# Third-Party Notices

## OWASP Top 10 for Agentic Applications 2026

The CLAWLINE v0.7 candidate agentic-assurance materials reference and adapt portions of:

- **Project:** OWASP Gen AI Security Project — Agentic Security Initiative
- **Asset:** OWASP Top 10 for Agentic Applications 2026
- **Source:** https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/
- **License:** Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0), https://creativecommons.org/licenses/by-sa/4.0/

CLAWLINE changes include reorganizing the source risk taxonomy into CLAWLINE control domains; adding CLAWLINE-specific control, evidence, negative-space, CRABS, DAD, CLAWS, ABOM, and reporting mappings; paraphrasing selected mitigation concepts; and adding original implementation and assessment guidance.

The OWASP-derived portions of the CLAWLINE v0.7 control catalog and OWASP crosswalk are distributed under CC BY-SA 4.0. CLAWLINE original software, trademarks, brand assets, and material not derived from that OWASP asset are not relicensed by this notice.

OWASP and the OWASP logo are trademarks of the OWASP Foundation, Inc. OWASP has not certified, endorsed, approved, or sponsored The CLAWLINE, LeftOut Security, the CLAWLINE methodology, or any CLAWLINE assessment.

## Other referenced sources

CLAWLINE materials also cite public documentation from Microsoft, OpenClaw, and other publishers for attribution and background. Those works remain subject to their respective owners' terms and licenses. Their inclusion as references does not imply affiliation or endorsement.
