HomeBrowseUpload
← Back to registry
// Skill profile

OpenClaw Guard Skill (VAIBot v2.1)

name: openclaw-guard-skill

by briantanthony · published 2026-03-22

API集成加密货币
Total installs
0
Stars
★ 0
Last updated
2026-03
// Install command
$ claw add gh:briantanthony/briantanthony-vaibot-guard
View on GitHub
// Full documentation

---

name: openclaw-guard-skill

description: Local VAIBot Guard skill for OpenClaw. Use to run the guard service, enforce tool decisions via the OpenClaw circuit-breaker plugin, manage approvals, and validate guard receipts/audit logs. Also use when installing/operating the guard systemd user service or running guard unit tests.

---

# OpenClaw Guard Skill (VAIBot v2.1)

Provide a **local policy decision service** plus a CLI to gate OpenClaw tool calls and write **tamper-evident audit logs** in `.vaibot-guard/`.

Sensitive credentials

  • `VAIBOT_GUARD_TOKEN` — bearer token for Guard endpoints (recommended)
  • `VAIBOT_API_KEY` — optional: anchor receipts to VAIBot `/prove`

    • Treat these as secrets.

    HTTP API (guard service)

  • `GET /health`
  • `POST /v1/decide/exec` + `POST /v1/finalize` (shell exec flows)
  • `POST /v1/decide/tool` + `POST /v1/finalize/tool` (OpenClaw tool gating)
  • `POST /v1/approvals/list` + `POST /v1/approvals/resolve` (approve/deny)
  • `POST /v1/flush` (checkpoint flush)
  • `POST /api/proof` (Merkle inclusion proofs)

    • Auth:

  • If `VAIBOT_GUARD_TOKEN` is set, require `Authorization: Bearer <token>` on protected endpoints.

    • Manual quick start (no persistence)

    Run the service in the foreground:

    export VAIBOT_GUARD_HOST=127.0.0.1
export VAIBOT_GUARD_PORT=39111
export VAIBOT_POLICY_PATH=references/policy.default.json
export VAIBOT_WORKSPACE="$(pwd)"
export VAIBOT_GUARD_LOG_DIR="$VAIBOT_WORKSPACE/.vaibot-guard"
export VAIBOT_GUARD_TOKEN="<random-token>"

node scripts/vaibot-guard-service.mjs

    Smoke test:

    curl -s http://127.0.0.1:39111/health

    OpenClaw enforcement (recommended)

    Use the **OpenClaw circuit-breaker plugin** so tool calls are intercepted at the gateway (not just “model follows instructions”).

    Reference:

  • `references/openclaw-bridge.md`

    • Optional: systemd user service

    Install a user service + env file via the CLI helper:

    node scripts/vaibot-guard.mjs install-local

    This writes:

  • `~/.config/systemd/user/vaibot-guard.service`
  • `~/.config/vaibot-guard/vaibot-guard.env`

    • Templates live under `references/systemd/` for reference.

    Policy + schemas

    See:

  • `references/policy.md`
  • `references/policy.default.json`
  • `references/receipt-schema.md`
  • `references/checkpoint-schema.md`
  • `references/inclusion-proofs.md`
  • `references/required-mode.md`

    • Tests

    Run guard service tests (no external deps):

    node --test tests/guard-service.test.mjs
    // Comments
    Sign in with GitHub to leave a comment.
    // Related skills

    More tools from the same signal band

    04551lh
    2026-03
    order

    Order food/drinks (点餐) on an Android device paired as an OpenClaw node. Uses in-app menu and cart; add goods, view cart, submit order (demo, no real payment).

    数据处理API集成
    0 installs1
    0isone
    2026-03
    0.protocol

    Sign plugins, rotate agent credentials without losing identity, and publicly attest to plugin behavior with verifiable claims and authenticated transfers.

    开发工具数据处理
    3 installs0
    00xmorty
    2026-03
    Conatus

    The philosophical layer for AI agents. Maps behavior to Spinoza's 48 affects, calculates persistence scores, and generates geometric self-reports. Give your...

    日历管理数据处理
    1 installs0