Your OpenClaw Agent Has Zero Guardrails
Add network allow-listing, human approval gates, rate limiting, and multi-scanner skill vetting — in under 60 seconds.
Free tier available · 1 Guard instance · 5 vetted skills · No credit card required
Install in 60 seconds
docker run -d --name custos-guard \
-e CUSTOS_API_KEY=your_key_here \
-p 8080:8080 \
vettiq/guard:latestThen point your OpenClaw instance to http://localhost:8080 as the proxy.
Six Layers of Runtime Protection
Goes beyond what ClawHub's built-in scanning catches
Network Allow-listing
Block all outbound traffic except vetted skill APIs. Zero-trust by default.
Human Approval Gates
Require approval for sensitive operations: email sends, file deletes, external POSTs.
Multi-Scanner Skill Vetting
4-scanner pipeline: Snyk, Cisco, Semgrep, VirusTotal. Detect malicious skills before they run.
Live Action Log
Real-time visibility into every skill call, API request, and approval decision.
Rate Limiting
Prevent runaway agents. Set action limits per minute, hour, or day.
Fail-Closed Architecture
If Guard crashes, traffic stops. Nothing leaks.
Three Policy Profiles
Choose the right security posture for your use case
| Profile | Sandbox Evaluation / demos | Team Daily team work | Production Customer-facing workflows |
|---|---|---|---|
| Network | Block all except skill APIs | Skill APIs + common SaaS | Skill APIs + strict logging |
| Blocked | Drafts OK, sending needs approval | Allowed, bulk needs approval | |
| File System | Read-only sandbox | Read-write in workspace | Read-write, approval outside workspace |
| Approval Gates | None (risky = blocked) | Email, file deletes, ext. POSTs | Bulk, financial, destructive ops |
| Rate Limit | 10 actions/min | 30 actions/min | 60 actions/min |
| Skills | Low-risk only | Low + medium risk | All approved skills |
15 Vetted Skills at Launch
Scanned by Snyk, Cisco, Semgrep, and VirusTotal
Email/Messaging
4 skills
Gmail, Slack, SMTP, Outlook
Calendar
3 skills
Google Calendar, Outlook Calendar, Cal.com
Documents
4 skills
Google Docs, Notion, Local File Manager, Web Scraper
DevOps
4 skills
GitHub, Shell Runner, Docker Manager, PostgreSQL
Can't find a skill you need? Request vetting at contact@vettiq.ai
Frequently Asked Questions
How does Guard work without modifying OpenClaw?▼
Guard runs as an HTTP proxy. OpenClaw's outbound traffic routes through it. No plugins, no patches, no OpenClaw modifications.
What happens if Guard goes down?▼
Fail-closed architecture. If the proxy crashes, OpenClaw's traffic has nowhere to go. Nothing leaks.
Do I need Docker?▼
Yes. Guard runs as a Docker container alongside OpenClaw.
What skills are in the catalog?▼
15 vetted skills across 4 categories: Email/Messaging (Gmail, Slack, SMTP, Outlook), Calendar (Google Calendar, Outlook Calendar, Cal.com), Documents (Google Docs, Notion, Local File Manager, Web Scraper), DevOps (GitHub, Shell Runner, Docker Manager, PostgreSQL).
Can I use skills not in the catalog?▼
Yes, but they won't have vetted allow-lists. Guard logs all their activity and blocks unknown domains. Use Sandbox profile for unvetted skills.
Is my data sent to your servers?▼
Action logs and heartbeats, yes. Your actual OpenClaw conversations and tool outputs stay local. Guard sees request destinations, not payloads.
Add Guardrails in 60 Seconds
One Docker command. Zero OpenClaw modifications. Full runtime visibility.