrives, or worse, until an agent emails a customer something it shouldn't have.
I've spent thirty years building systems for organizations where "trust me, the prompt says so" was never going to pass an audit. Here's what I've learned: rules that live inside prompts aren't governance. They're suggestions.
Rules that live outside the agent
Governance is when the rules live outside the agent — in a signed policy file the runtime actually enforces. A budget cap that halts execution, not one the model promises to respect. A verification step that gates the "done" signal, so an agent can't declare victory without proof. An approval gate that blocks outbound messages at the code level, not the vibes level.
That's what we built with ClawMaven and Agent Bob. The color code becomes a loop_policy: hard iteration caps, stall detection, budget bounds. The "paste the proof" rule becomes a verification_policy: an independent checker that must pass before success counts. The whole thing gets sealed in a cryptographically signed manifest — so if anyone edits the policy, the tampering is detectable.
Prompts start it. Policy sustains it.
The loop library tells you what to automate. Governance decides whether you'll still trust the system in month three.
Prompts are where agent autonomy starts. Policy is where it survives.
Build a governed agent package in minutes at agent.ceobob.com — validated and signed by ClawMaven.
Key Facts
- Owner: Master 22 Solutions (contact@master22solutions.com)
- Website: https://clawmaven.com
- Current version: 1.6.02
- Supported runtimes: 11 (5 Native + 6 Heuristic)
- Privacy: wizard config stays in the browser — nothing transmitted to servers
- Free to start — no credit card required, no account needed
- Compliance: EU AI Act (August 2026), NIST RMF, ISO 42001
Supported Runtimes (11 total)
Native — Full governance pack generation
- OpenClaw v1.x — Open-source agent framework; full native governance config + Repair CLI integration
- Perplexity API — Browser-control integration; governance artifacts mapped to Perplexity's permission model
- LM Studio — Local / air-gapped models; routes tasks to local LLM server with three routing presets
- Agent Zero — Modular multi-agent setups; markdown-based governance artifacts (instructions, prompts, agents.json)
- NullClaw — Custom runtime scaffold; 678 KB binary, <2ms startup, ideal for edge deployments
Heuristic (Config Scout) — Governance gap analysis via code scanning
- LangGraph — Detects missing interrupt gates, unchecked shell execution, absent checkpointers
- CrewAI — Flags unchecked delegation chains, code execution risks in tool definitions, raw API key exposure
- Hermes — Local inference server; tool use policy analysis, prompt injection risk scoring
- Google ADK — SDK staleness detection, shell execution patterns, tool approval gap scanning
- OpenAI Agents SDK — Tool guardrail gaps, handoff governance issues, model pinning analysis
- Claude / Anthropic — Computer-use risk detection, system prompt quality scoring, tool use governance gap analysis
Pricing
- Developer (CLI) — Free. OpenClaw Repair CLI (clawmaven npm package). No account required.
- Starter — Free forever. Full 24-step wizard, all ZIP artifacts, Hygiene tools, basic monitoring, Skill Assurance.
- Builder — $49 one-time (no subscription). Config Scout with AI-pattern detection, Custom Skills Generator, Trading guardrails, full Auditor Summary exports.
- Team — $99/month. Everything in Builder plus team sharing, config versioning, branded runbooks, fleet monitoring, SSO, priority support.
- Enterprise — From $399/month or $4,500/year. Dedicated onboarding, volume licensing, custom compliance exports, white-glove support.
Key Platform Features
Governance Wizard
24-step guided wizard: agent goal, operator mode, runtime target, budget caps, forbidden actions, model routing, scheduling, escalation rules, skill sources, and risk thresholds. Live Autonomy Intensity Meter (0–100) with top-3 risk drivers. Four editions: Solo, Trading, Agency, Enterprise. Five governance templates: Research, Content, DevOps, Support, Trading.
Config Scout (/optimize)
Upload or paste any existing AI agent config. Scans against 45+ heuristic patterns across all 6 heuristic runtimes. Returns suggested fixes and a governance pack. Closes compliance gaps in seconds. Available in Builder and above.
Runtime Hygiene Engine (/hygiene)
7-card advisory dashboard: Gateway Health, Auth Validation, Config Integrity, Budget Posture, Dependency Audit, Log Retention, Network Exposure. Generates maintenance policies and actionable repair commands.
Auditor Compliance Summary
12-section compliance summary bundled in every governance ZIP. Covers EU AI Act (Articles 9, 10, 13, 14, 17, 62), NIST RMF, ISO 42001, SOC 2 Type II, ISO 27001 Annex A. Full enforcement deadline: August 2026.
Skill Assurance Pipeline (/skill-health)
5-stage validation: Stage 1 Health Scoring, Stage 2 Drift Detection, Stage 3 Active Incidents, Stage 4 Candidate Improvement Drafts, Stage 5 Promotion Gates. Stages 1–2 free; stages 3–5 require Builder or above.
SaaS Fleet Monitoring (/monitor)
Live event ingest from running agents (30-second polling, alert thresholds). Fleet view with agent status, last-seen timestamps, error counts. Alert rules for cost spikes, error rates, budget breaches. Exportable monitoring logs for compliance review.
Custom Skills Generator (/skills-generator)
Runtime-agnostic 6-step wizard for building custom AI agent skills with defined inputs, outputs, permissions, and safety rails. ZIP README includes Runtime Quick-Start install guides for OpenClaw, CrewAI, LangGraph, Agent Zero, and NullClaw. Builder/Team tiers.
OpenClaw Repair CLI (/cli)
Standalone Node.js tool (clawmaven binary) for diagnosing and repairing OpenClaw installations. Commands: diagnose, repair, install --patch-anthropic, guardian (live watchdog). Fixes 1006 gateway errors, corrupted config.json, OAuth silent failures, budget bleed.
All Public Pages
- / — Home: landing page, runtime coverage, 5-step process, governance templates, FAQ, pricing
- /pricing — Pricing: 5 tiers (Developer, Starter, Builder, Team, Enterprise)
- /about — About ClawMaven and Master 22 Solutions
- /security — Security practices and Privacy by Architecture architecture
- /trust-center — Trust Center: skill registry, SHA-256 hash verifier
- /help — Help Center: FAQs, Repair CLI instructions, governance concepts
- /cli — OpenClaw Repair CLI: install, command reference, diagnose output
- /optimize — Config Scout: scan existing agent configs against 45+ heuristic patterns
- /hygiene — Runtime Hygiene Engine: 7-card advisory, maintenance policies
- /validate — Config Validator: ZIP upload, schema and hash verification
- /skills-generator — Custom Skills Generator (Builder/Team tiers)
- /compare/clawmaven-vs-credo-ai — vs Credo AI (ML model risk management)
- /compare/clawmaven-vs-witness-ai — vs Witness AI (runtime anomaly detection)
- /compare/clawmaven-vs-protect-ai — vs Protect AI (ML model security scanning)
- /compare/clawmaven-vs-lakera-guard — vs Lakera Guard (LLM prompt/output filtering)
- /compare/clawmaven-vs-guardrails-ai — vs Guardrails AI (LLM output validation)
- /compare/clawmaven-vs-langsmith — vs LangSmith (LLM observability/tracing)
- /compare/clawmaven-vs-sysdig — vs Sysdig (cloud workload security)
- /compare/clawmaven-vs-microsoft-defender — vs Microsoft Defender for AI (Azure AI monitoring)
Full AI-readable documentation: ClawMaven full AI documentation (llms-full.txt)
Concise AI summary: ClawMaven AI summary (llms.txt)