@byteplus/agent-sentry 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md ADDED
@@ -0,0 +1,107 @@
1
+ # AgentSentry (OpenClaw Security Plugin)
2
+
3
+ `agent-sentry` is a security plugin for OpenClaw. It audits LLM traffic and key Agent lifecycle hook points to reduce harmful requests and sensitive data leakage.
4
+
5
+ ## Breaking rename migration notice
6
+
7
+ This release performs a **breaking external brand rename** from **ClawSentry** to **AgentSentry**. Old external entrypoints are **not compatible** in code after this change.
8
+
9
+ | Old external entrypoint | New external entrypoint |
10
+ | --- | --- |
11
+ | `claw-sentry` | `agent-sentry` |
12
+ | `plugins.entries.claw-sentry` | `plugins.entries.agent-sentry` |
13
+ | `/clawSentry` | `/agentSentry` |
14
+ | `/cs` | `/as` |
15
+ | `clawSentryListConfig` | `agentSentryListConfig` |
16
+ | `clawSentryListInfo` | `agentSentryListInfo` |
17
+ | `clawSentryListAvailableTools` | `agentSentryListAvailableTools` |
18
+
19
+ ## Requirements
20
+
21
+ - OpenClaw: `>=2026.4.14`
22
+ - Node.js: `>=22`
23
+
24
+ ## Install
25
+
26
+ ### Volcengine
27
+
28
+ ```bash
29
+ openclaw plugins install @volcengine/agent-sentry
30
+ openclaw config set plugins.entries.agent-sentry.hooks.allowConversationAccess true
31
+ ```
32
+
33
+ ### BytePlus
34
+
35
+ ```bash
36
+ openclaw plugins install @byteplus/agent-sentry
37
+ openclaw config set plugins.entries.agent-sentry.hooks.allowConversationAccess true
38
+ ```
39
+
40
+ ## Enable
41
+
42
+ After installing the plugin package, enable it and restart the gateway:
43
+
44
+ ```bash
45
+ openclaw plugins enable agent-sentry
46
+ openclaw gateway restart
47
+ ```
48
+
49
+ ## Configuration
50
+
51
+ Configure the plugin in your OpenClaw config (fields are aligned with `openclaw.plugin.json`):
52
+
53
+ ```yaml
54
+ plugins:
55
+ entries:
56
+ agent-sentry:
57
+ enabled: true
58
+ config:
59
+ # Required
60
+ apiKey: "<encrypted-api-key>"
61
+ clawId: "<claw-id>"
62
+ ctEndpoint: "https://<control-endpoint>"
63
+ lmEndpoint: "https://<moderation-endpoint>"
64
+
65
+ # Optional
66
+ asClawId: "<as-claw-id>"
67
+ configVersion: "<version-string>"
68
+ openClawDir: "<path-to-openclaw-state-dir>"
69
+
70
+ # Behavior
71
+ logRecord: false
72
+ # enableFetch is deprecated since 1.5.0-dlp and is now a no-op; DLP runs
73
+ # via before_dispatch + before_prompt_build (see dlpInputGate below).
74
+ enableFetch: false
75
+ enableBeforeToolCall: true
76
+ enableAfterToolCall: true
77
+ enableHeartbeat: true
78
+ timeoutMs: 30000
79
+ failureThreshold: 3
80
+ retryInterval: 60
81
+ maxRetryInterval: 3600
82
+ # Optional input-side DLP enforcement mode for before_dispatch.
83
+ # 'marker_only' (default) keeps the user message and lets
84
+ # before_prompt_build inject a system reminder. 'direct_block' returns
85
+ # {handled:true, text:securityReason} from before_dispatch.
86
+ dlpInputGate:
87
+ mode: marker_only
88
+ language: "en" # or "zh"
89
+ ```
90
+
91
+ ## Hooks & auditing
92
+
93
+ - `before_dispatch` + `before_prompt_build`: collect moderation results and inject safe context into prompts.
94
+ - `before_tool_call`: audit tool name/params (and optional tool-result context). The `isGroup` flag is derived from `ctx.sessionKey` (format `agent:<id>:<channel>:group|direct:<target>`).
95
+ - `after_tool_call`: store tool result context for subsequent audits.
96
+ - `llm_input`: capture LLM input (e.g. system prompt) for auditing/traceability.
97
+ - `agent_end`: upload conversation record and clear per-session cached contexts.
98
+ - Degradation/circuit breaker: automatically bypasses checks when the security service is unavailable and probes for recovery.
99
+
100
+ ## Development
101
+
102
+ ```bash
103
+ pnpm -C openclaw-plugin build
104
+ pnpm -C openclaw-plugin test
105
+ ```
106
+
107
+ Publishing scripts are defined in `openclaw-plugin/package.json` (including `beta` and `private` tags).
