{"id":47703401,"url":"https://github.com/deepunk42/seclaw","last_synced_at":"2026-04-03T19:01:25.816Z","repository":{"id":347581543,"uuid":"1194248276","full_name":"DeePunk42/SecLaw","owner":"DeePunk42","description":"SecLaw is an OpenClaw plugin that provides real-time security auditing for AI Agent tool calls.","archived":false,"fork":false,"pushed_at":"2026-03-30T03:19:03.000Z","size":427,"stargazers_count":8,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-03T04:11:55.196Z","etag":null,"topics":["openclaw-plugin","security"],"latest_commit_sha":null,"homepage":"http://localhost:18789/plugins/seclaw","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DeePunk42.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-28T05:08:56.000Z","updated_at":"2026-03-30T03:19:07.000Z","dependencies_parsed_at":"2026-04-03T19:00:53.811Z","dependency_job_id":null,"html_url":"https://github.com/DeePunk42/SecLaw","commit_stats":null,"previous_names":["deepunk42/seclaw"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/DeePunk42/SecLaw","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeePunk42%2FSecLaw","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeePunk42%2FSecLaw/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeePunk42%2FSecLaw/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeePunk42%2FSecLaw/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DeePunk42","download_url":"https://codeload.github.com/DeePunk42/SecLaw/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DeePunk42%2FSecLaw/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31371636,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-03T17:53:18.093Z","status":"ssl_error","status_checked_at":"2026-04-03T17:53:17.617Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["openclaw-plugin","security"],"created_at":"2026-04-02T17:46:35.921Z","updated_at":"2026-04-03T19:01:25.702Z","avatar_url":"https://github.com/DeePunk42.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SecLaw\n\nReal-time security audit layer for [OpenClaw](https://github.com/nicepkg/openclaw) AI agents. Every tool call is classified and audited before execution.\n\n[![npm](https://img.shields.io/npm/v/@deepunk/seclaw)](https://www.npmjs.com/package/@deepunk/seclaw)\n\n[中文文档](README.zh-CN.md)\n\n## How It Works\n\n```\nTool Call ──\u003e Rule Engine ──\u003e LLM Audit ──\u003e Allow / Block\n                 |\n          GREEN: allow immediately, no audit\n          YELLOW: allow immediately, audit in background\n          RED: block until audit confirms safe\n```\n\nSecLaw's rule engine classifies every tool call into three tiers. GREEN operations (file reads, git status) pass through silently. YELLOW operations (normal commands) are allowed but audited asynchronously — if the audit finds danger, the next call is blocked. RED operations (destructive commands, credential access) are blocked until a real-time LLM audit confirms they are safe.\n\nFor technical details, see [Advanced Documentation](docs/advanced.md).\n\n## Requirements\n\nOpenClaw \u003e= 2026.3.22\n\n## Quick Start\n\n### 1. Install\n\n```bash\nopenclaw plugins install @deepunk/seclaw\n```\n\n### 2. Enable\n\nThe plugin is enabled automatically on first install. SecLaw will create its data directory, write default config, copy default rules (28+), and preset sender labels — no manual setup needed.\n\n### 3. Open Dashboard\n\nAfter starting OpenClaw, open the SecLaw Dashboard:\n\n```\nhttp://localhost:18789/plugins/seclaw\n```\n\nIn the **Config** tab:\n\n1. Select an LLM model from the **Model** dropdown (auto-populated from your gateway's `models.providers`)\n2. Turn on **LLM Enabled**\n3. Click **Save**\n\nConfiguration is persisted to `~/.openclaw/openclaw.json` and survives restarts.\n\n### 4. Verify\n\nYou should see in the startup logs:\n\n```\n[seclaw] LLM connected via provider config model=openai-codex/gpt-5.4\n[seclaw] Initialized rules=28 llm=openai-codex/gpt-5.4 policy=fail_closed\n[seclaw] Dashboard: /plugins/seclaw\n```\n\nSecLaw is now active. All agent tool calls are audited in real time. Open the **Audit Log** tab to see live audit cards.