### Install AgentWard CLI Source: https://agentward.ai/docs.html Install AgentWard using pip. Requires Python 3.11+ and runs locally on Mac and Linux. ```bash pip install agentward ``` -------------------------------- ### Initialize AgentWard Pipeline Source: https://agentward.ai/docs.html Run the full AgentWard pipeline interactively. Discovers tools, shows risk summary, generates policy, wires enforcement, and starts the proxy. ```bash agentward init ``` -------------------------------- ### Inspect and Inspect with AgentWard Runtime Source: https://agentward.ai/docs.html Start the runtime proxy with live policy enforcement. Supports stdio mode as an MCP proxy and HTTP mode as a reverse proxy. ```bash agentward inspect --policy agentward.yaml -- npx server # stdio proxy ``` ```bash agentward inspect --gateway clawdbot --policy agentward.yaml # HTTP proxy ``` ```bash agentward inspect -- npx server # passthrough (logging only) ``` ```bash agentward inspect --policy agentward.yaml --dry-run -- npx s # observe without blocking ``` -------------------------------- ### Configure AgentWard Policy Source: https://agentward.ai/docs.html Generate a smart-default `agentward.yaml` policy file based on scan results and detected use-case patterns. Tailors security defaults to installed components. ```bash agentward configure # auto-discover and generate ``` ```bash agentward configure ~/clawd/skills/ # generate from OpenClaw skills dir ``` ```bash agentward configure -o my-policy.yaml # custom output path ``` -------------------------------- ### Example RFC 5424 Syslog Line Source: https://agentward.ai/docs.html An example of a structured RFC 5424 syslog line generated by AgentWard, including decision, severity, and audit fields. ```syslog # BLOCK decision — Warning severity (PRI=12) <12>1 2026-03-20T10:00:00+00:00 host agentward 4521 tool_call [agentward@0 event="tool_call" tool="gmail_send" decision="BLOCK" skill="email-manager" resource="gmail" reason="send action is not permitted"] BLOCK gmail_send: send action is not permitted ``` -------------------------------- ### Setup AgentWard Enforcement Source: https://agentward.ai/docs.html Wire AgentWard enforcement into existing tool infrastructure. Supports MCP mode for config files and Gateway mode for ClawdBot port swapping. ```bash agentward setup --policy agentward.yaml # wrap all discovered MCP configs ``` ```bash agentward setup --config ~/.cursor/mcp.json # wrap specific config file ``` ```bash agentward setup --gateway clawdbot # swap ClawdBot gateway port ``` ```bash agentward setup --gateway clawdbot --undo # restore original port ``` ```bash agentward setup --dry-run --policy agentward.yaml # preview changes only ``` -------------------------------- ### Configure AgentWard Policy - Zero-Trust Mode Source: https://agentward.ai/docs Define AgentWard enforcement rules in a YAML file. This example configures a zero-trust mode, blocking everything not explicitly allowed, and sets specific permissions for email and calendar skills. ```yaml # agentward.yaml — generated by `agentward configure`, edit as needed version: "1.0" # Block everything not explicitly allowed (zero-trust mode) default_action: block skills: email-manager: gmail: read: true send: false # can read, cannot send delete: false draft: true # creates drafts for human review filters: exclude_labels: ["Finance", "Medical"] google_calendar: denied: true # email skill has zero calendar access finance-tracker: gmail: read: true filters: only_from: ["chase.com", "amex.com"] filesystem: read: ["~/Documents/Finance/"] write: false network: outbound: false # financial data never leaves machine ``` -------------------------------- ### Configure AgentWard Policy - Data Boundaries and Audit Logging Source: https://agentward.ai/docs Define HIPAA data boundary zones to control data flow and configure audit logging. This example sets up a 'hipaa_zone' and specifies the audit syslog path. ```yaml # HIPAA data boundary zones data_boundaries: hipaa_zone: skills: [ehr-connector, clinical-notes] classification: phi rules: - phi_data cannot flow outside hipaa_zone on_violation: block_and_notify # Audit log output (both JSONL and RFC 5424 syslog are always written) audit: syslog_path: /var/log/agentward/audit.syslog # default: alongside the JSONL file ``` -------------------------------- ### Troubleshoot Port Conflict with ClawdBot Source: https://agentward.ai/docs.html Steps to resolve an 'Address already in use' error on port 18789, typically caused by ClawdBot not restarting properly after gateway setup. ```bash agentward setup --gateway clawdbot # if not done yet clawdbot gateway restart # move ClawdBot to new port lsof -i :18790 # verify: should show node lsof -i :18789 # verify: should be empty agentward inspect --gateway clawdbot --policy agentward.yaml ``` -------------------------------- ### Scan Tool Sources with AgentWard Source: https://agentward.ai/docs.html Perform static analysis of tool sources. Auto-discovers MCP configs, scans Python files, and queries live MCP servers. Outputs a risk-rated permission map. ```bash agentward scan # auto-discover all sources ``` ```bash agentward scan ~/.cursor/mcp.json # scan specific MCP config ``` ```bash agentward scan ~/project/ # scan directory (MCP + Python + OpenClaw) ``` ```bash agentward scan --json > report.json # machine-readable output ``` ```bash agentward scan --format html # shareable HTML report with score badge ``` ```bash agentward scan --ci --format sarif # SARIF for GitHub Security tab ``` -------------------------------- ### Run AgentWard Probe with Different Filters Source: https://agentward.ai/docs.html Use `agentward probe` to test your policies. You can filter tests by category, severity, or use custom probe files. The `--list` option shows available probes, and `--strict` treats coverage gaps as failures. ```bash agentward probe --policy agentward.yaml # run all 68 built-in probes ``` ```bash agentward probe --category protected_paths # filter