diff --git a/docs/gateway/security/index.md b/docs/gateway/security/index.md index 87a44f8e6..05df56c23 100644 --- a/docs/gateway/security/index.md +++ b/docs/gateway/security/index.md @@ -28,7 +28,7 @@ It flags common footguns (Gateway auth exposure, browser control exposure, eleva Running an AI agent with shell access on your machine is... *spicy*. Here’s how to not get pwned. -Clawdbot is both a product and an experiment: you’re wiring frontier-model behavior into real messaging surfaces and real tools. **There is no “perfectly secure” setup.** The goal is to be deliberate about: +Moltbot is both a product and an experiment: you’re wiring frontier-model behavior into real messaging surfaces and real tools. **There is no “perfectly secure” setup.** The goal is to be deliberate about: - who can talk to your bot - where the bot is allowed to act - what the bot can touch @@ -747,7 +747,7 @@ Mario asking for find ~ ## Reporting Security Issues -Found a vulnerability in Clawdbot? Please report responsibly: +Found a vulnerability in Moltbot? Please report responsibly: 1. Email: security@clawd.bot 2. Don't post publicly until fixed diff --git a/docs/security/formal-verification.md b/docs/security/formal-verification.md index 08431dc5d..9b9bdb268 100644 --- a/docs/security/formal-verification.md +++ b/docs/security/formal-verification.md @@ -10,7 +10,7 @@ This page tracks Moltbot’s **formal security models** (TLA+/TLC today; more as > Moltbot was formerly named Clawdbot; some older references and commands may still use `clawdbot`. -**Goal (north star):** provide a machine-checked argument that Clawdbot enforces its +**Goal (north star):** provide a machine-checked argument that Moltbot enforces its intended security policy (authorization, session isolation, tool gating, and misconfiguration safety), under explicit assumptions. @@ -18,7 +18,7 @@ misconfiguration safety), under explicit assumptions. - Each claim has a runnable model-check over a finite state space. - Many claims have a paired **negative model** that produces a counterexample trace for a realistic bug class. -**What this is not (yet):** a proof that “Clawdbot is secure in all respects” or that the full TypeScript implementation is correct. +**What this is not (yet):** a proof that “Moltbot is secure in all respects” or that the full TypeScript implementation is correct. ## Where the models live