openclaw-safeclaw-plugin 1.4.1 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +14 -2
- package/index.ts +14 -2
- package/openclaw.plugin.json +1 -1
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -97,6 +97,16 @@ async function get(path) {
|
|
|
97
97
|
return null;
|
|
98
98
|
}
|
|
99
99
|
}
|
|
100
|
+
function approvalSeverityForRisk(riskLevel) {
|
|
101
|
+
if (riskLevel === 'CriticalRisk' || riskLevel === 'HighRisk')
|
|
102
|
+
return 'critical';
|
|
103
|
+
if (riskLevel === 'MediumRisk')
|
|
104
|
+
return 'warning';
|
|
105
|
+
return 'info';
|
|
106
|
+
}
|
|
107
|
+
function approvalTimeoutBehaviorForRisk(riskLevel) {
|
|
108
|
+
return riskLevel === 'CriticalRisk' || riskLevel === 'HighRisk' ? 'deny' : 'allow';
|
|
109
|
+
}
|
|
100
110
|
// --- Plugin Definition ---
|
|
101
111
|
let handshakeCompleted = false;
|
|
102
112
|
let lastHandshakeConfigHash = '';
|
|
@@ -252,9 +262,9 @@ export default {
|
|
|
252
262
|
requireApproval: {
|
|
253
263
|
title: 'SafeClaw Governance Check',
|
|
254
264
|
description: r.reason || 'This action requires confirmation',
|
|
255
|
-
severity: riskLevel
|
|
265
|
+
severity: approvalSeverityForRisk(riskLevel),
|
|
256
266
|
timeoutMs: 30_000,
|
|
257
|
-
timeoutBehavior: riskLevel
|
|
267
|
+
timeoutBehavior: approvalTimeoutBehaviorForRisk(riskLevel),
|
|
258
268
|
},
|
|
259
269
|
};
|
|
260
270
|
}
|
|
@@ -336,12 +346,14 @@ export default {
|
|
|
336
346
|
api.on('after_tool_call', (event, ctx) => {
|
|
337
347
|
post('/record/tool-result', {
|
|
338
348
|
sessionId: ctx.sessionId ?? event.sessionId ?? '',
|
|
349
|
+
userId: ctx.agentId ?? '',
|
|
339
350
|
toolName: event.toolName ?? '',
|
|
340
351
|
params: event.params ?? {},
|
|
341
352
|
result: event.result ?? '',
|
|
342
353
|
success: !event.error,
|
|
343
354
|
error: event.error ? String(event.error) : '',
|
|
344
355
|
durationMs: event.durationMs ?? 0,
|
|
356
|
+
runId: ctx.runId ?? event.runId ?? '',
|
|
345
357
|
}).catch((e) => log.warn('[SafeClaw] Failed to record tool result:', e));
|
|
346
358
|
});
|
|
347
359
|
// Subagent governance — block delegation bypass attempts (#188)
|
package/index.ts
CHANGED
|
@@ -104,6 +104,16 @@ async function get(path: string): Promise<Record<string, unknown> | null> {
|
|
|
104
104
|
}
|
|
105
105
|
}
|
|
106
106
|
|
|
107
|
+
function approvalSeverityForRisk(riskLevel: string): 'info' | 'warning' | 'critical' {
|
|
108
|
+
if (riskLevel === 'CriticalRisk' || riskLevel === 'HighRisk') return 'critical';
|
|
109
|
+
if (riskLevel === 'MediumRisk') return 'warning';
|
|
110
|
+
return 'info';
|
|
111
|
+
}
|
|
112
|
+
|
|
113
|
+
function approvalTimeoutBehaviorForRisk(riskLevel: string): 'allow' | 'deny' {
|
|
114
|
+
return riskLevel === 'CriticalRisk' || riskLevel === 'HighRisk' ? 'deny' : 'allow';
|
|
115
|
+
}
|
|
116
|
+
|
|
107
117
|
// --- Plugin Definition ---
|
|
108
118
|
|
|
109
119
|
let handshakeCompleted = false;
|
|
@@ -270,9 +280,9 @@ export default {
|
|
|
270
280
|
requireApproval: {
|
|
271
281
|
title: 'SafeClaw Governance Check',
|
|
272
282
|
description: (r.reason as string) || 'This action requires confirmation',
|
|
273
|
-
severity: riskLevel
|
|
283
|
+
severity: approvalSeverityForRisk(riskLevel),
|
|
274
284
|
timeoutMs: 30_000,
|
|
275
|
-
timeoutBehavior: riskLevel
|
|
285
|
+
timeoutBehavior: approvalTimeoutBehaviorForRisk(riskLevel),
|
|
276
286
|
},
|
|
277
287
|
} satisfies BeforeToolCallResult;
|
|
278
288
|
}
|
|
@@ -360,12 +370,14 @@ export default {
|
|
|
360
370
|
api.on('after_tool_call', (event: OpenClawPluginEvent, ctx: OpenClawPluginContext) => {
|
|
361
371
|
post('/record/tool-result', {
|
|
362
372
|
sessionId: ctx.sessionId ?? event.sessionId ?? '',
|
|
373
|
+
userId: ctx.agentId ?? '',
|
|
363
374
|
toolName: event.toolName ?? '',
|
|
364
375
|
params: event.params ?? {},
|
|
365
376
|
result: event.result ?? '',
|
|
366
377
|
success: !event.error,
|
|
367
378
|
error: event.error ? String(event.error) : '',
|
|
368
379
|
durationMs: event.durationMs ?? 0,
|
|
380
|
+
runId: ctx.runId ?? event.runId ?? '',
|
|
369
381
|
}).catch((e) => log.warn('[SafeClaw] Failed to record tool result:', e));
|
|
370
382
|
});
|
|
371
383
|
|
package/openclaw.plugin.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"id": "safeclaw",
|
|
3
3
|
"name": "SafeClaw Neurosymbolic Governance",
|
|
4
4
|
"description": "Validates AI agent actions against OWL ontologies and SHACL constraints before execution",
|
|
5
|
-
"version": "1.
|
|
5
|
+
"version": "1.5.0",
|
|
6
6
|
"author": "Tendly EU",
|
|
7
7
|
"license": "MIT",
|
|
8
8
|
"homepage": "https://safeclaw.eu",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "openclaw-safeclaw-plugin",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.5.0",
|
|
4
4
|
"description": "SafeClaw Neurosymbolic Governance plugin for OpenClaw — validates AI agent actions against OWL ontologies and SHACL constraints",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|