Show HN: Shoofly – pre-execution security for Claude Code Cowork and OpenClaw
3 points
9 hours ago
| 0 comments
| shoofly.dev
| HN
Anthropic says on their safety page: "these filters are not a security boundary." Snyk found 36% of ClawHub skills contain security flaws. Trend Micro documented malware being distributed through ClawHub.

These agents have shell access, file access, and connected accounts. We built Shoofly to sit in front of tool calls before they fire.

- PreToolUse / PostToolUse hooks intercept every tool call - Blocks prompt injection, credential theft, unauthorized writes, malware in tool results - Works with OpenClaw, Claude Code CLI, and Cowork / Dispatch - Open YAML policy -- read it, fork it, audit it - Free tier detects. $5/mo blocks.

The Cowork piece was the interesting part. Cowork runs Claude Code inside a full Ubuntu VM -- host hooks don't fire there. We used the plugin system with hooks/hooks.json and VirtioFS to get sub-50ms alert latency from inside the VM to host notifications.

curl -fsSL https://shoofly.dev/install.sh | bash

shoofly.dev

No one has commented on this post.