@gatewaystack/gatewaystack-governance 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +187 -0
- package/SKILL.md +81 -0
- package/openclaw.plugin.json +11 -0
- package/package.json +64 -0
- package/policy.example.json +81 -0
- package/references/attack-patterns.md +45 -0
- package/references/policy-reference.md +141 -0
- package/scripts/governance/audit.d.ts +2 -0
- package/scripts/governance/audit.js +53 -0
- package/scripts/governance/check.d.ts +8 -0
- package/scripts/governance/check.js +172 -0
- package/scripts/governance/cli.d.ts +4 -0
- package/scripts/governance/cli.js +208 -0
- package/scripts/governance/constants.d.ts +7 -0
- package/scripts/governance/constants.js +99 -0
- package/scripts/governance/identity.d.ts +7 -0
- package/scripts/governance/identity.js +40 -0
- package/scripts/governance/injection.d.ts +6 -0
- package/scripts/governance/injection.js +59 -0
- package/scripts/governance/policy.d.ts +2 -0
- package/scripts/governance/policy.js +56 -0
- package/scripts/governance/rate-limit.d.ts +5 -0
- package/scripts/governance/rate-limit.js +156 -0
- package/scripts/governance/scope.d.ts +5 -0
- package/scripts/governance/scope.js +27 -0
- package/scripts/governance/types.d.ts +73 -0
- package/scripts/governance/types.js +2 -0
- package/scripts/governance/utils.d.ts +1 -0
- package/scripts/governance/utils.js +40 -0
- package/scripts/governance/validate-policy.d.ts +6 -0
- package/scripts/governance/validate-policy.js +104 -0
- package/scripts/governance-gateway.d.ts +11 -0
- package/scripts/governance-gateway.js +23 -0
- package/scripts/governance-gateway.ts +24 -0
- package/src/plugin.d.ts +17 -0
- package/src/plugin.js +98 -0
- package/src/plugin.ts +90 -0
package/src/plugin.ts
ADDED
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* GatewayStack Governance — OpenClaw Plugin
|
|
3
|
+
*
|
|
4
|
+
* Registers a `before_tool_call` hook that automatically runs governance
|
|
5
|
+
* checks on every tool invocation. The agent cannot bypass this — it runs
|
|
6
|
+
* at the process level before any tool executes.
|
|
7
|
+
*
|
|
8
|
+
* Identity mapping uses OpenClaw agent IDs (e.g. "main", "ops", "dev")
|
|
9
|
+
* rather than human users, since OpenClaw is a single-user personal AI.
|
|
10
|
+
*/
|
|
11
|
+
|
|
12
|
+
import * as path from "path";
|
|
13
|
+
import * as os from "os";
|
|
14
|
+
import { checkGovernance } from "../scripts/governance-gateway.js";
|
|
15
|
+
|
|
16
|
+
// Resolve policy path: check plugin directory first, then ~/.openclaw default
|
|
17
|
+
function resolvePolicyPath(): string {
|
|
18
|
+
const pluginDir = path.resolve(__dirname, "..");
|
|
19
|
+
const localPolicy = path.join(pluginDir, "policy.json");
|
|
20
|
+
|
|
21
|
+
// Also check OpenClaw skills directory (for backward compat with skill installs)
|
|
22
|
+
const openclawSkillPolicy = path.join(
|
|
23
|
+
os.homedir(),
|
|
24
|
+
".openclaw",
|
|
25
|
+
"skills",
|
|
26
|
+
"gatewaystack-governance",
|
|
27
|
+
"policy.json"
|
|
28
|
+
);
|
|
29
|
+
|
|
30
|
+
// Prefer local plugin directory policy
|
|
31
|
+
try {
|
|
32
|
+
require("fs").accessSync(localPolicy);
|
|
33
|
+
return localPolicy;
|
|
34
|
+
} catch {
|
|
35
|
+
// Fall through
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
// Try OpenClaw skills directory
|
|
39
|
+
try {
|
|
40
|
+
require("fs").accessSync(openclawSkillPolicy);
|
|
41
|
+
return openclawSkillPolicy;
|
|
42
|
+
} catch {
|
|
43
|
+
// Fall through
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
// Default to local — will produce a clear error from checkGovernance
|
|
47
|
+
return localPolicy;
|
|
48
|
+
}
|
|
49
|
+
|
|
50
|
+
const plugin = {
|
|
51
|
+
id: "gatewaystack-governance",
|
|
52
|
+
name: "GatewayStack Governance",
|
|
53
|
+
description:
|
|
54
|
+
"Automatic governance for every tool call — identity, scope, rate limiting, injection detection, and audit logging",
|
|
55
|
+
|
|
56
|
+
register(api: any) {
|
|
57
|
+
const policyPath = resolvePolicyPath();
|
|
58
|
+
|
|
59
|
+
api.on(
|
|
60
|
+
"before_tool_call",
|
|
61
|
+
async (
|
|
62
|
+
event: { toolName: string; params: Record<string, unknown> },
|
|
63
|
+
ctx: { agentId?: string; sessionKey?: string }
|
|
64
|
+
) => {
|
|
65
|
+
const result = await checkGovernance({
|
|
66
|
+
toolName: event.toolName,
|
|
67
|
+
args: JSON.stringify(event.params),
|
|
68
|
+
userId: ctx.agentId ?? "unknown",
|
|
69
|
+
session: ctx.sessionKey,
|
|
70
|
+
policyPath,
|
|
71
|
+
});
|
|
72
|
+
|
|
73
|
+
if (!result.allowed) {
|
|
74
|
+
return { block: true, blockReason: result.reason };
|
|
75
|
+
}
|
|
76
|
+
|
|
77
|
+
return {};
|
|
78
|
+
},
|
|
79
|
+
{ priority: 0 }
|
|
80
|
+
);
|
|
81
|
+
|
|
82
|
+
if (api.logger) {
|
|
83
|
+
api.logger.info(
|
|
84
|
+
`GatewayStack Governance loaded (policy: ${policyPath})`
|
|
85
|
+
);
|
|
86
|
+
}
|
|
87
|
+
},
|
|
88
|
+
};
|
|
89
|
+
|
|
90
|
+
export default plugin;
|