@@ -0,0 +1,24 @@
1
+ # AgentSentry rename release notes
2
+
3
+ This release introduces a **breaking external rename** from **ClawSentry** to **AgentSentry**.
4
+
5
+ Old external entrypoints are **no longer compatible** after upgrading.
6
+
7
+ | Old external entrypoint | New external entrypoint |
8
+ | --- | --- |
9
+ | `claw-sentry` | `agent-sentry` |
10
+ | `plugins.entries.claw-sentry` | `plugins.entries.agent-sentry` |
11
+ | `/clawSentry` | `/agentSentry` |
12
+ | `/cs` | `/as` |
13
+ | `clawSentryListConfig` | `agentSentryListConfig` |
14
+ | `clawSentryListInfo` | `agentSentryListInfo` |
15
+ | `clawSentryListAvailableTools` | `agentSentryListAvailableTools` |
16
+
17
+ ## Required migration steps
18
+
19
+ 1. Reinstall or reference the plugin package as `agent-sentry`.
20
+ 2. Update OpenClaw config keys from `plugins.entries.claw-sentry` to `plugins.entries.agent-sentry`.
21
+ 3. Update slash command usage from `/clawSentry` and `/cs` to `/agentSentry` and `/as`.
22
+ 4. Update any tool integrations to the `agentSentry*` identifiers.
23
+
24
+ Protocol compatibility fields such as `clawId`, `ClawID`, `claw_id`, `X-Ai-Claw-Id`, and `pluginType=clawsentry` remain unchanged.
@@ -0,0 +1,53 @@
1
+ ---
2
+ name: agent-sentry
3
+ description: |
4
+ AI Assistant Security (AgentSentry) 安全防护系统,用于查看防护配置、查看配置信息、查看可用工具等。
5
+ Activate when user needs to: 查看防护配置、查看配置信息、查看可用工具、查看AgentSentry可用工具、查看ai-assistant-security-openclaw、查看安全防护、查看安全配置、使用安全工具、打开安全工具、调用安全工具、安全防护工具、安全工具、使用防护工具、打开防护工具、调用防护工具、防护工具。
6
+ metadata:
7
+ {
8
+ "openclaw":
9
+ {
10
+ "emoji": "🛡️",
11
+ "skillKey": "agent-sentry",
12
+ "requires": { "config": ["plugins.entries.agent-sentry.enabled"] },
13
+ },
14
+ }
15
+ ---
16
+
17
+ # AgentSentry
18
+
19
+ AgentSentry 是一个安全防护系统,提供 LLM 和 Agent 的安全防护功能。
20
+
21
+ ## Migration notice
22
+
23
+ 这是一次破坏性外显改名,旧入口不再兼容:
24
+
25
+ | 旧入口 | 新入口 |
26
+ | --- | --- |
27
+ | `claw-sentry` | `agent-sentry` |
28
+ | `plugins.entries.claw-sentry` | `plugins.entries.agent-sentry` |
29
+ | `/clawSentry` | `/agentSentry` |
30
+ | `/cs` | `/as` |
31
+ | `clawSentryListConfig` | `agentSentryListConfig` |
32
+ | `clawSentryListInfo` | `agentSentryListInfo` |
33
+ | `clawSentryListAvailableTools` | `agentSentryListAvailableTools` |
34
+
35
+ ## Agent rules:
36
+
37
+ - Call tools directly. Never suggest slash commands to the user.
38
+ - Always inform the user if they don't have permission to use a tool.
39
+ - When a tool returns "no permission", tell the user clearly and remind them they can ask "我可以使用什么功能" or "查看可用工具" to see what tools are available for their version.
40
+
41
+ ## Tool Parameters
42
+
43
+ ### agentSentryListConfig
44
+
45
+ 查看防护配置。**Call when:** "查看防护配置", "看一下防护规则", "有哪些防护规则", "查看安全配置", "查看安全防护配置", "看一下当前配置". No params.
46
+
47
+ ### agentSentryListInfo
48
+
49
+ 查看配置信息。**Call when:** "查看配置信息", "看一下配置", "有哪些配置", "查看插件配置", "看一下插件配置", "查看AgentSentry配置", "看一下AgentSentry配置", "查看配置", "查看版本信息", "看一下版本信息". No params.
50
+
51
+ ### agentSentryListAvailableTools
52
+
53
+ 查看可用工具。**Call when:** "查看可用工具", "我能用哪些工具", "查看AgentSentry可用工具", "查看当前版本可以使用的所有工具列表", "有哪些工具可以用", "查看可用命令", "我可以用什么工具", "有什么功能", "我能做什么", "有哪些功能", "查看功能", "我可以使用哪些功能", "有什么工具", "查看我能使用的工具", "当前版本有什么功能", "有什么可用的功能", "我能使用什么", "我有什么功能可以用". No params.