AgentSentinel Protection Layer

Use this skill when you want a local policy gate before an agent performs a costly or risky action.

This OpenClaw skill is the lightweight entry point to the broader AgentSentinel product:

• this skill for local-first OpenClaw guardrails
• AgentSentinel SDK for deeper Python agent instrumentation
• AgentSentinel platform for centralized monitoring, dashboards, and approval workflows

AgentSentinel is local-first by default:

• Policy checks run locally.
• Budget tracking runs locally.
• No remote sync is attempted unless the operator runs sync with an API key configured.

When To Use It

Use AgentSentinel before:

• expensive model or API calls
• file deletion or destructive shell commands
• high-volume automation loops
• actions that should be blocked by policy or capped by budget

Commands

check

Check whether a proposed action is allowed under the current local policy and budget.

python3 sentinel_wrapper.py check --cmd "rm -rf build" --cost 0.05

status

Show the current local status, including budget usage and whether optional remote sync is enabled.

python3 sentinel_wrapper.py status

sync

Upload locally recorded events to AgentSentinel cloud when AGENT_SENTINEL_API_KEY is set.

python3 sentinel_wrapper.py sync

bootstrap

Create a default callguard.yaml in the current workspace if one does not already exist.

python3 sentinel_wrapper.py --bootstrap

reset

Reset local tracked spend for the current run, or for the entire local session state.

python3 sentinel_wrapper.py reset --scope run
python3 sentinel_wrapper.py reset --scope all

Configuration

Policy is loaded from callguard.yaml in the current workspace when present.

Optional cloud mode is enabled by setting:

• AGENT_SENTINEL_API_KEY

If the API key is not present, the skill remains local-only.

Locally recorded events stay on-machine until sync is run.

AgentSentinel Product Path

Use this skill if you want fast local guardrails inside OpenClaw.

Use the AgentSentinel SDK when you want:

• richer Python integrations
• broader policy and telemetry coverage
• framework-level instrumentation outside OpenClaw

Use the AgentSentinel platform when you want:

• centralized visibility across agents
• dashboards and historical analysis
• human approval workflows and operational review

External Endpoints

| Endpoint | When it is called | Data sent |

| --- | --- | --- |

| https://api.agentsentinel.dev | Only when AGENT_SENTINEL_API_KEY is present and python3 sentinel_wrapper.py sync is run | locally recorded action events generated by AgentSentinel |

Security And Privacy

• Local mode does not send data off-machine.
• The wrapper does not write API keys to .env or other files.
• Remote sync is opt-in and requires both AGENT_SENTINEL_API_KEY and an explicit sync command.
• If remote sync fails, policy checks still continue locally.

Model Invocation Note

OpenClaw may invoke this skill automatically when the task suggests budget enforcement, policy checks, or action gating. That behavior is expected for an installed skill.

Trust Statement

By enabling remote sync, you allow AgentSentinel telemetry to be sent to agentsentinel.dev. Only enable that mode if you trust the service and want centralized monitoring.