@chrguard/ai-guardian-plugin
v0.2.0
Published
OpenClaw AI Guardian tool-audit plugin for auditing and enforcing policies on tool calls.
Readme
AI Guardian Plugin
OpenClaw plugin that checks tool calls against an on-chain Guardian policy flow and can block execution when the verdict is RED.
Install
From a local directory:
openclaw plugins install /path/to/ai-guardian-pluginFrom npm:
openclaw plugins install @chrguard/ai-guardian-pluginConfig
Configure it under:
plugins.entries["ai-guardian-plugin"]
Example:
{
"plugins": {
"entries": {
"ai-guardian-plugin": {
"enabled": true,
"config": {
"enabled": true,
"enforceDecision": true,
"chromiaBrid": "YOUR_BRID",
"chromiaNodes": [
"https://node6.testnet.chromia.com:7740",
"https://node7.testnet.chromia.com:7740",
"https://node8.testnet.chromia.com:7740"
],
"chromiaJudgeOperation": "judge_action",
"chromiaStatusQuery": "get_judgment_status",
"chromiaPollIntervalMs": 1000,
"chromiaPollTimeoutMs": 20000,
"chromiaEncryptedAction": "",
"chromiaTxTimeoutMs": 10000,
"chromiaQueryTimeoutMs": 5000,
"chromiaSecretPath": "~/.config/ai-guardian/guard-client-key"
}
}
}
}
}Config fields
| Option | Description |
|---|---|
| enabled | Enable plugin logic |
| enforceDecision | If true, RED verdicts block tool execution |
| chromiaBrid | Blockchain RID used for Guardian decisions |
| chromiaNodes | One or more Chromia node URLs |
| chromiaJudgeOperation | Operation used to submit a judgment request. Default: judge_action |
| chromiaStatusQuery | Query used to poll verdict status. Default: get_judgment_status |
| chromiaPollIntervalMs | Poll interval in milliseconds |
| chromiaPollTimeoutMs | Max time to wait for final verdict |
| chromiaEncryptedAction | Optional encrypted action payload |
| chromiaTxTimeoutMs | Timeout for submission path |
| chromiaQueryTimeoutMs | Timeout for each polling query |
| chromiaSecretPath | Path to Guardian key file. Defaults to ~/.config/ai-guardian/guard-client-key |
| debug | Extra logging |
How it works
The plugin uses a pure JavaScript flow:
- Submit a
judge_actionrequest usingpostchain-client+@chromia/ft4 - Poll
get_judgment_statususingpostchain-client - Interpret verdicts:
red→ blockyellow→ allowgreen→ allow
No shelling out to chr is required.
Notes
- If
chromiaBridis missing, the plugin falls back toCLAWCHAIN_BRID - If
chromiaNodesis missing, the plugin falls back toCLAWCHAIN_NODE - The recommended key path is
~/.config/ai-guardian/guard-client-key - The plugin is intended to run as a standard OpenClaw extension via
openclaw.extensions
License
MIT
