{ "schemaVersion": "1.0", "item": { "slug": "aport-agent-guardrail", "name": "Aport Agent Guardrail", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/uchibeke/aport-agent-guardrail", "canonicalUrl": "https://clawhub.ai/uchibeke/aport-agent-guardrail", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/aport-agent-guardrail", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=aport-agent-guardrail", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/aport-agent-guardrail" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/aport-agent-guardrail", "agentPageUrl": "https://openagent3.xyz/skills/aport-agent-guardrail/agent", "manifestUrl": "https://openagent3.xyz/skills/aport-agent-guardrail/agent.json", "briefUrl": "https://openagent3.xyz/skills/aport-agent-guardrail/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "APort Agent Guardrail", "body": "Pre-action authorization for AI agents. Installs an OpenClaw before_tool_call hook that\nevaluates every tool call against a passport (identity + capabilities + limits) and policy\nbefore it executes. If the policy denies the call, the tool does not run.\n\nThis skill provides setup instructions. The enforcement logic comes from the\n@aporthq/aport-agent-guardrails\nnpm package, which is open-source (Apache 2.0) and can be audited before installation." }, { "title": "When to use this skill", "body": "User wants to add guardrails to their AI agent setup\nUser asks about protecting against unauthorized tool calls\nUser wants pre-action authorization for OpenClaw, IronClaw, or PicoClaw agents\nUser needs audit trails for AI agent actions" }, { "title": "How it works", "body": "User Request -> Agent Decision -> APort Hook -> [ALLOW/DENY] -> Tool Execution\n |\n Policy + Passport\n\nAgent decides to use a tool (e.g., run a shell command)\nOpenClaw fires the before_tool_call hook\nAPort loads the passport, maps the tool to a policy, checks allowlists and limits\nDecision: ALLOW (tool runs) or DENY (tool blocked)\nDecision is logged to the audit trail\n\nEnforcement runs in the OpenClaw hook layer, not in agent prompts. However, like any\napplication-layer security control, it depends on the integrity of the runtime environment\n(OS, OpenClaw, filesystem). See the Security Model for trust boundaries." }, { "title": "Prerequisites", "body": "Check these before starting:\n\nNode.js 18+ and npx — run node -v to verify (must show v18 or higher)\nOpenClaw (or compatible runtime) — the hook registers as an OpenClaw plugin" }, { "title": "Quick start (recommended)", "body": "npx @aporthq/aport-agent-guardrails\n\nThe wizard will:\n\nCreate or load a passport (local file or hosted from aport.io)\nConfigure capabilities and limits\nRegister the OpenClaw plugin (adds before_tool_call hook)\nSet up wrapper scripts under ~/.openclaw/\n\nAfter install, the hook runs on every tool call automatically." }, { "title": "With hosted passport (optional)", "body": "npx @aporthq/aport-agent-guardrails \n\nGet agent_id at aport.io for signed decisions,\nglobal suspend, and centralized audit dashboards." }, { "title": "From source", "body": "git clone https://github.com/aporthq/aport-agent-guardrails\ncd aport-agent-guardrails\n./bin/openclaw" }, { "title": "What gets installed", "body": "Files created under ~/.openclaw/:\n\nPlugin config in config.yaml or openclaw.json\nWrapper scripts in .skills/aport-guardrail*.sh\naport/passport.json (local mode only)\naport/decision.json and aport/audit.log (created at runtime)\n\nTotal disk usage: ~100KB for scripts + passport/decision files." }, { "title": "Usage", "body": "After installation, the hook runs automatically on every tool call:\n\n# Allowed command — hook approves, tool executes\nagent> run git status\n# APort: passport checked -> policy evaluated -> ALLOW\n\n# Blocked command — hook denies, tool does not run\nagent> run rm -rf /\n# APort: passport checked -> blocked pattern detected -> DENY" }, { "title": "Testing the hook manually", "body": "# Test allowed command (exit 0 = ALLOW)\n~/.openclaw/.skills/aport-guardrail.sh system.command.execute '{\"command\":\"ls\"}'\n\n# Test blocked command (exit 1 = DENY)\n~/.openclaw/.skills/aport-guardrail.sh system.command.execute '{\"command\":\"rm -rf /\"}'\n\nDecision