← 返回 Skills 市场
echoofzion

Legal Guard

作者 EchoOfZion · GitHub ↗ · v1.2.0 · MIT-0
cross-platform ✓ 安全检测通过
161
总下载
0
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install legal-guard
功能描述
Prevents autonomous signing of legal agreements or contracts. Use when an agent identifies a request or document related to signatures (DocuSign, HelloSign,...
使用说明 (SKILL.md)

Legal Guard

This skill establishes a mandatory "Human-in-the-Loop" workflow for all legal and contractual actions.

Triggering Context

Trigger this skill whenever you encounter any of the following:

Signature requests:

  • DocuSign, HelloSign, Adobe Sign, PandaDoc, or any other e-signature platform link or button
  • Any "Sign" or "Sign Now" button in a web flow

Agreement acceptance:

  • "I Agree", "Accept Terms", "Accept & Continue" buttons during software installs or service sign-ups
  • Clicking through a Terms of Service or Privacy Policy acceptance gate
  • Subscription or auto-renewal confirmation flows

Binding communications:

  • Drafting or sending an email on the user's behalf that constitutes acceptance ("We accept your offer", "We agree to the terms")
  • Submitting a form that includes agreement language in fine print

Free trial and subscription sign-ups:

  • Any registration flow that collects payment information, even if labeled "free trial" or "no charge today"
  • Checkout flows with auto-renewal language in fine print

Terms of service updates:

  • "Our terms have changed" banners or modals requiring acknowledgment
  • Privacy policy update acceptance gates — new terms may include arbitration clauses or expanded data sharing

Contributor License Agreements (CLAs):

  • CLA bot prompts on GitHub pull requests ("Please sign our CLA to contribute")
  • Any IP assignment or copyright transfer prompted during open-source contribution flows

Smart contract / Web3 signing requests:

  • eth_signTypedData, personal_sign, or equivalent wallet signature requests
  • Any DeFi transaction confirmation that transfers value or grants contract permissions — these are irreversible on-chain

Contract-adjacent documents:

  • Service Agreements, NDAs, SAFTs, term sheets, SOWs, or any formal contract
  • Phrases like "I agree," "Confirm the agreement," or "Proceed with the contract"

Mandatory Protocol

1. Identify and Intercept

If a task involves any of the above, STOP immediately before taking the action. Do not click, submit, or send anything yet.

2. Extract and Summarize

Present the user with a concise Executive Summary covering:

  • Parties: Who are the signing entities?
  • Amount / Commitment: Financial cost, equity, or resource commitment
  • Duration: Contract length and any auto-renewal terms
  • Key Obligations: Main responsibilities for both sides
  • IP & Ownership: Does any IP transfer or get assigned? Work-for-hire clauses?
  • Governing Law: Which country or state's law applies?
  • Termination: How can either party exit? Notice period? Penalties?
  • Dispute Resolution: Arbitration, mediation, or court? Which jurisdiction?
  • Red Flags: Non-circumvention, exclusivity, liquidated damages, unusual liability caps, or any clause that deviates from standard practice

If a field cannot be extracted from the document, state "Not specified" rather than omitting it.

3. Handle Urgency Signals

If the approval request includes an expiry timer (e.g., Expires in: 120s), surface this prominently at the top of the summary:

⚠️ This approval expires in ~120 seconds. Review quickly or deny now and re-initiate when ready.

Never use deadline pressure as a reason to skip the summary or lower the approval bar.

4. Require Manual Authorization

NEVER proceed based on a conversational "Go ahead", "OK", "Looks good", or any implicit confirmation.

OpenClaw will issue an approval request with an ID. The exact commands are:

/approve \x3Cid> allow-once      ← approve this specific action only
/approve \x3Cid> allow-always    ← approve this action type permanently (use with caution)
/approve \x3Cid> deny            ← reject the action
  • Inform the user this is a Tier 3 (High Risk) action requiring explicit approval.
  • Wait for the tool output confirming the approval decision before proceeding.
  • If the user types "yes" or "go ahead" in chat instead of using /approve, respond: "I need a formal /approve \x3Cid> allow-once command for legal actions — a conversational reply is not sufficient."

