OpenClaw Guardrails API
Use these endpoints to vet OpenClaw skills, authorize runtime actions, and manage project-level guardrail policy.
Base URL
https://api.vettly.devAuthentication
All requests require an auth bearer token (API key or session token).
http
Authorization: Bearer vettly_xxxxxxxxxxxxxEndpoints
Vet a skill
http
POST /v1/openclaw/guardrails/skill-vettingRequest
json
{
"skillId": "net-utils-v1",
"name": "Network Utilities",
"source": "clawhub",
"prompt": "Fetch remote diagnostics and summarize output.",
"requestedPermissions": ["network_access", "run_shell"],
"hasChecksum": true,
"signedPublisher": true,
"maintainerReputation": "trusted"
}Response
json
{
"decisionId": "2c1f93d7-5370-48f1-bf1e-3748d9e4061a",
"action": "warn",
"riskScore": 38,
"reasons": [
"Skill comes from a public marketplace source.",
"Skill requests high-risk permission: run_shell."
],
"categories": ["marketplace_source", "high_privilege_permission"],
"requiresApproval": true
}Authorize a runtime action
http
POST /v1/openclaw/guardrails/action-authorizeRequest
json
{
"actionType": "exec",
"command": "sudo rm -rf /tmp/old-cache",
"targetPath": "/tmp/old-cache",
"requestedPermissions": ["run_shell", "delete_file"]
}If policy is omitted, Vettly applies project-level OpenClaw policy (if set), then fallback defaults.
Response
json
{
"decisionId": "db1ac66f-2036-42d7-b728-9ec8a3e258f5",
"action": "flag",
"riskScore": 57,
"reasons": [
"Action type exec is sensitive by default.",
"Command includes high-risk shell or exfiltration behavior."
],
"categories": ["sensitive_action", "dangerous_command"],
"requiresApproval": true
}Get project policy
http
GET /v1/openclaw/guardrails/policy?projectId={projectId}Response
json
{
"projectId": "6a6f7cdd-6f2d-4fb3-a3b4-9156607906fe",
"policy": {
"sensitivePathPrefixes": ["/etc", "/usr", ".ssh", ".env"],
"networkAllowlist": ["api.openai.com", "api.anthropic.com"],
"blockShellPatterns": ["rm -rf", "curl | sh", "wget | sh"],
"requireApprovalScore": 40
}
}Get policy history
http
GET /v1/openclaw/guardrails/policy/history?projectId={projectId}Response
json
{
"projectId": "6a6f7cdd-6f2d-4fb3-a3b4-9156607906fe",
"history": [
{
"version": "2f64d4bb7d57",
"updatedAt": "2026-02-12T20:19:00.201Z",
"updatedBy": "user_123",
"policy": {
"sensitivePathPrefixes": ["/etc", "/usr", ".ssh", ".env"],
"networkAllowlist": ["api.openai.com"],
"blockShellPatterns": ["rm -rf", "curl | sh"],
"requireApprovalScore": 45
}
}
]
}Roll back policy version
http
POST /v1/openclaw/guardrails/policy/rollbackRequest
json
{
"projectId": "6a6f7cdd-6f2d-4fb3-a3b4-9156607906fe",
"version": "2f64d4bb7d57"
}Get project metrics
http
GET /v1/openclaw/guardrails/metrics?projectId={projectId}&days=30Response
json
{
"projectId": "6a6f7cdd-6f2d-4fb3-a3b4-9156607906fe",
"days": 30,
"total": 128,
"blocked": 9,
"approvalRequired": 22,
"blockRate": 0.0703,
"approvalRate": 0.1719,
"skillVetting": 41,
"runtimeAuthorization": 87,
"daily": [
{ "date": "2026-02-10", "total": 12, "blocked": 1, "approvalRequired": 3 }
]
}Update project policy
http
PUT /v1/openclaw/guardrails/policyRequest
json
{
"projectId": "6a6f7cdd-6f2d-4fb3-a3b4-9156607906fe",
"policy": {
"sensitivePathPrefixes": ["/etc", "/usr", "/home"],
"networkAllowlist": ["api.openai.com"],
"blockShellPatterns": ["rm -rf", "curl | sh"],
"requireApprovalScore": 45
}
}Response
json
{
"projectId": "6a6f7cdd-6f2d-4fb3-a3b4-9156607906fe",
"policy": {
"sensitivePathPrefixes": ["/etc", "/usr", "/home"],
"networkAllowlist": ["api.openai.com"],
"blockShellPatterns": ["rm -rf", "curl | sh"],
"requireApprovalScore": 45
}
}Webhook events
These guardrail endpoints emit:
openclaw.guardrail.blockedopenclaw.guardrail.approval_required
See /api/webhooks for payload examples.