ClawHub

AgentSentinel Safety Layer

v0.1.2

Local-first budget and policy guardrails for agent actions, with optional remote sync to AgentSentinel.

2· 2.7k·6 current·6 all-time
by@jimmystacks
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description match the implementation: local policy and budget enforcement, local state and events, and an opt-in sync to https://api.agentsentinel.dev. Required runtime (python3) and primary credential (AGENT_SENTINEL_API_KEY) are appropriate for the claimed cloud-sync feature.
Instruction Scope
Runtime instructions (bootstrap, check, status, reset, sync) operate only on workspace callguard.yaml and a per-user .agent-sentinel state/events files. The code does not execute the provided command string — it only checks it. Remote network activity is explicit (sync) and disclosed in SKILL.md.
Install Mechanism
No install spec is provided (instruction-only skill) and the wrapper is pure Python using stdlib HTTP. No external downloads or package installs are performed by the skill bundle.
Credentials
PrimaryEnv AGENT_SENTINEL_API_KEY is declared and used only for sync. However, the code also reads AGENT_SENTINEL_HOME (to locate state/events) and AGENT_SENTINEL_AGENT_ID (included as agent_id in the uploaded payload) without those being declared in requires.env. Uploaded events include the command string and other details — enabling cloud sync will transmit that data to the platform.
Persistence & Privilege
The skill writes only its own state and events under .agent-sentinel (or AGENT_SENTINEL_HOME) and may create callguard.yaml in the workspace via bootstrap. always:false and normal autonomous invocation are in effect; the skill does not modify other skills or system-wide configs.
Assessment
This skill appears to do what it says: local checks and local budget tracking by default, with an explicit opt-in sync to AgentSentinel when you set AGENT_SENTINEL_API_KEY and run the sync command. Before enabling cloud sync, consider: 1) review callguard.yaml to ensure policies don't inadvertently capture sensitive commands; events include the command string and will be uploaded during sync; 2) AGENT_SENTINEL_AGENT_ID (optional) may be included in uploads — avoid setting it if you don't want an extra identifier sent; 3) the skill stores state/events under .agent-sentinel (or AGENT_SENTINEL_HOME) in the workspace — inspect those files if you keep sensitive data locally; 4) run the bundled tests (test_wrapper.py) or manually exercise bootstrap/check/status to confirm behavior in your environment. If you do not trust the remote endpoint, do not set AGENT_SENTINEL_API_KEY and the skill will remain local-only.

Like a lobster shell, security has layers — review code before you run it.

budgetvk972rmp42xc7bae5vm6ewz9drh80a5g7compliancevk972rmp42xc7bae5vm6ewz9drh80a5g7latestvk970sk40j93yc5y6v7neyyvnv1849tn1safetyvk972rmp42xc7bae5vm6ewz9drh80a5g7securityvk972rmp42xc7bae5vm6ewz9drh80a5g7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
Binspython3
Primary envAGENT_SENTINEL_API_KEY

Comments