What is GatewayStack Governance?

A deny-by-default governance layer for OpenClaw that enforces identity, scope, rate limits, injection detection, and audit logging on every tool call.

What optional features does it offer?

Output DLP to redact PII, escalation for human review, and behavioral monitoring to detect anomalous usage.

How is it installed and configured?

Install via openclaw plugins install @gatewaystack/gatewaystack-governance and customize policy.json to define allowed tools, users, and rate limits.

GatewayStack Governance

Verified

@davidcrowe

npx machina-cli add skill @davidcrowe/gatewaystack-governance --openclaw

Files (1)

SKILL.md

2.6 KB

GatewayStack Governance

Deny-by-default governance for every tool call in OpenClaw.

Five core checks run automatically on every invocation:

Identity — maps the agent to a policy role. Unknown agents are denied.
Scope — deny-by-default tool allowlist. Unlisted tools are blocked.
Rate limiting — per-user and per-session sliding window limits.
Injection detection — 40+ patterns from Cisco, Snyk, and Kaspersky research.
Audit logging — every decision recorded to append-only JSONL.

Three opt-in features extend governance further:

Output DLP — scans tool output for PII using @gatewaystack/transformabl-core. Log or redact.
Escalation — human-in-the-loop review for medium-severity detections and first-time tool use.
Behavioral monitoring — detects anomalous tool usage patterns using @gatewaystack/limitabl-core.

Install

openclaw plugins install @gatewaystack/gatewaystack-governance

One command. Zero config. The core 5 checks are active on every tool call immediately.

The plugin hooks into before_tool_call at the process level — the agent can't bypass it, skip it, or talk its way around it.

Customize

To override the defaults, create a policy file:

cp ~/.openclaw/plugins/gatewaystack-governance/policy.example.json \
   ~/.openclaw/plugins/gatewaystack-governance/policy.json

Configure which tools are allowed, who can use them, rate limits, injection detection sensitivity, and the three optional features (DLP, escalation, behavioral monitoring — all disabled by default).

Optional GatewayStack packages

The opt-in features use GatewayStack packages via lazy import. Install only what you need:

npm install @gatewaystack/transformabl-core   # for output DLP
npm install @gatewaystack/limitabl-core       # for behavioral monitoring

The core 5 checks have zero external dependencies and work without these packages.

Overview

GatewayStack Governance enforces identity verification, scope enforcement, rate limiting, injection detection, and audit logging on every OpenClaw tool call. It includes optional DLP, escalation, and behavioral monitoring that can be enabled as needed.

How This Skill Works

On each invocation, five core checks run automatically: identity maps the agent to a policy, scope enforces an allowlist, rate limits apply per user and per session, injection patterns are detected, and decisions are logged to an append-only JSONL. The plugin hooks into before_tool_call at the OpenClaw process level, ensuring the agent cannot bypass or override it. Policies are customizable via a policy.json file, and optional features (DLP, escalation, behavioral monitoring) are opt-in.

When to Use It

Enforcing strict deny-by-default access for all tool calls in OpenClaw
Auditing every tool decision with append-only JSONL logs
Preventing unlisted tools from being invoked (scope enforcement)
Applying per-user and per-session rate limits to tool usage
Enabling opt-in features like DLP, escalation, or behavioral monitoring for enhanced governance

Quick Start

Step 1: Install the gatewaystack-governance plugin
Step 2: Copy the policy example to policy.json: cp ~/.openclaw/plugins/gatewaystack-governance/policy.example.json ~/.openclaw/plugins/gatewaystack-governance/policy.json
Step 3: Optionally install optional packages for DLP and monitoring and configure your policy

Best Practices

Start with a minimal policy.json that whitelists only approved tools and users
Enable rate limits with reasonable per-user and per-session windows
Regularly review audit logs to detect anomalous patterns
Use Output DLP to redact PII from tool outputs when enabled
Test escalation and behavioral monitoring in a staging environment before production

Example Use Cases

A security-conscious team blocks all tool calls by default and whitelists only approved tools
A regulated finance app uses escalation for first-time tool use and medium-severity detections
An enterprise enforces per-user rate limits to prevent tool abuse
An audit-heavy project relies on append-only JSONL audit logs for compliance
Organizations enable Output DLP to redact PII from tool outputs

Frequently Asked Questions

Add this skill to your agents

GatewayStack Governance

GatewayStack Governance

Install

Customize

Optional GatewayStack packages

Links

Source

Overview

How This Skill Works

When to Use It

Quick Start

Best Practices

Example Use Cases

Frequently Asked Questions