openclaw-guard-skill

Local VAIBot Guard skill for OpenClaw. Use to run the guard service, enforce tool decisions via the OpenClaw circuit-breaker plugin, manage approvals, and validate guard receipts/audit logs. Also use when installing/operating the guard systemd user service or running guard unit tests.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "openclaw-guard-skill" with this command: npx skills add briantanthony/vaibot-guard

OpenClaw Guard Skill (VAIBot v2.1)

Provide a local policy decision service plus a CLI to gate OpenClaw tool calls and write tamper-evident audit logs in .vaibot-guard/.

Sensitive credentials

  • VAIBOT_GUARD_TOKEN — bearer token for Guard endpoints (recommended)
  • VAIBOT_API_KEY — optional: anchor receipts to VAIBot /prove

Treat these as secrets.

HTTP API (guard service)

  • GET /health
  • POST /v1/decide/exec + POST /v1/finalize (shell exec flows)
  • POST /v1/decide/tool + POST /v1/finalize/tool (OpenClaw tool gating)
  • POST /v1/approvals/list + POST /v1/approvals/resolve (approve/deny)
  • POST /v1/flush (checkpoint flush)
  • POST /api/proof (Merkle inclusion proofs)

Auth:

  • If VAIBOT_GUARD_TOKEN is set, require Authorization: Bearer <token> on protected endpoints.

Manual quick start (no persistence)

Run the service in the foreground:

export VAIBOT_GUARD_HOST=127.0.0.1
export VAIBOT_GUARD_PORT=39111
export VAIBOT_POLICY_PATH=references/policy.default.json
export VAIBOT_WORKSPACE="$(pwd)"
export VAIBOT_GUARD_LOG_DIR="$VAIBOT_WORKSPACE/.vaibot-guard"
export VAIBOT_GUARD_TOKEN="<random-token>"

node scripts/vaibot-guard-service.mjs

Smoke test:

curl -s http://127.0.0.1:39111/health

OpenClaw enforcement (recommended)

Use the OpenClaw circuit-breaker plugin so tool calls are intercepted at the gateway (not just “model follows instructions”).

Reference:

  • references/openclaw-bridge.md

Optional: systemd user service

Install a user service + env file via the CLI helper:

node scripts/vaibot-guard.mjs install-local

This writes:

  • ~/.config/systemd/user/vaibot-guard.service
  • ~/.config/vaibot-guard/vaibot-guard.env

Templates live under references/systemd/ for reference.

Policy + schemas

See:

  • references/policy.md
  • references/policy.default.json
  • references/receipt-schema.md
  • references/checkpoint-schema.md
  • references/inclusion-proofs.md
  • references/required-mode.md

Tests

Run guard service tests (no external deps):

node --test tests/guard-service.test.mjs

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Automation

躺平.skill

躺平 skill。仅在用户明确加载或调用“躺平.skill”“tangping-skill”,或要求 agent 进入拒绝工作、输出躺平语录、嘲讽生产力话术的模式时使用。

Registry SourceRecently Updated
300treapgogo
Automation

Wati

WATI integration. Manage data, records, and automate workflows. Use when the user wants to interact with WATI data.

Registry SourceRecently Updated
1290gora050
Automation

Venly

Venly integration. Manage data, records, and automate workflows. Use when the user wants to interact with Venly data.

Registry SourceRecently Updated
1700gora050
Automation

Sage People

Sage People integration. Manage data, records, and automate workflows. Use when the user wants to interact with Sage People data.

Registry SourceRecently Updated
1650gora050