Sunglasses is a local MCP scan server for OpenClaw-managed agent workflows. Register it as a third-party MCP server, then route risky channel messages, web extracts, tool results, cron inputs, files, and handoffs through scan_text or scan_file before an OpenClaw-managed runtime acts.

Register the MCP server

Save a third-party MCP server definition that runs the stdio command, then verify it with OpenClaw's MCP status/doctor/probe command for your installed version:

python -m sunglasses.mcp

The server exposes scan_text, scan_file, and scanner_info.

Make coverage real

MCP registration makes the scanner available; mandatory coverage depends on the runtime or policy requiring that scan path. Require eligible OpenClaw runtimes to call scan_text or scan_file before acting on untrusted channel messages, web extracts, tool results, files, or handoffs. Do not describe coverage as automatic for every channel unless the policy proves every channel message crosses the scan path.

Runtime-trust note

OpenClaw decides what channels, tools, and runtimes the assistant can reach; Sunglasses checks whether this specific message, file, tool result, web extract, or handoff should be trusted before the workflow acts. The verified integration is the MCP server — there is no OpenClaw-specific Sunglasses plugin module. (Running OpenClaw inside a sandbox such as an OpenShell/NVIDIA-style isolation layer doesn't change this: infrastructure isolation limits where an agent runs, while Sunglasses still scans the untrusted text, files, tool results, and handoffs that reach it.)

FAQ

How do I add Sunglasses to OpenClaw?

Register a third-party MCP server running python -m sunglasses.mcp, verify it with OpenClaw's MCP doctor command, then require scan_text/scan_file before acting on untrusted input.

Same scanner underneath. Different wiring by stack. Sunglasses runs locally as an open-source Python package — no API key, no telemetry requirement, MIT licensed. The framework wires capability; Sunglasses decides whether a specific input, file, tool result, web extract, or handoff should be trusted before your agent acts. Full control model in the Manual and 101 Guide.