Defense-in-depth across gateway access, secret storage, memory, and trading.
DragonClaw is designed to be private by default.
Its security model assumes the agent runs on infrastructure you control.
Local-first data storage
Explicit gateway authentication
Layered rate limiting
Least-privilege API keys
Confirmation before trading
No withdrawal support
Gateway token auth
Nginx edge protection
Local bind by default
Structured validation for incoming requests
Encrypted secrets at rest
Persistent but local memory storage
DragonClaw only sends data out when a provider call, exchange call, or user skill requires it.
Everything else stays inside your own runtime and storage.
Last updated 2 hours ago
