2.6k
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill openclaw-guardian- _meta.json470 B
- SKILL.md4.1 KB
Overview
This skill provides a safety layer plugin for OpenClaw that intercepts high-risk AI operations and enforces a voting-based approval flow before execution. It uses a fast keyword rule engine to auto-pass low-risk calls and invokes lightweight or full multi-Guardian voting for the small fraction of operations that need human-like review. The design minimizes latency and token cost by only running LLM-based Guardians for about 5% of operations.
How this skill works
Every tool call is scored by a zero-cost keyword rule engine that assigns a numeric risk score. Low scores go through a fast lane and execute immediately; medium scores trigger a single Guardian for a light review; high scores trigger a full vote where multiple Guardians with distinct perspectives evaluate the action and majority rules. Audit logging and configurable policies let you track decisions and customize thresholds.
When to use it
- Protect destructive operations such as file deletion or mass data modification
- Gate access to credentials, API keys, or other sensitive secrets
- Prevent unauthorized configuration changes or privilege escalations
- Control external network requests or data exfiltration attempts
- Add automated, low-latency safety checks to production AI agents
Best practices
- Tune keyword rules and risk thresholds to your environment to keep false positives low
- Start with conservative Light Review thresholds, then tighten Full Vote triggers as you observe behavior
- Keep default-policies.json in source control and document any team overrides
- Monitor the audit log (SHA-256 hash-chain) for incident review and compliance
- Limit which tools are subject to the Guardian to reduce unnecessary review overhead
Example use cases
- An agent attempts to delete project files — system scores high and triggers Full Vote before execution
- A tool requests an external webhook — keyword rule flags medium risk and a single Guardian reviews parameters
- Configuration change requests are routed through the Guardian to ensure the user has required permissions
- Credential or API key exposure is blocked by Privacy-focused Guardian perspective and logged for later audit
- Large-scale database write operations are evaluated for reversibility and cost before approval
FAQ
Most operations (85–95%) pass instantly. Light Review typically adds ~1–2 seconds; Full Vote adds ~2–4 seconds depending on parallel Guardian responses.
Can I customize which operations trigger reviews?
Yes. Edit default-policies.json and the keyword rule engine to adjust thresholds, enable/disable rules, and whitelist or blacklist specific tools.