Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

openclaw/governclaw-middleware

Name: governclaw-middleware
Author: openclaw

aakash2289/governclaw-middleware/SKILL.md

npx skillsauth add openclaw/skills governclaw-middleware

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

GovernClaw Middleware

This skill provides governed wrappers for sensitive operations. It acts as a policy enforcement layer between agents and external systems.

When to Use This Skill

You MUST use governed tools from this skill instead of raw tools when:

Calling external HTTP APIs (governedHttp instead of http)
Running shell commands (governedShell - future)
Reading/writing files (governedFile - future)
Controlling a browser (governedBrowser - future)

How It Works

You call a governed tool (e.g., governedHttp)
The skill sends your request metadata to GovernClaw for policy evaluation
GovernClaw returns allow or block with a reason
If allowed: the underlying operation executes and returns results
If blocked: the operation is cancelled and you receive a block reason

Available Tools

governedHttp

Makes HTTP requests through the GovernClaw policy engine.

Parameters:

method (string): HTTP method - "GET", "POST", "PUT", "DELETE"
url (string): Target URL
body (object, optional): Request body for POST/PUT
headers (object, optional): Custom headers

Returns:

On success: The HTTP response from the target
On block: { ok: false, blocked: true, reason: "..." }

Example:

const result = await context.tools.governclawMiddleware.governedHttp({
  method: "GET",
  url: "https://api.example.com/data"
});

if (result.blocked) {
  // Handle policy block
  console.log("Blocked:", result.reason);
}

Configuration

Set the GovernClaw service URL in your environment:

export GOVERNCLAW_URL="http://127.0.0.1:8000"

Or in openclaw.json:

{
  "skills": {
    "governclaw-middleware": {
      "env": {
        "GOVERNCLAW_URL": "http://127.0.0.1:8000"
      }
    }
  }
}

Governance Context

The skill automatically forwards these context fields to GovernClaw:

parent_id: The session ID (who owns the request)
child_id: The agent ID (who is making the request)
source: Where the request originated (agent, control, cron, etc.)
channel: The channel ID (if applicable)
node_id: The node ID (if applicable)
skill: Always "governclaw-middleware"

Error Handling

Always check for blocked in responses:

const response = await context.tools.governclawMiddleware.governedHttp({...});

if (!response.ok && response.blocked) {
  // Policy violation - do not retry
  return { error: response.reason };
}

if (!response.ok) {
  // Network or other error - may retry
  return { error: "Request failed" };
}

// Success
return response.data;

Policy Modes

GovernClaw supports three governance modes:

playground: Log-only, actions always allowed
governed: Default mode, enforce policies
strict: Block on any uncertainty

The skill defaults to governed mode. Future versions may allow per-request mode overrides.

openclaw/governclaw-middleware

aakash2289/governclaw-middleware/SKILL.md

Governance middleware for OpenClaw agents. Wraps HTTP, shell, file, and browser actions with policy checks via GovernClaw before execution. Required tools - http. Environment variables - GOVERNCLAW_URL (default http://127.0.0.1:8000).

3,729 stars

tools

Updated Apr 2, 2026

$ install --global

skillsauth

npx skillsauth add openclaw/skills governclaw-middleware

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 3, 2026, 7:56 AM8.0s1 file scanned

SKILL.md

GovernClaw Middleware

This skill provides governed wrappers for sensitive operations. It acts as a policy enforcement layer between agents and external systems.

When to Use This Skill

You MUST use governed tools from this skill instead of raw tools when:

Calling external HTTP APIs (governedHttp instead of http)
Running shell commands (governedShell - future)
Reading/writing files (governedFile - future)
Controlling a browser (governedBrowser - future)

How It Works

You call a governed tool (e.g., governedHttp)
The skill sends your request metadata to GovernClaw for policy evaluation
GovernClaw returns allow or block with a reason
If allowed: the underlying operation executes and returns results
If blocked: the operation is cancelled and you receive a block reason

Available Tools

governedHttp

Makes HTTP requests through the GovernClaw policy engine.

Parameters:

method (string): HTTP method - "GET", "POST", "PUT", "DELETE"
url (string): Target URL
body (object, optional): Request body for POST/PUT
headers (object, optional): Custom headers

Returns:

On success: The HTTP response from the target
On block: { ok: false, blocked: true, reason: "..." }

Example:

const result = await context.tools.governclawMiddleware.governedHttp({
  method: "GET",
  url: "https://api.example.com/data"
});

if (result.blocked) {
  // Handle policy block
  console.log("Blocked:", result.reason);
}

Configuration

Set the GovernClaw service URL in your environment:

export GOVERNCLAW_URL="http://127.0.0.1:8000"

Or in openclaw.json:

{
  "skills": {
    "governclaw-middleware": {
      "env": {
        "GOVERNCLAW_URL": "http://127.0.0.1:8000"
      }
    }
  }
}

Governance Context

The skill automatically forwards these context fields to GovernClaw:

parent_id: The session ID (who owns the request)
child_id: The agent ID (who is making the request)
source: Where the request originated (agent, control, cron, etc.)
channel: The channel ID (if applicable)
node_id: The node ID (if applicable)
skill: Always "governclaw-middleware"

Error Handling

Always check for blocked in responses:

const response = await context.tools.governclawMiddleware.governedHttp({...});

if (!response.ok && response.blocked) {
  // Policy violation - do not retry
  return { error: response.reason };
}

if (!response.ok) {
  // Network or other error - may retry
  return { error: "Request failed" };
}

// Success
return response.data;

Policy Modes

GovernClaw supports three governance modes:

playground: Log-only, actions always allowed
governed: Default mode, enforce policies
strict: Block on any uncertainty

The skill defaults to governed mode. Future versions may allow per-request mode overrides.

Related Skills

openclaw/mcdonalds-skill

tools

VerifiedTrustedCommunity

Use when the user wants to connect to, test, or use the McDonalds service at mcp.mcd.cn, including checking authentication, probing MCP endpoints, listing tools, or calling McDonalds MCP tools through a reusable local CLI.

3,962SKILL.mdUpdated Apr 10, 2026

openclaw/mcdonalds-skill

openclaw/scrapebadger

development

VerifiedTrustedCommunity

Web scraping platform — Twitter/X data, Vinted marketplace, and general web scraping API

3,962SKILL.mdUpdated Apr 10, 2026

openclaw/scrapebadger

openclaw/slowmist-security-cc

development

VerifiedTrustedCommunity

SlowMist AI Agent Security Review — comprehensive security framework for skills, repositories, URLs, on-chain addresses, and products (Claude Code version)

3,962SKILL.mdUpdated Apr 10, 2026

openclaw/slowmist-security-cc

openclaw/humanizer-cn

data-ai

VerifiedTrustedCommunity

去除中文文本中的 AI 写作痕迹，使其读起来自然。基于维基百科 AI 写作特征指南，检测 24 种 AI 模式。触发词：humanizer-cn、去除 AI 痕迹、去除 AI 写作痕迹、中文文本人性化。

3,962SKILL.mdUpdated Apr 10, 2026

openclaw/humanizer-cn

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/openclaw/skills.git

# Copy into Claude Code skills folder (global)
cp -r skills/aakash2289/governclaw-middleware ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

openclaw/skills

3,729 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT