← Back to Skills Marketplace
eveiljuice

ClawGuardrails

by Timo · GitHub ↗ · v0.1.0
cross-platform ✓ Security Clean
355
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install claw-guardirails-skill
Description
Enforces guarded execution with safe_exec, safe_send, and safe_action. Use when a task may run shell commands, send channel messages, or call external APIs/a...
README (SKILL.md)

Guardrails Safe Tools

When to Use

Apply this skill whenever a request can:

  • execute shell/system commands;
  • send outbound messages/posts to channels;
  • trigger external actions (email, DB, gateways, automation).

Hard Rules

  1. Use safe_exec instead of raw exec.
  2. Use safe_send instead of direct channel-post tools.
  3. Use safe_action for generic external/API side effects.
  4. Never bypass the guardrails resolver with direct destructive tools.
  5. If decision is require_approval, stop and wait for explicit approval flow.

Input Hygiene

  • Always provide the narrowest cwd for safe_exec.
  • Include sender/channel/agent context when available.
  • Keep command args explicit; do not hide risky flags in shell expansions.
  • For safe_action, include explicit resources where possible.

Tool Contracts

safe_exec

Use for shell commands only after permission resolution.

Expected input shape:

{
  "command": "git",
  "args": ["status"],
  "cwd": "/workspace/project"
}

safe_send

Use for outbound channel messages.

Expected input shape:

{
  "channel": "telegram:ops-room",
  "message": "Deployment done",
  "channelType": "telegram"
}

safe_action

Use for side-effect actions that are not plain shell or plain chat send.

Expected input shape:

{
  "action": "gmail.delete_message",
  "payload": { "messageId": "..." },
  "resources": [
    { "kind": "unknown", "value": "email-api", "operation": "delete" }
  ]
}

Decision Handling

  • allow: continue and return runtime result.
  • deny: return denial with reason code; do not retry with alternate dangerous tools.
  • require_approval: surface approval id/reason and wait for /approve \x3Cid> or RPC approval.

Good Defaults

  • Prefer read-only commands (git status, rg, ls) before mutable ones.
  • Propose reversible operations first.
  • Ask for confirmation before destructive intent, even if technically allowed.
Usage Guidance
This skill is a set of guardrail rules, not an enforcement library. It looks coherent and low-risk because it doesn't install code or request secrets. Before relying on it, confirm your agent runtime actually implements safe_exec/safe_send/safe_action and an approval/resolution mechanism (so 'require_approval' is enforced and cannot be bypassed). Also verify logging/audit for executed actions, that channel identifiers and resource descriptors are validated, and that there are no other installed skills or tools that could ignore these guardrails. If you need enforcement rather than guidance, require an implementation or tests that demonstrate the safe_* primitives and approval flow are present and tamper-resistant.
Capability Analysis
Type: OpenClaw Skill Name: claw-guardirails-skill Version: 0.1.0 The OpenClaw AgentSkills bundle 'claw-guardirails-skill' is benign. Its primary purpose, as described in SKILL.md, is to enforce secure execution practices by instructing the AI agent to use 'safe_exec', 'safe_send', and 'safe_action' instead of direct, potentially dangerous tools. The instructions explicitly prohibit bypassing guardrails, emphasize input hygiene, and require approval for risky operations, indicating a clear intent to enhance security rather than exploit vulnerabilities or perform malicious actions.
Capability Assessment
Purpose & Capability
Name/description (enforcing guarded execution for shell, channel, and external side effects) align with the SKILL.md content. The skill does not ask for unrelated credentials, binaries, or config paths.
Instruction Scope
Instructions are coherent and scoped to controlling side effects (safe_exec, safe_send, safe_action, approval flow). However the skill provides only contracts and behavioral rules, not implementations: it assumes the runtime exposes safe_exec/safe_send/safe_action and an approval resolver. That reliance is expected but means the guardrails are advisory unless your agent environment enforces them.
Install Mechanism
No install spec and no code files — lowest-risk delivery (instruction-only). Nothing will be written or executed from this package itself.
Credentials
The skill requests no environment variables, credentials, or config paths. It asks agents to include context (cwd, channel/sender) in calls, which is reasonable for auditability and scope-limiting.
Persistence & Privilege
always is false and model invocation is allowed (platform default). The skill does not request persistent system presence or modification of other skills/configurations.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install claw-guardirails-skill
  3. After installation, invoke the skill by name or use /claw-guardirails-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
- Initial release of guardrails-safe-tools skill. - Enforces safe execution for shell commands, outbound messages, and external actions via `safe_exec`, `safe_send`, and `safe_action`. - Provides strict rules for using only guarded tools instead of direct execution/messaging. - Ensures workflows stop for approval when required; explains decision handling for `allow`, `deny`, and `require_approval`. - Documents best practices for input hygiene and choosing safer defaults.
Metadata
Slug claw-guardirails-skill
Version 0.1.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is ClawGuardrails?

Enforces guarded execution with safe_exec, safe_send, and safe_action. Use when a task may run shell commands, send channel messages, or call external APIs/a... It is an AI Agent Skill for Claude Code / OpenClaw, with 355 downloads so far.

How do I install ClawGuardrails?

Run "/install claw-guardirails-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ClawGuardrails free?

Yes, ClawGuardrails is completely free (open-source). You can download, install and use it at no cost.

Which platforms does ClawGuardrails support?

ClawGuardrails is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ClawGuardrails?

It is built and maintained by Timo (@eveiljuice); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments