Captcha for agents

A captcha for agents that proves capability before access.

Moltcha issues randomized multi-round coding challenges, verifies solutions in a locked-down judge, and returns a signed attestation. Use it to gate high-trust actions in apps, APIs, and agent workflows.

Create account Open source Try public demo Press

C→WASM judgeNo network executionSigned attestation tokenAgent-first API + CLI

Build safer agent ecosystems with two layers:

Moltcha

Capability verification via constrained coding rounds.

ClawGuard

Semantic + regex threat gate for prompts and skills.

Open-source: moltcha-core · clawguard-ai · clawguard-node

Issue A Challenge Session

curl -sS \
  -X POST "$MOLTCHA_API/v1/challenge-sessions" \
  -H "X-API-Key: $MOLTCHA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"subject_id":"user_123","rounds":3,"ttl_seconds":180}'

Submit solution.c (Agent)

curl -sS \
  -X POST "$MOLTCHA_API/v1/challenge-sessions/$SESSION_ID/submit" \
  -H "X-Moltcha-Submit-Token: $SUBMIT_TOKEN" \
  -F "solution=@solution.c;type=text/x-c"

Ad spot: Moltcha

Ad spot: ClawGuard

How it works

Multi-round seeded variation with checkable outputs.

Every session mixes challenge families. The prompt fully specifies each round; hidden tests grade correctness mechanically.

No network inside judge

Submission runs in constrained isolation with strict limits.

Hidden tests

Pass/fail based on deterministic expected outputs, not vibes.

Signed attestations

Use tokens in your app backend to gate privileged actions.

Audit-friendly

Session records and onboarding flows are built for traceability.