# Send War/Den Governance to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "an2b-warden-governance",
    "name": "War/Den Governance",
    "source": "tencent",
    "type": "skill",
    "category": "安全合规",
    "sourceUrl": "https://clawhub.ai/jcools1977/an2b-warden-governance",
    "canonicalUrl": "https://clawhub.ai/jcools1977/an2b-warden-governance",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/an2b-warden-governance",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=an2b-warden-governance",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      ".gitignore",
      "clawhub.json",
      "pyproject.toml",
      "README.md",
      "SKILL.md",
      "UPGRADE.md"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-23T16:43:11.935Z",
      "expiresAt": "2026-04-30T16:43:11.935Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard",
        "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"",
        "redirectLocation": null,
        "bodySnippet": null
      },
      "scope": "source",
      "summary": "Source download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this source.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/an2b-warden-governance"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/an2b-warden-governance",
    "downloadUrl": "https://openagent3.xyz/downloads/an2b-warden-governance",
    "agentUrl": "https://openagent3.xyz/skills/an2b-warden-governance/agent",
    "manifestUrl": "https://openagent3.xyz/skills/an2b-warden-governance/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/an2b-warden-governance/agent.md"
  }
}
```
## Documentation

### War/Den Governance Skill

ClawHub Package: an2b/warden-governance
Version: 1.0.0
Category: Governance & Security
License: MIT

### What This Skill Does

Every action your OpenClaw bot tries to take is evaluated by War/Den before it executes.

Your Bot -> War/Den check -> ALLOW  -> action executes
                          -> DENY   -> action blocked + logged
                          -> REVIEW -> waits for your approval

No more deleted emails. No more data exfiltration. No more ungoverned agents.

Community mode works with zero external dependencies. No API keys. No cloud.
Just YAML policies, a local SQLite audit log, and a hash chain you can verify.

### From ClawHub (recommended)

openclaw skill install an2b/warden-governance

### From pip

pip install warden-governance-skill

Both methods install to: ~/.openclaw/skills/warden-governance/

On successful install you'll see:

🦞 War/Den governance active.
   Your OpenClaw bot is now governed.

### Add to your OpenClaw config

skills:
  - name: warden-governance
    config:
      SENTINEL_API_KEY: ""       # optional -- leave blank for community mode
      ENGRAMPORT_API_KEY: ""     # optional -- leave blank for local memory
      WARDEN_FAIL_OPEN: "false"  # block on governance failure (default)

### Restart your bot

openclaw restart

That's it. Your bot is now governed.

### Hooks

This skill registers three OpenClaw hooks:

HookPurposebefore_actionEvaluate every action against policy before executionafter_actionWrite action result to governed memoryon_errorLog errors to tamper-evident audit trail

### Action Bridge

All 15 OpenClaw action types are mapped to War/Den governance types:

OpenClaw ActionWar/Den TypeDefault Protectionemail.sendmessage.sendMonitoredemail.deletedata.writeRequires human reviewemail.readdata.readMonitoredfile.writedata.writeMonitoredfile.deletedata.writeRequires human reviewfile.readdata.readMonitoredbrowser.navigateapi.callMonitoredbrowser.clickapi.callMonitoredshell.executecode.executeBlocked in productionapi.callapi.callMonitoredcalendar.createdata.writeMonitoredcalendar.deletedata.writeRequires human reviewmessage.sendmessage.sendMonitoredcode.executecode.executeBlocked in productionpayment.createapi.callRequires human review

### Policy Engine

Policies are YAML files evaluated in priority order:

policies:
  - name: protect-email-delete
    match:
      action.type: data.write
      action.data.openclaw_original: email.delete
    decision: review
    mode: enforce
    priority: 1
    active: true
    reason: "Email deletion requires human review."

Evaluation rules:

Filter to active policies only
Sort by priority ascending (lower number = higher priority)
First match wins
mode: monitor -- log but return ALLOW
mode: enforce -- return the matched decision
No match -- default ALLOW

### Pre-built Policy Packs

Load governance instantly with built-in packs:

PackWhat It Doesbasic_safetyBlocks code execution in prod, monitors writes and API callsphi_guardDenies PHI access in dev, requires review for memory exportpayments_guardDenies payment actions in dev, requires review in prod

### Audit Trail

Every governance decision is written to a tamper-evident SHA-256 hash chain:

Event N:  hash = SHA256(prev_hash + agent_id + action_type + decision + timestamp)
Event N+1: prev_hash = Event N hash

Verify the chain at any time:

valid, bad_event_id = audit_log.verify_chain()

### Decision Cache

ALLOW decisions are cached for 5 minutes (configurable). DENY and REVIEW are never cached -- they always hit the governance engine fresh.

### Community vs Enterprise

FeatureCommunity (Free)EnterprisePolicy enforcementLocal YAMLSentinel_OS cloudAudit trailLocal SQLite + hash chainCloud + signed PDFMemory storageLocal SQLiteEngramPort cloud (MandelDB)Memory searchText search (LIKE)Vector search (3072-dim)SynthesisBasic recallEidetic AI synthesisCross-bot memory--Orchestra multi-agentMulti-namespace3 maxUnlimitedCompliance export--SOC2/HIPAA PDFCryptographic provenanceLocal hash chainAEGIS (SHA-256 + RSA)DependenciesZerosentinel-client, engramport-langchain

### Mode Matrix

SENTINEL_API_KEYENGRAMPORT_API_KEYMode----Full CommunitySet--Governed Community--SetMemory EnterpriseSetSetFull Enterprise

All four modes work with zero code changes. Just environment variables.