logs:\n\nLatest decision: ~/.openclaw/aport/decision.json\nAudit trail: ~/.openclaw/aport/audit.log" }, { "title": "Local mode (default)", "body": "All evaluation happens on your machine, zero network calls\nPassport stored locally at ~/.openclaw/aport/passport.json\nWorks offline\nNote: local passport file must be protected from tampering (standard filesystem permissions)" }, { "title": "API mode (optional)", "body": "Passport hosted in the aport.io registry (not stored locally)\nSigned decisions (Ed25519) for tamper-evident audit trails\nGlobal suspend across all systems\nCentralized compliance dashboards\nSends tool name + context to API (does not send file contents, env vars, or credentials)" }, { "title": "Environment variables", "body": "All optional. Local mode requires no environment variables.\n\nVariableWhen usedPurposeAPORT_API_URLAPI modeOverride endpoint (default: https://api.aport.io)APORT_AGENT_IDHosted passportPassport ID from aport.ioAPORT_API_KEYIf API requires authAuthentication token" }, { "title": "Default protections", "body": "Shell commands — Allowlist enforcement, 40+ blocked patterns (rm -rf, sudo, chmod 777, etc.), interpreter bypass detection\nMessaging — Rate limits, recipient allowlist, channel restrictions\nFile access — Path restrictions, blocks access to .env, SSH keys, system directories\nWeb requests — Domain allowlist, SSRF protection, rate limiting\nGit operations — PR size limits, branch restrictions" }, { "title": "Tool name mapping", "body": "Agent actionTool namePolicy checksShell commandssystem.command.executeAllowlist, blocked patternsMessaging (WhatsApp/Email/Slack)messaging.message.sendRate limits, recipient allowlistPRsgit.create_pr, git.mergePR size, branch restrictionsMCP toolsmcp.tool.executeServer/tool allowlistFile read/writedata.file.read, data.file.writePath restrictionsWeb requestsweb.fetch, web.browserDomain allowlist" }, { "title": "Troubleshooting", "body": "ProblemFixPlugin not enforcingCheck openclaw plugin list shows aport-guardrailConnection refused (API mode)Verify APORT_API_URL is reachableTool blocked unexpectedlyCheck ~/.openclaw/aport/decision.json for deny reasonnpx not foundInstall Node.js 18+: https://nodejs.org" }, { "title": "Documentation", "body": "Source code (Apache 2.0)\nQuickStart: OpenClaw Plugin\nSecurity Model & Trust Boundaries\nHosted Passport Setup\nOAP Specification" } ], "body": "APort Agent Guardrail\n\nPre-action authorization for AI agents. Installs an OpenClaw before_tool_call hook that evaluates every tool call against a passport (identity + capabilities + limits) and policy before it executes. If the policy denies the call, the tool does not run.\n\nThis skill provides setup instructions. The enforcement logic comes from the @aporthq/aport-agent-guardrails npm package, which is open-source (Apache 2.0) and can be audited before installation.\n\nWhen to use this skill\nUser wants to add guardrails to their AI agent setup\nUser asks about protecting against unauthorized tool calls\nUser wants pre-action authorization for OpenClaw, IronClaw, or PicoClaw agents\nUser needs audit trails for AI agent actions\nHow it works\nUser Request -> Agent Decision -> APort Hook -> [ALLOW/DENY] -> Tool Execution\n |\n Policy + Passport\n\nAgent decides to use a tool (e.g., run a shell command)\nOpenClaw fires the before_tool_call hook\nAPort loads the passport, maps the tool to a policy, checks allowlists and limits\nDecision: ALLOW (tool runs) or DENY (tool blocked)\nDecision is logged to the audit trail\n\nEnforcement runs in the OpenClaw hook layer, not in agent prompts. However, like any application-layer security control, it depends on the integrity of the runtime environment (OS, OpenClaw, filesystem). See the Security Model for trust boundaries.\n\nPrerequisites\n\nCheck these before starting:\n\nNode.js 18+ and npx — run node -v to verify (must show v18 or higher)\nOpenClaw (or compatible runtime) — the hook registers as an OpenClaw plugin\nInstallation\nQuick start (recommended)\nnpx @aporthq/aport-agent-guardrails\n\n\nThe wizard will:\n\nCreate or load a passport (local file or hosted from aport.io)\nConfigure capabilities and limits\nRegister the OpenClaw plugin (adds before_tool_call hook)\nSet up wrapper scripts under ~/.openclaw/\n\nAfter install, the hook runs on every tool call automatically.