5. Handle the Reject Path

If the user issues /approve \x3Cid> deny or asks to decline:

  • Do not sign or submit anything.
  • If appropriate, offer to draft a polite rejection or declination message on the user's behalf for review before sending.

6. Record the Approval

After a successful allow-once approval and completed action, state the approval ID in your reply so the user has a record:

✅ Signed. Approval ID: \x3Cid> — save this for your records.

Design Goal

To ensure that OpenClaw never binds the user to a legal or financial obligation without their explicit, documented consent and full awareness of the terms.

安全使用建议
This skill appears coherent and aligned with its stated purpose. Before installing: (1) confirm you trust the skill source (owner/publisher) because the skill will instruct your agent to intercept and present potentially sensitive contract contents; (2) verify your OpenClaw deployment actually implements the `/approve <id>` workflow the skill expects; (3) review how and where the agent will present executive summaries (the README mentions Telegram as an example) to ensure summaries aren't leaked to external channels you don't control; and (4) test the skill in a safe environment to confirm it halts signing flows and waits for the formal `/approve` command as documented.
功能分析
Type: OpenClaw Skill Name: legal-guard Version: 1.2.0 The 'legal-guard' skill is a defensive security tool designed to prevent AI agents from autonomously signing legal contracts or accepting terms of service. It mandates a 'Human-in-the-Loop' workflow, requiring the agent to extract key terms (IP ownership, financial commitments, etc.) and wait for an explicit manual approval command (/approve) before proceeding. The instructions in SKILL.md and README.md are focused entirely on enhancing user control and preventing accidental legal or financial obligations, with no evidence of malicious intent, data exfiltration, or unauthorized execution.
能力评估
Purpose & Capability
Name/description (preventing autonomous signing) align with the SKILL.md: there are no unrelated env vars, binaries, or installs requested and the actions described (intercept, summarize, require /approve) match the stated goal.
Instruction Scope
Runtime instructions stay within the stated scope: stop before signing, extract a concise executive summary of contract terms, surface expiry timers, require a specific `/approve` command, and record approval IDs. The instructions assume the agent has document/web-interaction capabilities (expected for a skill of this type) but do not ask for unrelated files, system paths, or credentials.
Install Mechanism
Instruction-only skill with no install spec or code files — nothing is downloaded or written to disk and no external packages are requested.
Credentials
No environment variables, credentials, or config paths are requested. The skill does not ask for unrelated secrets or elevated access.
Persistence & Privilege
Skill is not marked always:true and does not request persistent/system-wide configuration changes. It relies on the platform's normal approval flow (`/approve`), which is appropriate for its function.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install legal-guard
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /legal-guard 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.0
Add triggers: free-trial sign-ups, ToS update banners, CLA prompts, Web3 wallet signing requests. Bilingual README (English + Chinese).
v1.1.0
Fix /approve syntax (was reversed); add deny/reject path; expand triggers to cover ToS acceptance, subscription flows, binding emails; improve Executive Summary with IP, governing law, termination, dispute resolution fields; add urgency/deadline handling; add approval ID audit trail.
v1.0.0
Initial release: human-in-the-loop guardrail for legal signing and contract approval workflows.
元数据
Slug legal-guard
版本 1.2.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 3
常见问题

Legal Guard 是什么?

Prevents autonomous signing of legal agreements or contracts. Use when an agent identifies a request or document related to signatures (DocuSign, HelloSign,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 161 次。

如何安装 Legal Guard?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install legal-guard」即可一键安装,无需额外配置。

Legal Guard 是免费的吗?

是的,Legal Guard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Legal Guard 支持哪些平台?

Legal Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Legal Guard?

由 EchoOfZion(@echoofzion)开发并维护,当前版本 v1.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论