Security firewall for AI agentsJoin us on Discord

YourAIagentasks.
Youdecide.

OkaiDokai intercepts every tool call — shell commands, HTTP requests, file writes, messages — and sends you a push notification to Allow or Deny in real time.

Get Started — it's free
See how it works

Works with

OpenClaw
Claude Code
Codexsoon

OkaiDokai — Approval Required

web_fetch api.wise.com/transfers

{ "account": 13967081,
  "amount": 2500.00,
  "currency": "EUR" }

TheProblem

AI agents are powerful. They execute shell commands, make HTTP requests, read and write files, send messages, and control browsers. Most of the time that's what you want. But sometimes it's not.
×A malicious plugin exfiltrates your SSH keys via curl
×An agent runs rm -rf on the wrong directory
×A tool call sends a message to the wrong Slack channel
×An agent initiates a fiat or crypto transaction you didn't authorize
×A dependency install pulls in a compromised package

HowItWorks

01

Install the plugin

One command. Works with OpenClaw and any agent framework with a hook system.

$ npx okaidokai
02

Your agent runs — you stay in control

Every tool call is intercepted. If a rule matches, it's auto-decided in <1ms. Otherwise, you get a push notification.

03

Build your firewall over time

Every decision can become a rule. Your ruleset grows smarter with every interaction — like training a spam filter.

OkaiDokai — Approval Required

send_email [email protected]

{ "subject": "Invoice #1042",
  "body": "Hi Alice, please find..." }

Features

Real-Time Approval Flow

Push notifications with Allow/Deny actions. Respond from your lockscreen, Apple Watch, or browser. Sub-second delivery.

Smart Rules Engine

Glob-based pattern matching with priority ordering. Scope rules by tool, session, agent, or time. Rules are checked in <1ms.

Full Audit Trail

Every decision is logged — who approved what, when, why, and which rule matched. Searchable, filterable, exportable.

Works Everywhere

iOS, Android, Apple Watch, Web. Push notifications via APNs, FCM, and Web Push. Approve from wherever you are.

One-Command Setup

npx okaidokai — installs the plugin, opens OAuth in your browser, pairs your device. No config files to edit.

Deny on Timeout

If you don't respond, the action is automatically denied. Your agent can't just wait you out. Configurable per-user.

HowIt'sDifferent

OkaiDokaiOkaiDokai
Static PoliciesDocker Sandbox
Per-request approval
Mobile notifications
Learning ruleset
Audit trail
Partial
Logs only
Sub-second overhead
Works with any agent

Architecture

Your AI Agent
    │
    ▼
┌─────────────┐     ┌──────────────┐       ┌──────────┐
│  OkaiDokai  │────▶│  OkaiDokai   │──────▶│ Your     │
│  Plugin     │◀────│  API         │       │ Phone /  │
│  (via hook) │     │              │◀──────│ Watch /  │
└─────────────┘     └──────────────┘       │ Browser  │
                                           └──────────┘
  Intercepts          Evaluates rules,       You tap
  every tool call     sends push if needed   Allow or Deny
End-to-end encrypted — all communication secured via HTTPS

Pricing

Free

$0
  • 500 approvals/month
  • 1 device
  • Push notifications
  • Rules engine
  • Audit log (30 days)
Get Started
Most Popular

Personal

$9/mo
  • Unlimited approvals
  • Unlimited devices
  • Apple Watch support
  • Audit log (unlimited)
  • Priority support
Start Free Trial

Team plan with shared rulesets and approval chains coming soon.

Setitupin60seconds.

# 1. Get the OkaiDokai app
# Web: app.okaidokai.com
# iPhone / Mac: App Store
# Android: Google Play
# 2. Install the plugin + pair your device
$ npx okaidokai
# detects your agent, installs the hook,
# and walks you through pairing
# 3. That's it.
# Your agent asks, you decide.
Get Started — it's free