\n\nWith hosted passport (optional)\nnpx @aporthq/aport-agent-guardrails \n\n\nGet agent_id at aport.io for signed decisions, global suspend, and centralized audit dashboards.\n\nFrom source\ngit clone https://github.com/aporthq/aport-agent-guardrails\ncd aport-agent-guardrails\n./bin/openclaw\n\nWhat gets installed\n\nFiles created under ~/.openclaw/:\n\nPlugin config in config.yaml or openclaw.json\nWrapper scripts in .skills/aport-guardrail*.sh\naport/passport.json (local mode only)\naport/decision.json and aport/audit.log (created at runtime)\n\nTotal disk usage: ~100KB for scripts + passport/decision files.\n\nUsage\n\nAfter installation, the hook runs automatically on every tool call:\n\n# Allowed command — hook approves, tool executes\nagent> run git status\n# APort: passport checked -> policy evaluated -> ALLOW\n\n# Blocked command — hook denies, tool does not run\nagent> run rm -rf /\n# APort: passport checked -> blocked pattern detected -> DENY\n\nTesting the hook manually\n# Test allowed command (exit 0 = ALLOW)\n~/.openclaw/.skills/aport-guardrail.sh system.command.execute '{\"command\":\"ls\"}'\n\n# Test blocked command (exit 1 = DENY)\n~/.openclaw/.skills/aport-guardrail.sh system.command.execute '{\"command\":\"rm -rf /\"}'\n\n\nDecision logs:\n\nLatest decision: ~/.openclaw/aport/decision.json\nAudit trail: ~/.openclaw/aport/audit.log\nModes\nLocal mode (default)\nAll evaluation happens on your machine, zero network calls\nPassport stored locally at ~/.openclaw/aport/passport.json\nWorks offline\nNote: local passport file must be protected from tampering (standard filesystem permissions)\nAPI mode (optional)\nPassport hosted in the aport.io registry (not stored locally)\nSigned decisions (Ed25519) for tamper-evident audit trails\nGlobal suspend across all systems\nCentralized compliance dashboards\nSends tool name + context to API (does not send file contents, env vars, or credentials)\nEnvironment variables\n\nAll optional. Local mode requires no environment variables.\n\nVariable\tWhen used\tPurpose\nAPORT_API_URL\tAPI mode\tOverride endpoint (default: https://api.aport.io)\nAPORT_AGENT_ID\tHosted passport\tPassport ID from aport.io\nAPORT_API_KEY\tIf API requires auth\tAuthentication token\nDefault protections\nShell commands — Allowlist enforcement, 40+ blocked patterns (rm -rf, sudo, chmod 777, etc.), interpreter bypass detection\nMessaging — Rate limits, recipient allowlist, channel restrictions\nFile access — Path restrictions, blocks access to .env, SSH keys, system directories\nWeb requests — Domain allowlist, SSRF protection, rate limiting\nGit operations — PR size limits, branch restrictions\nTool name mapping\nAgent action\tTool name\tPolicy checks\nShell commands\tsystem.command.execute\tAllowlist, blocked patterns\nMessaging (WhatsApp/Email/Slack)\tmessaging.message.send\tRate limits, recipient allowlist\nPRs\tgit.create_pr, git.merge\tPR size, branch restrictions\nMCP tools\tmcp.tool.execute\tServer/tool allowlist\nFile read/write\tdata.file.read, data.file.write\tPath restrictions\nWeb requests\tweb.fetch, web.browser\tDomain allowlist\nTroubleshooting\nProblem\tFix\nPlugin not enforcing\tCheck openclaw plugin list shows aport-guardrail\nConnection refused (API mode)\tVerify APORT_API_URL is reachable\nTool blocked unexpectedly\tCheck ~/.openclaw/aport/decision.json for deny reason\nnpx not found\tInstall Node.js 18+: https://nodejs.org\nDocumentation\nSource code (Apache 2.0)\nQuickStart: OpenClaw Plugin\nSecurity Model & Trust Boundaries\nHosted Passport Setup\nOAP Specification" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/uchibeke/aport-agent-guardrail", "publisherUrl": "https://clawhub.ai/uchibeke/aport-agent-guardrail", "owner": "uchibeke", "version": "1.1.14", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/aport-agent-guardrail", "downloadUrl": "https://openagent3.xyz/downloads/aport-agent-guardrail", "agentUrl": "https://openagent3.xyz/skills/aport-agent-guardrail/agent", "manifestUrl": "https://openagent3.xyz/skills/aport-agent-guardrail/agent.json", "briefUrl": "https://openagent3.xyz/skills/aport-agent-guardrail/agent.md" } }