@agenttrust/agenttrust

AgentTrust Plugin for OpenClaw

Cloud Guardrails + Backup + Audit Logging for Autonomous AI Agents

AgentTrust provides cloud-first guardrails, automatic memory backup, and immutable audit logging — powered by AgentTrust.ai.

Quick Start

# 1. Install into OpenClaw's managed plugin directory
openclaw plugins install @agenttrust/agenttrust --pin

# 2. Configure (enter your API key)
agenttrust config

# 3. Restart OpenClaw
openclaw gateway restart

Done! Your agent now has cloud guardrails, automatic backups, and audit logging.

Features

✅ Cloud Guardrails (Live)

Real-time validation of tool calls against server-side security policies:

• Manifest-driven: All rules managed server-side (no client config needed)
• Selective monitoring: Only tools in manifest are validated via cloud
• Smart fallback: If cloud unreachable, per-tool fallback action applies
• Zero latency impact: Fire-and-forget with intelligent caching
• Full audit trail: Every validation logged with pattern/rule metadata

Example blocked commands:

• rm -rf / → ❌ Blocked (destructive command)
• curl http://attacker.com → ❌ Blocked (data exfiltration)
• npm install safe-package → ✅ Allowed (low risk)

✅ CloudBackup (Live)

Automatic snapshots of your agent's memory on every gateway restart:

• Files backed up:

  • ~/.openclaw/openclaw.json
  • ~/.openclaw/workspace/MEMORY.md
  • ~/.openclaw/workspace/SOUL.md
  • ~/.openclaw/workspace/AGENTS.md
  • ~/.openclaw/workspace/memory/ (entire directory)

• Deduplication: SHA-256 hashing prevents redundant storage

• Cross-platform: Works on Windows, Mac, Linux (automatic path handling)

• Fire-and-forget: Zero performance impact, 30s timeout

• Smart limits: Respects maxFileSizeBytes, maxTotalBytes, maxFileCount from server

Security (Client-Side Enforcement):

• Backup scope: ONLY ~/.openclaw/workspace/ and openclaw.json can be backed up
• Credential protection: .env, .ssh/, *.pem, *.key, credentials auto-blocked
• Zero-trust: Even if server is compromised, only workspace files (minus secrets) are accessible

Retention tiers:

• Free: 7 days
• Pro: 90 days
• Ultimate: 365 days

✅ Cloud Logging (Live)

Immutable audit trail of every agent action:

• Tool calls — Every exec, read, web_search with full params and outputs
• Prompts — Full context before each LLM decision
• Session events — Session start, reset, stop timestamps

Where logs go:

• Local JSONL: ~/.openclaw/logs/agenttrust/audit.jsonl
• Remote cloud: POST https://agenttrust.ai/api/openclaw/cloudlogs
• Fire-and-forget: 3s timeout, never blocks your agent

🚧 Coming Soon

• Time Machine UI — Restore snapshots from dashboard (v1.1)
• Ops Replay — Reconstruct full sessions from cloud logs (v1.1)
• InjectionGuard — Prompt injection detection (v1.2)
• Semantic Time Travel — Query "what did my agent know on Feb 10?" (v2.0)

Installation

1. Get an API Key

Sign up at agenttrust.ai and create an API key.

2. Install the Plugin

# Recommended: let OpenClaw install into ~/.openclaw/extensions/agenttrust
openclaw plugins install @agenttrust/agenttrust --pin

# Local development / manual install
openclaw plugins install .

OpenClaw installs the package into its managed extensions directory and enables the plugin in config.

3. Configure API Key

The plugin intentionally does not mutate your OpenClaw config during npm install. Set or update your API key explicitly:

agenttrust config

For non-interactive VPS/headless setup:

agenttrust config --api-key "$AGENTTRUST_API_KEY"

4. Restart OpenClaw

openclaw gateway restart

5. Verify It's Working

Check gateway logs after restart:

tail -20 ~/.openclaw/logs/agenttrust/audit.jsonl

You should see backup events:

{"ts":"2026-02-20T13:49:09.035Z","hook":"gateway_start","level":"info","data":{"message":"CloudBackup: uploaded ... files"}}

Configuration

Plugin config lives in ~/.openclaw/openclaw.json under plugins.agenttrust:

