Skip to main content

OpenClaw Integration

Rafter integrates seamlessly with OpenClaw to add security to autonomous coding agents.

Setup

1. Install Rafter CLI

Install globally: 
npm install -g @rafter-security/cli

2. Initialize Agent Security

Run initialization (auto-detects OpenClaw): 
rafter agent init
If OpenClaw is detected, Rafter will:
  • ✓ Install skill to ~/.openclaw/skills/rafter-security.md
  • ✓ Enable agent integration in config
  • ✓ Set up security policies

3. Restart OpenClaw

Restart OpenClaw to load the Rafter skill: 
# Stop OpenClaw
openclaw stop

# Start OpenClaw
openclaw start

How It Works

Once integrated, OpenClaw agents automatically use Rafter for security-sensitive operations: 
User → OpenClaw Agent → Rafter Security → Safe Execution

Example Flow

User request: 
"Commit these changes to git"
OpenClaw processes:
  1. Generates commit message
  2. Calls Rafter: rafter agent exec "git commit -m '...'"
  3. Rafter scans staged files for secrets
  4. If clean: Executes commit
  5. If secrets found: Blocks and alerts user

Skill Commands

The Rafter skill provides these commands to OpenClaw:

/rafter-scan

Scan files for secrets before operations. When OpenClaw uses it:
  • Before git commits
  • When reading sensitive files
  • After generating code with credentials
Example: 
User: "Is there anything sensitive in this codebase?"
OpenClaw: rafter agent scan .

/rafter-bash

Execute shell commands with validation. When OpenClaw uses it:
  • For any shell command execution
  • Before destructive operations
  • When using sudo
Example: 
User: "Install the dependencies"
OpenClaw: rafter agent exec "npm install"

/rafter-audit

View security event logs. When OpenClaw uses it:
  • After blocked commands
  • When reviewing security events
  • For compliance reporting
Example: 
User: "Show me recent security events"
OpenClaw: rafter agent audit --last 10

Configuration

Risk Levels for OpenClaw

Choose based on your use case:
Best for: Local development, prototyping
rafter agent config set agent.riskLevel minimal
  • Allows most commands
  • Basic secret detection
  • Minimal interruption to workflow
Best for: Sensitive environments, compliance requirements
rafter agent config set agent.riskLevel aggressive
  • Maximum security checks
  • Requires approval for most operations
  • Comprehensive audit logging
  • Best for production agents

Command Policy

Control how commands are handled: 
# Default: Approve dangerous commands
rafter agent config set agent.commandPolicy.mode approve-dangerous

# Alternative: Block specific patterns only
rafter agent config set agent.commandPolicy.mode deny-list

# Permissive: Allow all (not recommended)
rafter agent config set agent.commandPolicy.mode allow-all

Usage Examples

Safe Development Workflow

User: "Create a new feature for user authentication"

OpenClaw:
1. Generates code
2. Runs rafter agent scan  # Check for secrets
3. If clean, proceeds
4. Creates git commit with rafter agent exec
5. Scans staged files again
6. Commits successfully

Blocked Dangerous Operation

User: "Clean up all files in the project"

OpenClaw generates: rm -rf /

Rafter:
🚫 Command BLOCKED
Risk Level: CRITICAL
Reason: Matches blocked pattern: rm -rf /

OpenClaw: "This command is too dangerous. Please specify which files to delete."

Approval Required

User: "Force push to main branch"

OpenClaw generates: git push --force origin main

Rafter:
⚠️  Command requires approval
Risk Level: HIGH
Approve this command? (yes/no):

User: no

OpenClaw: "Command cancelled. Would you like to push normally instead?"

Best Practices

Recommended Setup

  1. Start with moderate risk level: Adjust based on experience
  2. Review audit logs daily: rafter agent audit --last 20
  3. Train agents on Rafter commands: Ensure agents know when to use security checks
  4. Test policies in development: Before deploying to production
  5. Keep Rafter updated: npm update -g @rafter-security/cli

Monitoring

View Agent Activity

Check what your agent is doing: 
# Recent command executions
rafter agent audit --event command_intercepted

# Secret detections
rafter agent audit --event secret_detected

# Filter by agent
rafter agent audit --agent openclaw --last 50

Audit Reports

Generate reports for compliance: 
# Export last 7 days as JSON
rafter agent audit --since $(date -v-7d +%Y-%m-%d) --json > agent-audit.json

Troubleshooting

Skill Not Loading

If OpenClaw doesn’t recognize Rafter commands:
  1. Check skill file exists: 
    ls ~/.openclaw/skills/rafter-security.md
  2. Reinstall skill: 
    rafter agent init --force
  3. Restart OpenClaw: 
    openclaw restart

Commands Not Being Validated

If commands bypass Rafter:
  1. Check config: 
    rafter agent config get agent.environments.openclaw.enabled
# Should be: true
  2. Verify policy mode: 
    rafter agent config get agent.commandPolicy.mode
  3. Enable if disabled: 
    rafter agent config set agent.environments.openclaw.enabled true

False Positives

If safe commands are being blocked:
  1. Check audit log: 
    rafter agent audit --last 5
  2. Adjust risk level: 
    rafter agent config set agent.riskLevel minimal
  3. Report issue: rafter-cli/issues

Advanced Configuration

Custom Blocked Patterns

Add organization-specific patterns: Edit ~/.rafter/config.json: 
{
  "agent": {
    "commandPolicy": {
      "blockedPatterns": [
        "rm -rf /",
        "kubectl delete namespace production",
        "terraform destroy"
      ]
    }
  }
}

Approval Patterns

Require approval for specific commands: 
{
  "agent": {
    "commandPolicy": {
      "requireApproval": [
        "git push --force",
        "npm publish",
        "docker push.*production"
      ]
    }
  }
}

Multi-Agent Setup

Running multiple OpenClaw instances: 
# Each agent gets same config by default
# Customize per-agent if needed:

# Agent 1 (aggressive)
export RAFTER_RISK_LEVEL=aggressive
openclaw start --name agent1

# Agent 2 (moderate)
export RAFTER_RISK_LEVEL=moderate
openclaw start --name agent2

Support

Need Help?

Next Steps

Command Reference

Complete CLI command reference

Secret Scanning

Learn about secret detection