Skip to main content

Overview

OpenClaw is a popular open-source AI agent framework. Bloom provides seamless integration to secure your OpenClaw agents with authentication, authorization, audit logging, and real-time protection.

Quick Start

1. Install the Bloom Skill

pip install bloom-openclaw-skill

2. Configure Environment Variables

Add to your .env file: 
BLOOM_API_KEY=bloom_org_xxxxx      # From Dashboard > Profile > API Keys
BLOOM_AGENT_ID=agent_xxxxx         # From Dashboard > Agents

3. Use in Your Agent

from bloom_proxy import bloom_request, bloom_get, bloom_post

# All requests are now authenticated and logged
response = bloom_post(
    "https://api.openai.com/v1/chat/completions",
    json={
        "model": "gpt-4",
        "messages": [{"role": "user", "content": "Hello!"}]
    }
)

print(response["body"])

How It Works

┌─────────────┐     ┌──────────────┐     ┌─────────────┐
│  OpenClaw   │────▶│    Bloom     │────▶│  External   │
│   Agent     │     │    Proxy     │     │    APIs     │
└─────────────┘     └──────────────┘     └─────────────┘
       │                   │
       │                   ▼
       │            ┌──────────────┐
       │            │   Checks:    │
       │            │ • Auth       │
       │            │ • Scopes     │
       │            │ • Injection  │
       │            │ • Anomalies  │
       │            └──────────────┘
       │                   │
       ▼                   ▼
┌─────────────┐     ┌──────────────┐
│  Dashboard  │◀────│  Audit Logs  │
└─────────────┘     └──────────────┘

Configuration Options

Create a config.yaml in your skill directory: 
bloom:
  proxy_url: "https://iam.bloomtechnologies.app"
  timeout_seconds: 30
  retry_attempts: 3

  injection_detection:
    enabled: true
    mode: "block"  # block, alert, or log
    sensitivity: "medium"  # low, medium, or high

  cache:
    enabled: false
    ttl_seconds: 300

Security Features

Kill Switch

Immediately halt a compromised agent:
Go to Agents → Click the red Kill button

Prompt Injection Detection

Bloom automatically scans requests for injection attacks:
  • Direct instruction overrides (“ignore previous instructions”)
  • Role manipulation (“you are now…”)
  • Credential extraction attempts
  • Encoded payloads

Audit Logging

Every API call is logged with:
  • Timestamp
  • Agent ID
  • Target service/endpoint
  • Request/response metadata
  • Latency
  • Authorization result
View logs at: Dashboard > Activity

Example: Full Agent Setup

import os
from bloom_proxy import bloom_post, check_bloom_connection

# Verify connection on startup
if not check_bloom_connection():
    raise RuntimeError("Cannot connect to Bloom proxy")

def run_agent():
    # Your agent logic
    response = bloom_post(
        "https://api.openai.com/v1/chat/completions",
        json={
            "model": "gpt-4",
            "messages": [
                {"role": "system", "content": "You are a helpful assistant."},
                {"role": "user", "content": user_input}
            ]
        }
    )

    if response["status_code"] == 200:
        return response["body"]["choices"][0]["message"]["content"]
    else:
        raise Exception(f"API error: {response}")

if __name__ == "__main__":
    run_agent()

Troubleshooting

  • Verify BLOOM_API_KEY is set correctly
  • Check the agent exists in the dashboard
  • Ensure the agent has scopes assigned
  • Check the agent’s scopes allow the endpoint
  • Review audit logs for the denial reason
  • Temporarily set injection detection to “log” mode to debug
  • Bloom adds ~10-50ms overhead
  • Enable caching for repeated requests
  • Check network connectivity to iam.bloomtechnologies.app

Next Steps