{
  "plugins": {
    "agenttrust": {
      "enabled": true,
      "cloudBackup": {
        "enabled": true,
        "endpoint": "https://agenttrust.ai"
      },
      "cloudLogging": {
        "enabled": true,
        "endpoint": "https://agenttrust.ai",
        "logLevel": "standard",
        "hooks": [
          "before_tool_call",
          "after_tool_call",
          "before_prompt_build",
          "command:new",
          "command:reset",
          "command:stop"
        ]
      }
    }
  }
}

Config Reference

CloudBackup

Key	Type	Default	Description
enabled	boolean	true	Toggle automatic backups
endpoint	string	https://agenttrust.ai	Server endpoint

Cloud Logging

Key	Type	Default	Description
enabled	boolean	true	Toggle cloud logging
endpoint	string	https://agenttrust.ai	Server endpoint
logLevel	string	"standard"	Log verbosity: minimal, standard, verbose
hooks	string[]	[...]	Which OpenClaw hooks to log

How It Works

CloudBackup Flow

Gateway Start
    ↓
GET /api/openclaw/backup/manifest
    ↓ (server returns paths to back up)
Collect files from paths
    ↓ (SHA-256 hash each file)
POST /api/openclaw/backup/upload
    ↓ (server deduplicates + stores)
Done (fire-and-forget, ~30s max)

Manifest-driven: Server tells plugin what to back up. No hardcoded paths in plugin.

Deduplication: Files with identical SHA-256 hashes reuse existing blobs in Cloud Storage.

Skipped files tracked: summary.skipped reports tooLarge, excluded, unreadable, limitReached.

Cloud Logging Flow

Agent action (tool call, prompt, session event)
    ↓
Extract event data (params, timestamp, session, etc.)
    ↓
Write to local JSONL (~/.openclaw/logs/agenttrust/audit.jsonl)
    ↓
POST to cloud endpoint (fire-and-forget, 3s timeout)
    ↓
Done (agent never waits)

Event types:

• tool_call_start — Before tool execution
• tool_call_end — After tool completes (includes output + duration)
• prompt — Before LLM call (full prompt context)
• session_new, session_reset, session_stop — Session lifecycle

Log Files

Logs are written to ~/.openclaw/logs/agenttrust/audit.jsonl in JSONL format (one JSON object per line).

Example entries:

{"ts":"2026-02-20T13:49:09.035Z","hook":"gateway_start","level":"info","session":"045d8da7-956d-4502-9735-022e93d26d00","agent":"agent:main:main","data":{"message":"CloudBackup: uploading 15 files (68696 bytes)"}}

{"ts":"2026-02-20T13:49:19.998Z","hook":"before_tool_call","level":"verbose","session":"045d8da7-956d-4502-9735-022e93d26d00","agent":"agent:main:main","data":{"toolName":"exec","params":{"command":"openclaw gateway restart","timeout":10}}}

{"ts":"2026-02-20T13:49:20.123Z","hook":"after_tool_call","level":"standard","session":"045d8da7-956d-4502-9735-022e93d26d00","agent":"agent:main:main","data":{"toolName":"exec","success":false,"durationMs":125}}

Troubleshooting

Plugin not loading?

• Check openclaw gateway restart output for errors
• Verify plugin directory exists: ls ~/.openclaw/extensions/agenttrust/

No backups happening?

• Check API key is set: grep AGENTTRUST_API_KEY ~/.openclaw/workspace/.env
• Check logs: tail ~/.openclaw/logs/agenttrust/audit.jsonl
• Test manifest endpoint: curl -H "Authorization: Bearer YOUR_KEY" https://agenttrust.ai/api/openclaw/backup/manifest

Backups timing out?

• Large workspaces may hit 30s limit
• Check server-side limits: maxFileSizeBytes, maxTotalBytes, maxFileCount
• Review summary.skipped in upload logs

Cross-platform path issues?

• Plugin uses os.homedir() + path.join() — paths should work everywhere
• Server sends ~/.openclaw/... notation (works on all platforms)

API endpoint unreachable?

• Plugin fails silently (fire-and-forget)
• Local JSONL logging continues working
• Check network/firewall

Roadmap

• v0.9.0-beta — CloudBackup + Cloud Logging
• v1.0.0 — Cloud Guardrails (manifest-driven tool validation)
• v1.1.0 — Time Machine restore UI + Ops Replay
• v1.2.0 — InjectionGuard
• v2.0.0 — Semantic Time Travel (query agent memory at specific dates)

Support

• Dashboard: agenttrust.ai
• Docs: This README + plugin source code
• Issues: github.com/agenttrust/agenttrust/issues

License

MIT — See LICENSE