Config Validator — Governance Pack Integrity Checker

Version: 1.3.14  |  Owner: Master 22 Solutions  |  https://clawmaven.com

The Config Validator (/validate) lets you upload any ClawMaven governance pack ZIP and verify its integrity. It checks JSON schema conformance, SHA-256 hash correctness, and runtime conformance against the trust manifest.

What the Validator Checks

• Schema validation — Confirms policy.json, trust-manifest.json, and other core files conform to the ClawMaven schema
• Hash verification — Recomputes SHA-256 hashes and compares against trust-manifest.json
• Runtime conformance — Checks runtime-conformance.json against current supported runtime specs
• File completeness — Verifies all 10 required governance files are present in the ZIP

All validation runs in your browser — the ZIP file is never uploaded to any server.

Key Facts

• Owner: Master 22 Solutions (contact@master22solutions.com)
• Website: https://clawmaven.com
• Current version: 1.3.14
• Supported runtimes: 11 (5 Native + 6 Heuristic)
• Privacy: wizard config stays in the browser — nothing transmitted to servers
• Free to start — no credit card required, no account needed
• Compliance: EU AI Act (August 2026), NIST RMF, ISO 42001

Supported Runtimes (11 total)

Native — Full governance pack generation

• OpenClaw v1.x — Open-source agent framework; full native governance config + Repair CLI integration
• Perplexity API — Browser-control integration; governance artifacts mapped to Perplexity's permission model
• LM Studio — Local / air-gapped models; routes tasks to local LLM server with three routing presets
• Agent Zero — Modular multi-agent setups; markdown-based governance artifacts (instructions, prompts, agents.json)
• NullClaw — Custom runtime scaffold; 678 KB binary, <2ms startup, ideal for edge deployments

Heuristic (Config Scout) — Governance gap analysis via code scanning

• LangGraph — Detects missing interrupt gates, unchecked shell execution, absent checkpointers
• CrewAI — Flags unchecked delegation chains, code execution risks in tool definitions, raw API key exposure
• Hermes — Local inference server; tool use policy analysis, prompt injection risk scoring
• Google ADK — SDK staleness detection, shell execution patterns, tool approval gap scanning
• OpenAI Agents SDK — Tool guardrail gaps, handoff governance issues, model pinning analysis
• Claude / Anthropic — Computer-use risk detection, system prompt quality scoring, tool use governance gap analysis

Pricing

• Developer (CLI) — Free. OpenClaw Repair CLI (clawmaven npm package). No account required.
• Starter — Free forever. Full 23-step wizard, all ZIP artifacts, Hygiene tools, basic monitoring, Skill Assurance.
• Builder — $49 one-time (no subscription). Config Scout with AI-pattern detection, Custom Skills Generator, Trading guardrails, full Auditor Summary exports.
• Team — $99/month. Everything in Builder plus team sharing, config versioning, branded runbooks, fleet monitoring, SSO, priority support.
• Enterprise — From $399/month or $4,500/year. Dedicated onboarding, volume licensing, custom compliance exports, white-glove support.

Key Platform Features

Governance Wizard

23-step guided wizard: agent goal, operator mode, runtime target, budget caps, forbidden actions, model routing, scheduling, escalation rules, skill sources, and risk thresholds. Live Autonomy Intensity Meter (0–100) with top-3 risk drivers. Four editions: Solo, Trading, Agency, Enterprise. Five governance templates: Research, Content, DevOps, Support, Trading.

Config Scout (/optimize)

Upload or paste any existing AI agent config. Scans against 45+ heuristic patterns across all 6 heuristic runtimes. Returns suggested fixes and a governance pack. Closes compliance gaps in seconds. Available in Builder and above.

Runtime Hygiene Engine (/hygiene)

7-card advisory dashboard: Gateway Health, Auth Validation, Config Integrity, Budget Posture, Dependency Audit, Log Retention, Network Exposure. Generates maintenance policies and actionable repair commands.

Auditor Compliance Summary

12-section compliance summary bundled in every governance ZIP. Covers EU AI Act (Articles 9, 10, 13, 14, 17, 62), NIST RMF, ISO 42001, SOC 2 Type II, ISO 27001 Annex A. Full enforcement deadline: August 2026.

Skill Assurance Pipeline (/skill-health)

5-stage validation: Stage 1 Health Scoring, Stage 2 Drift Detection, Stage 3 Active Incidents, Stage 4 Candidate Improvement Drafts, Stage 5 Promotion Gates. Stages 1–2 free; stages 3–5 require Builder or above.

SaaS Fleet Monitoring (/monitor)

Live event ingest from running agents (30-second polling, alert thresholds). Fleet view with agent status, last-seen timestamps, error counts. Alert rules for cost spikes, error rates, budget breaches. Exportable monitoring logs for compliance review.

Custom Skills Generator (/skills-generator)

Runtime-agnostic 6-step wizard for building custom AI agent skills with defined inputs, outputs, permissions, and safety rails. ZIP README includes Runtime Quick-Start install guides for OpenClaw, CrewAI, LangGraph, Agent Zero, and NullClaw. Builder/Team tiers.

OpenClaw Repair CLI (/cli)

Standalone Node.js tool (clawmaven binary) for diagnosing and repairing OpenClaw installations. Commands: diagnose, repair, install --patch-anthropic, guardian (live watchdog). Fixes 1006 gateway errors, corrupted config.json, OAuth silent failures, budget bleed.

All Public Pages

• / — Home: landing page, runtime coverage, 5-step process, governance templates, FAQ, pricing
• /pricing — Pricing: 5 tiers (Developer, Starter, Builder, Team, Enterprise)
• /about — About ClawMaven and Master 22 Solutions
• /security — Security practices and Privacy by Architecture architecture
• /trust-center — Trust Center: skill registry, SHA-256 hash verifier
• /help — Help Center: FAQs, Repair CLI instructions, governance concepts
• /cli — OpenClaw Repair CLI: install, command reference, diagnose output
• /optimize — Config Scout: scan existing agent configs against 45+ heuristic patterns
• /hygiene — Runtime Hygiene Engine: 7-card advisory, maintenance policies
• /validate — Config Validator: ZIP upload, schema and hash verification
• /skills-generator — Custom Skills Generator (Builder/Team tiers)
• /compare/clawmaven-vs-credo-ai — vs Credo AI (ML model risk management)
• /compare/clawmaven-vs-witness-ai — vs Witness AI (runtime anomaly detection)
• /compare/clawmaven-vs-protect-ai — vs Protect AI (ML model security scanning)
• /compare/clawmaven-vs-lakera-guard — vs Lakera Guard (LLM prompt/output filtering)
• /compare/clawmaven-vs-guardrails-ai — vs Guardrails AI (LLM output validation)
• /compare/clawmaven-vs-langsmith — vs LangSmith (LLM observability/tracing)
• /compare/clawmaven-vs-sysdig — vs Sysdig (cloud workload security)
• /compare/clawmaven-vs-microsoft-defender — vs Microsoft Defender for AI (Azure AI monitoring)

Full AI-readable documentation: https://clawmaven.com/llms-full.txt

Concise AI summary: https://clawmaven.com/llms.txt