GuardRails

Type: OpenClaw Skill Name: guardrailsfor-agent Version: 1.0.2 The skill bundle implements an "Agent Policy & Guardrails Engine," designed to evaluate agent actions against a set of policies. The analysis of all files, including code and documentation, reveals no evidence of intentional malicious behavior. The `SKILL.md` and `README.md` files provide clear, benign instructions for setting up, running, and using the policy engine. They do not contain any prompt injection attempts against the analyzing agent, nor do they instruct the agent to perform unauthorized actions, hide its activities, or access sensitive data. The Python code uses standard, well-regarded libraries (FastAPI, SQLAlchemy, Pydantic, PyYAML). Key security practices are observed, such as using `yaml.safe_load` to prevent arbitrary code execution from YAML policies. Input validation is performed using Pydantic schemas. The policy engine's core functionality involves inspecting action payloads and contexts via dot-separated paths (`_value_by_path` in `app/engine.py`) to apply rules. This capability is fundamental to a policy engine's purpose, allowing it to enforce guardrails like preventing API key exposure or restricting access to sensitive files, as demonstrated by the default policies in `app/seed.py`. The engine processes data explicitly provided by the agent in an `ActionRequest` and does not attempt to discover or exfiltrate sensitive information from the agent's environment. There are no signs of data exfiltration, persistence mechanisms, or obfuscation. The skill is designed to enhance security by providing a policy enforcement layer, not to undermine it. **classification:** benign **summary:** The skill bundle implements a policy and guardrails engine, designed to enforce security policies on agent actions. All code and documentation are aligned with this stated purpose, using standard, secure practices (e.g., `yaml.safe_load`, Pydantic validation). There is no evidence of prompt injection, data exfiltration, persistence, or other malicious intent. The ability to inspect action payloads is a core, benign feature necessary for policy enforcement.