\n\n## Dashboard\n\nSecLaw includes a built-in web dashboard with four tabs:\n\n| Tab | What it does |\n|-----|-------------|\n| **Audit Log** | Real-time tool call monitoring with tier badges (GREEN/YELLOW/RED), status labels, expandable details, and filters. Live updates via SSE. |\n| **Config** | Runtime configuration — model selection, LLM toggle, trusted sender labels, timeout settings. Changes take effect immediately. |\n| **Rules** | View and edit YAML rule files, upload custom rules, test rule matching with the built-in tester. |\n| **Health** | Security scanner (8 domains, 29+ checks, A-F grading) and one-click hardening in balanced or paranoid mode. |\n\n### Authentication (optional)\n\nThe dashboard is open by default (relies on gateway-level network security). Two optional auth methods:\n\n- **Token**: Set `dashboard.token` — authenticate via Bearer header or URL query param\n- **Password**: Set `dashboard.password` — browser login with HttpOnly cookie (30-day session)\n\n## Configuration\n\nAll settings can be edited in the Dashboard **Config** tab. They are stored in `~/.openclaw/openclaw.json` under the `seclaw` plugin key.\n\n### Trusted Sender Labels\n\nThe most important configuration for multi-user setups.\n\n`llm.trustedSenderLabels` controls which message senders are allowed to override blocked operations. When a RED tool call is blocked, SecLaw generates a 6-digit PIN. Only senders whose label appears in this list can use the `/pin\u003cPIN\u003e` command to unblock it.\n\n**Default:** `[\"openclaw-control-ui\"]` (the OpenClaw web UI)\n\n**How to configure:**\n\n- **Dashboard**: Config tab \u003e Trusted Sender Labels multi-select dropdown. Use the refresh button to discover new labels from audit logs.\n- **Config file**: Edit `~/.openclaw/openclaw.json`:\n\n```json\n{\n  \"plugins\": {\n    \"seclaw\": {\n      \"llm\": {\n        \"trustedSenderLabels\": [\"openclaw-control-ui\", \"telegram:alice\", \"discord:admin-bot\"]\n      }\n    }\n  }\n}\n```\n\n**Override flow:**\n\n1. Agent tries a dangerous operation -\u003e SecLaw blocks it\n2. A 6-digit PIN is shown to trusted senders (with inline buttons on Telegram/Slack/Discord)\n3. Trusted sender replies `/pin123456` (or taps the button)\n4. Operation is unblocked for that tool name within the current turn\n\nNon-trusted senders only see \"requires operator approval\" — the PIN is not revealed to them.\n\n### All Options\n\n| Option | Default | Description |\n|--------|---------|-------------|\n| `llm.model` | `\"\"` | LLM model for auditing (`provider/model` format) |\n| `llm.enabled` | `true` | Enable/disable LLM auditing |\n| `llm.maxConcurrent` | `2` | Max concurrent LLM audit calls |\n| `llm.promptRecentCalls` | `3` | Number of recent tool calls included in audit prompt |\n| `llm.trustedSenderLabels` | `[\"openclaw-control-ui\"]` | Senders allowed to override blocked calls |\n| `llm.apiKey` | — | Explicit API key (overrides provider-level auth) |\n| `timeouts.auditTimeoutMs` | `60000` | Audit timeout in milliseconds |\n| `timeouts.syncTimeoutPolicy` | `\"fail_closed\"` | `fail_closed` = block on timeout; `fail_open` = allow on timeout |\n| `dashboard.enabled` | `true` | Enable the web dashboard |\n| `dashboard.token` | — | Bearer token for API authentication |\n| `dashboard.password` | — | Password for browser login |\n\n## Learn More\n\n- [Advanced Documentation](docs/advanced.md) — Audit flow internals, intent context, override mechanism, timeout policies, logging, API endpoints\n- [Rule Engine Reference](docs/rule-engine.md) — Rule syntax, field modifiers, detection conditions, custom rule examples\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeepunk42%2Fseclaw","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeepunk42%2Fseclaw","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeepunk42%2Fseclaw/lists"}