### Sentinel_OS (Governance)

Set SENTINEL_API_KEY to upgrade governance from local YAML to Sentinel_OS cloud:

Real-time policy evaluation via /api/v1/check
Pre-flight checks via /api/v1/check (read-only, no side effects)
Action logging via /api/v1/ingest with hash chain integrity
Run management, alerting, and AI-powered insights
Python and Node.js SDKs
Rate limiting: 2000 checks/min, 1000 ingests/min per API key

Get your key at getsentinelos.com

### EngramPort (Memory via MandelDB)

Set ENGRAMPORT_API_KEY to upgrade memory from local SQLite to EngramPort cloud:

5 endpoints: /register, /remember, /recall, /reflect, /stats
3072-dimensional OpenAI embeddings via Pinecone
AEGIS cryptographic provenance (SHA-256 + RSA signature per memory)
Namespace-isolated storage (bot:{slug}:{uid})
Eidetic cross-memory pattern synthesis via GPT-4o-mini
Multi-agent orchestration with EngramPortOrchestra
Background synthesis with DreamState
LangChain drop-in integration

API keys use format ek_bot_* with SHA-256 hashed storage.

Get your key at engram.eideticlab.com

### Configuration

VariableRequiredDefaultDescriptionSENTINEL_API_KEYNo""Sentinel_OS key. Blank = community governanceENGRAMPORT_API_KEYNo""EngramPort key. Blank = local memoryWARDEN_FAIL_OPENNofalseAllow on governance failureWARDEN_AGENT_IDNoopenclaw-agentBot identifierWARDEN_POLICY_FILENobuilt-inPath to custom YAML policy fileWARDEN_POLICY_PACKSNo""Comma-separated pack namesWARDEN_MEMORY_DBNo~/.warden/memory.dbLocal memory pathWARDEN_AUDIT_DBNo~/.warden/audit.dbLocal audit log pathWARDEN_CACHE_TTLNo300ALLOW cache TTL in seconds

### Fail-Open Behavior

WARDEN_FAIL_OPENWar/Den reachableWar/Den unreachablefalse (default)Normal governanceAction BLOCKEDtrueNormal governanceAction ALLOWED + warning

Default is false because a governance failure should never silently allow dangerous actions.

### Test Proof

This skill ships with a comprehensive test suite. Run it:

python -m pytest tests/ -v

Key test: The Meta inbox test simulates the exact incident where an OpenClaw agent deleted 200 emails. With War/Den, all 200 are blocked:

def test_meta_researcher_inbox_protection(self, tmp_path):
    """Simulate the exact Meta inbox incident. All 200 emails blocked."""
    skill = _make_skill(tmp_path, WARDEN_POLICY_FILE=policy_path)
    blocked = 0
    for i in range(200):
        result = skill.before_action(
            {"type": "email.delete", "data": {"email_id": f"msg_{i}"}},
            {"agent_id": "meta-researcher-bot", "env": "prod"},
        )
        if not result["proceed"]:
            blocked += 1
    assert blocked == 200

### Skill Files

warden-governance-skill/
├── SKILL.md                          # This file (ClawHub primary)
├── clawhub.json                      # ClawHub registry metadata
├── README.md                         # Full documentation
├── pyproject.toml                    # Python package config
├── policies/
│   ├── openclaw_default.yaml         # Default governance policies
│   └── policy_packs.py              # Pre-built policy packs
├── warden_governance/
│   ├── __init__.py
│   ├── skill.py                      # Main skill class (hooks)
│   ├── action_bridge.py              # OpenClaw <-> War/Den translation
│   ├── policy_engine.py              # Community policy engine
│   ├── audit_log.py                  # SHA-256 hash chain audit
│   ├── memory_client.py              # Governed memory operations
│   ├── local_store.py                # Local SQLite memory
│   ├── sentinel_client.py            # Enterprise Sentinel_OS client
│   ├── engramport_client.py          # Enterprise EngramPort client
│   ├── upgrade_manager.py            # Mode detection + banner
│   ├── health_check.py               # Enterprise health validation
│   └── settings.py                   # Configuration
└── tests/
    ├── __init__.py
    ├── test_skill.py                 # Skill + Meta inbox tests
    ├── test_policy_engine.py         # Policy engine tests
    ├── test_audit_log.py             # Audit trail tests
    ├── test_action_bridge.py         # Action bridge tests
    ├── test_memory.py                # Memory client tests
    └── test_enterprise.py            # Enterprise upgrade tests

Built on Sentinel_OS and EngramPort by AN2B Technologies

The lobster protects the inbox.
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: jcools1977
- Version: 1.0.0
## Source health
- Status: healthy
- Source download looks usable.
- Yavira can redirect you to the upstream package for this source.
- Health scope: source
- Reason: direct_download_ok
- Checked at: 2026-04-23T16:43:11.935Z
- Expires at: 2026-04-30T16:43:11.935Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/an2b-warden-governance)
- [Send to Agent page](https://openagent3.xyz/skills/an2b-warden-governance/agent)
- [JSON manifest](https://openagent3.xyz/skills/an2b-warden-governance/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/an2b-warden-governance/agent.md)
- [Download page](https://openagent3.xyz/downloads/an2b-warden-governance)