概述

AgentSentinel Protection Layer

Use this skill when you want a local policy gate before an agent performs a costly or risky action.

This OpenClaw skill is the lightweight entry point to the broader AgentSentinel product:

this skill for local-first OpenClaw guardrails
AgentSentinel SDK for deeper Python agent instrumentation
AgentSentinel platform for centralized monitoring, dashboards, and approval workflows

AgentSentinel is local-first by default:

Policy checks run locally.
Budget tracking runs locally.
No remote sync is attempted unless the operator runs sync with an API key configured.

When To Use It

Use AgentSentinel before:

expensive model or API calls
file deletion or destructive shell commands
high-volume automation loops
actions that should be blocked by policy or capped by budget

Commands

`check`

Check whether a proposed action is allowed under the current local policy and budget.

python3 sentinel_wrapper.py check --cmd "rm -rf build" --cost 0.05

`status`

Show the current local status, including budget usage and whether optional remote sync is enabled.

python3 sentinel_wrapper.py status

`sync`

Upload locally recorded events to AgentSentinel cloud when AGENT_SENTINEL_API_KEY is set.

python3 sentinel_wrapper.py sync

`bootstrap`

Create a default callguard.yaml in the current workspace if one does not already exist.

python3 sentinel_wrapper.py --bootstrap

`reset`

Reset local tracked spend for the current run, or for the entire local session state.

python3 sentinel_wrapper.py reset --scope run
python3 sentinel_wrapper.py reset --scope all

Configuration

Policy is loaded from callguard.yaml in the current workspace when present.

Optional cloud mode is enabled by setting:

AGENT_SENTINEL_API_KEY

If the API key is not present, the skill remains local-only.

Locally recorded events stay on-machine until sync is run.

AgentSentinel Product Path

Use this skill if you want fast local guardrails inside OpenClaw.

Use the AgentSentinel SDK when you want:

richer Python integrations
broader policy and telemetry coverage
framework-level instrumentation outside OpenClaw

Use the AgentSentinel platform when you want:

centralized visibility across agents
dashboards and historical analysis
human approval workflows and operational review

External Endpoints

Endpoint	When it is called	Data sent
---	---	---
`https://api.agentsentinel.dev`	Only when `AGENT_SENTINEL_API_KEY` is present and `python3 sentinel_wrapper.py sync` is run	locally recorded action events generated by AgentSentinel

Security And Privacy

Local mode does not send data off-machine.
The wrapper does not write API keys to .env or other files.
Remote sync is opt-in and requires both AGENT_SENTINEL_API_KEY and an explicit sync command.
If remote sync fails, policy checks still continue locally.

Model Invocation Note

OpenClaw may invoke this skill automatically when the task suggests budget enforcement, policy checks, or action gating. That behavior is expected for an installed skill.

Trust Statement

By enabling remote sync, you allow AgentSentinel telemetry to be sent to agentsentinel.dev. Only enable that mode if you trust the service and want centralized monitoring.

版本历史

共 2 个版本

v0.1.2 当前

2026-04-30 07:51 安全安全
v0.1.1

2026-03-28 12:24 安全

安全检测

腾讯云安全 (Keen)

安全，无风险

查看报告

腾讯云安全 (Sanbu)