โ† Back to Web & Frontend Development
Web & Frontend Development by @dgriffin831

guardrails

Helps users configure comprehensive security guardrails

0
Source Code

guardrails - Interactive Security Guardrails Configuration

Helps users configure comprehensive security guardrails for their OpenClaw workspace through an interactive interview process.

Commands

guardrails setup

Interactive setup mode - Guides user through creating their GUARDRAILS.md file.

Workflow:

  1. Run environment discovery: bash scripts/discover.sh
  2. Classify risks: bash scripts/discover.sh | python3 scripts/classify-risks.py
  3. Generate tailored questions: bash scripts/discover.sh | python3 scripts/classify-risks.py | python3 scripts/generate_questions.py
  4. Conduct interactive interview with the user:
    • Ask questions from the generated question bank (tailored to discovered environment)
    • Present suggestions for each question
    • Allow custom answers
    • Follow up when appropriate
  5. Generate GUARDRAILS.md: echo '<json>' | python3 scripts/generate_guardrails_md.py /path/to/guardrails-config.json
    • Stdin JSON format: {"discovery": {...}, "classification": {...}, "answers": {...}}
  6. Present the generated GUARDRAILS.md for review
  7. Ask for confirmation before writing to workspace
  8. Write GUARDRAILS.md to workspace root
  9. Save guardrails-config.json to workspace root

Important:

  • Be conversational and friendly during the interview
  • Explain why each question matters
  • Provide context about discovered risks
  • Highlight high-risk skills/integrations
  • Allow users to skip or customize any answer
  • Review the final output with the user before writing

guardrails review

Review mode - Check existing configuration against current environment.

Workflow:

  1. Run discovery and classification
  2. Load existing guardrails-config.json
  3. Compare discovered skills/integrations against config
  4. Identify gaps (new skills not covered, removed skills still in config)
  5. Ask user about gaps only - don't re-interview everything
  6. Update config and GUARDRAILS.md if changes needed

guardrails monitor

Monitor mode - Detect changes and potential violations.

Workflow:

  1. Run: bash scripts/monitor.sh
  2. Parse the JSON report
  3. If status is "ok": silent or brief acknowledgment
  4. If status is "needs-attention": notify user with details
  5. If status is "review-recommended": suggest running guardrails review

Can be run manually or via cron/heartbeat.

Files Generated

  • GUARDRAILS.md - The main guardrails document (workspace root)
  • guardrails-config.json - Machine-readable config for monitoring (workspace root)

Notes

  • This skill only helps create guardrails - enforcement is up to the agent
  • Discovery (discover.sh) uses bash + jq; classification (classify-risks.py) uses Python standard library only
  • Question generation and GUARDRAILS.md generation require an LLM โ€” set OPENAI_API_KEY or ANTHROPIC_API_KEY
  • Python scripts require the requests library (pip install requests)
  • Discovery and classification are read-only operations
  • Only setup and review modes write files, and only with user confirmation