enterprise-legal-guardrails
Web & Frontend Development
v1.0.20
BenignLegal/compliance guardrails for outbound OpenClaw actions (anti-spam, defamation, privacy, financial claims).
2677 downloads677 installsby @lawyered0
Setup & Installation
Install command
clawhub install lawyered0/enterprise-legal-guardrailsIf the CLI is not installed:
Install command
npx clawhub@latest install lawyered0/enterprise-legal-guardrailsOr install with OpenClaw CLI:
Install command
openclaw skills install lawyered0/enterprise-legal-guardrailsor paste the repo link into your assistant's chat
Install command
https://github.com/openclaw/skills/tree/main/skills/lawyered0/enterprise-legal-guardrailsWhat This Skill Does
A preflight compliance checker that screens outbound bot-generated text against legal and policy rules before any post, message, or publish action executes. It classifies draft content as PASS, WATCH, REVIEW, or BLOCK based on configurable profiles covering anti-spam, privacy, HR, market claims, and legal language. Runs as a shared safety layer across any skill that produces outbound content.
Centralizes compliance enforcement in one reusable layer so individual skills don't each need their own policy logic.
When to Use It
- Blocking a bot from posting a price prediction that could violate financial regulations
- Flagging a mass-messaging campaign as spam before it sends
- Catching personally identifiable data in a draft comment before it goes public
- Routing an HR-related message for human review before delivery
- Screening market commentary for outcome certainty language before publication
View original SKILL.md file
# Enterprise Legal Guardrails Use this skill to preflight bot output before posting, messaging, or publishing anything that could create legal/compliance risk. ## What it is A generic **outbound** guardrail checker used by workflows before execute actions such as post/comment/message/chat/send in any app. ## When to use - Before `create_post`, `create_comment`, `send_message`, or equivalent publish actions. - Before market-related commentary, strategy claims, or price/certainty statements. - Before HR-sensitive or workplace-adjacent messaging. - Before anti-spam or coordination-heavy communications. - Before handling or exposing personal identifiers. ## Workflow 1. Draft text. 2. Run the checker with the matching action/profile. 3. If result is **PASS/WATCH**, proceed. 4. If **REVIEW**, rewrite or route for human/legal review. 5. If **BLOCK**, do not execute. Use it as a shared OpenClaw outbound safety layer for any skill that publishes content. Babylon is only one current integration example, not the primary purpose of the skill. ## Quick usage ```bash python3 scripts/check_enterprise_guardrails.py \ --action post \ --app <app_name> \ --policies social antispam hr \ --text "Draft text here" ``` ```bash python3 scripts/check_enterprise_guardrails.py \ --action comment \ --scope include \ --apps whatsapp,telegram \ --text "Draft text here" ``` ```bash python3 scripts/check_enterprise_guardrails.py \ --action market-analysis \ --text "Market commentary..." \ --json ``` ## App scope (global filtering) Scope applies to any app-context passed with `--app` and these env vars (legacy names preserved for compatibility): - `ENTERPRISE_LEGAL_GUARDRAILS_OUTBOUND_SCOPE` (`all|include|exclude`) - `ENTERPRISE_LEGAL_GUARDRAILS_OUTBOUND_APPS` (comma-separated list) - `BABYLON_GUARDRAILS_SCOPE` - `BABYLON_GUARDRAILS_OUTBOUND_SCOPE` - `BABYLON_GUARDRAILS_APPS` Examples: - `all`: check all outbound content. - `include` + `whatsapp,email`: only check those apps. - `exclude` + `whatsapp,email,moltbook,babylon`: everything except these apps. If scope is omitted, default is `all`. ## Profiles - `social`: public social text, comments, announcements. - `antispam`: unsolicited/pumping/coordinating messaging. - `hr`: workplace, hiring, performance, or employee conduct language. - `privacy`: personally identifying data and private information disclosures. - `market`: market/financial claims and outcome assertions. - `legal`: legal conclusions/implication language. If no profile is provided, defaults are derived from `--action`: - `post|comment|message` → `social,legal` - `trade|market-analysis` → `market,financial` - `generic` → `legal,social` ## Output - `PASS`: safe to execute - `WATCH`: low risk; optional rewrite - `REVIEW`: human/legal review recommended - `BLOCK`: do not execute ## Tuning You can tune decision sensitivity via environment variables (or CLI flags in direct runs): - `ENTERPRISE_LEGAL_GUARDRAILS_REVIEW_THRESHOLD` (`default: 5`) - `ENTERPRISE_LEGAL_GUARDRAILS_BLOCK_THRESHOLD` (`default: 9`) CLI overrides: - `--review-threshold` - `--block-threshold` Legacy aliases are supported in legacy env names: `ELG_*` and `BABYLON_GUARDRAILS_*`. ## Universal outbound adapter (no-native integration path) For skills/tools without native guardrail hooks (for example: Gmail, custom website publishing, custom message bots), run outbound operations through the wrapper: ```bash python3 /path/to/enterprise-legal-guardrails/scripts/guard_and_run.py --app <app_name> --action <post|comment|message|trade|market-analysis|generic> --execute --text "$DRAFT" -- <outbound command...> ``` Examples: ```bash # Gmail via gog python3 /path/to/enterprise-legal-guardrails/scripts/guard_and_run.py --app gmail --action message --execute --text "Hello, ..." -- gog gmail send --to user@domain.com --subject "Update" --body "Hello, ..." # Website/publication publish flow python3 /path/to/enterprise-legal-guardrails/scripts/guard_and_run.py --app website --action post --execute --text "$POST_COPY" -- npm run publish-post "$POST_COPY" ``` Use this wrapper to apply the same policy checks in non-Babylon outbound flows. ## Compatibility Legacy name `legal-risk-checker` is preserved in OpenClaw workspaces that still reference it. ## References See `references/guardrail-policy-map.md` for the full policy rule set and suggested rewrites. ## Packaging A distributable bundle is available at: - `dist/enterprise-legal-guardrails.skill` ### Hardening controls for `guard_and_run.py` For non-native outbound integrations, treat `guard_and_run` as an execution boundary. Recommended flags/env: Execution safety is allowlist-first by default. Wrapper requires explicit `--allowed-command` (or env alias) unless `--allow-any-command` is explicitly enabled. - `--allow-any-command` / `ENTERPRISE_LEGAL_GUARDRAILS_ALLOW_ANY_COMMAND` - Explicitly bypass allowlist enforcement (unsafe; audit-first use only). - `--suppress-allow-any-warning` / `ENTERPRISE_LEGAL_GUARDRAILS_SUPPRESS_ALLOW_ANY_WARNING` - Suppresses the runtime safety warning when `--allow-any-command` is intentionally enabled. - `--allow-any-command-reason` / `ENTERPRISE_LEGAL_GUARDRAILS_ALLOW_ANY_COMMAND_REASON` - Mandatory rationale for any `allow-any` bypass invocation. Suggested format: `SEC-1234: emergency fix`. - `--allow-any-command-approval-token` / `ENTERPRISE_LEGAL_GUARDRAILS_ALLOW_ANY_COMMAND_APPROVAL_TOKEN` - Mandatory approval token for any `allow-any` bypass invocation; stored as a short token fingerprint in audit logs. - `--allowed-command <exe...>` / `ENTERPRISE_LEGAL_GUARDRAILS_ALLOWED_COMMANDS` - Allow-list executables (supports comma/space lists and wildcards). - `--execute` / `ENTERPRISE_LEGAL_GUARDRAILS_EXECUTE` - Enables execution after guard checks. Without this flag, runs are validation-only. - `--strict` / `ENTERPRISE_LEGAL_GUARDRAILS_STRICT` - Escalate `REVIEW` to hard block. - `--sanitize-env` - `--keep-env <VAR...>` / `--keep-env-prefix <PREFIX...>` - `--command-timeout`, `--checker-timeout`, `--max-text-bytes` - `--audit-log <file>` / `ENTERPRISE_LEGAL_GUARDRAILS_AUDIT_LOG` These flags provide execution safety, command scoping, and immutable trail for post-incident review without changing checker logic.
Example Workflow
Here's how your AI assistant might use this skill in practice.
INPUT
User asks: Blocking a bot from posting a price prediction that could violate financial regulations
AGENT
- 1Blocking a bot from posting a price prediction that could violate financial regulations
- 2Flagging a mass-messaging campaign as spam before it sends
- 3Catching personally identifiable data in a draft comment before it goes public
- 4Routing an HR-related message for human review before delivery
- 5Screening market commentary for outcome certainty language before publication
OUTPUT
Legal/compliance guardrails for outbound OpenClaw actions (anti-spam, defamation, privacy, financial claims).
Security Audits
VirusTotalBenign
OpenClawBenign
View full reportThese signals reflect official OpenClaw status values. A Suspicious status means the skill should be used with extra caution.