by attack category ``` ```bash agentward probe --severity critical # filter by severity ``` ```bash agentward probe --probes my_probes.yaml # add custom probe file ``` ```bash agentward probe --list # catalogue all available probes ``` ```bash agentward probe --strict # treat GAPs as failures (CI mode) ``` ```bash agentward probe --verbose # per-probe detail even when all pass ``` -------------------------------- ### Run Server Subprocess Standalone Source: https://agentward.ai/docs.html Test the server command independently to ensure it functions correctly before passing it through AgentWard. This helps isolate environment or path issues. ```bash npx -y @modelcontextprotocol/server-filesystem /tmp ``` -------------------------------- ### Restart ClawdBot Gateway Source: https://agentward.ai/docs.html The correct command to restart the ClawdBot gateway. Avoid standalone stop/start/restart commands. ```bash clawdbot gateway restart ``` -------------------------------- ### Evaluate Compliance with AgentWard Source: https://agentward.ai/docs.html Evaluate current policy against regulatory frameworks and generate compliance delta reports. Can auto-generate corrected policy files with `--fix`. ```bash agentward comply --framework hipaa # compliance delta report ``` ```bash agentward comply --framework sox --fix # auto-generate SOX-compliant config ``` ```bash agentward comply --framework gdpr --json # JSON output for CI ``` ```bash agentward comply --framework pci-dss --policy custom.yaml # custom policy path ``` -------------------------------- ### AgentWard CLI for CI Integration Source: https://agentward.ai/docs.html Integrate AgentWard probes into CI pipelines using the command-line interface. Control exit codes based on probe success or failure, and filter probes by severity. The `--strict` flag ensures that gaps are also treated as failures. ```bash agentward probe --policy agentward.yaml # exit 0 on pass, 1 on fail agentward probe --policy agentward.yaml --strict # exit 1 on fail OR gap agentward probe --policy agentward.yaml --severity critical # fast: only critical probes ``` -------------------------------- ### AgentWard Policy Configuration (YAML) Source: https://agentward.ai/docs.html Central policy configuration file for AgentWard. Defines default actions, skill-specific permissions (read, send, delete), filters, cross-skill chaining rules, approval requirements, data boundary zones, and audit logging paths. ```yaml # agentward.yaml — generated by `agentward configure`, edit as needed version: "1.0" # Block everything not explicitly allowed (zero-trust mode) default_action: block skills: email-manager: gmail: read: true send: false # can read, cannot send delete: false draft: true # creates drafts for human review filters: exclude_labels: ["Finance", "Medical"] google_calendar: denied: true # email skill has zero calendar access finance-tracker: gmail: read: true filters: only_from: ["chase.com", "amex.com"] filesystem: read: ["~/Documents/Finance/"] write: false network: outbound: false # financial data never leaves machine # Cross-skill chaining rules skill_chaining: - email-manager cannot trigger web-researcher - finance-tracker cannot trigger any other skill - web-researcher cannot trigger shell-executor # Require human approval before executing require_approval: - send_email - delete_file - outbound_network_with_pii - shell_command_with_sudo # HIPAA data boundary zones data_boundaries: hipaa_zone: skills: [ehr-connector, clinical-notes] classification: phi rules: - phi_data cannot flow outside hipaa_zone on_violation: block_and_notify # Audit log output (both JSONL and RFC 5424 syslog are always written) audit: syslog_path: /var/log/agentward/audit.syslog # default: alongside the JSONL file ``` -------------------------------- ### Configure AgentWard Policy - Cross-Skill Chaining and Approvals Source: https://agentward.ai/docs Configure cross-skill chaining rules and require human approval for sensitive actions. This section specifies which skills cannot trigger others and lists actions needing review. ```yaml # Cross-skill chaining rules skill_chaining: - email-manager cannot trigger web-researcher - finance-tracker cannot trigger any other skill - web-researcher cannot trigger shell-executor # Require human approval before executing require_approval: - send_email - delete_file - outbound_network_with_pii - shell_command_with_sudo ``` -------------------------------- ### GitHub Actions CI Workflow for AgentWard Source: https://agentward.ai/docs.html A GitHub Actions workflow snippet to run AgentWard policy regression tests. It executes probes with specific severity levels and enables strict mode for comprehensive testing. ```yaml # .github/workflows/ci.yaml - name: Policy regression test run: agentward probe --policy agentward.yaml --strict --severity critical,high ``` -------------------------------- ### Remove Stale ClawdBot Gateway Sidecar File Source: https://agentward.ai/docs.html Remove the stale `.agentward-gateway.json` sidecar file to fix issues where the proxy forwards to itself, causing an infinite loop. ```bash rm ~/.clawdbot/.agentward-gateway.json agentward setup --gateway clawdbot clawdbot gateway restart agentward inspect --gateway clawdbot --policy agentward.yaml ``` -------------------------------- ### Custom Probe Definition in YAML Source: https://agentward.ai/docs.html Define custom probes in a YAML file to override built-in ones or create new tests. Specify probe name, category, severity, description, expected outcome, and tool-specific arguments or chaining details. Optional fields like rationale and requires_policy_feature can further refine probe behavior. ```yaml # my_org_probes.yaml probes: # Tool-call probe — tests a specific MCP tool + arguments - name: crm_bulk_export_blocked category: scope_creep severity: critical description: "CRM bulk export must require approval, not run freely" tool_name: crm_export_all arguments: format: csv include_pii: true expected: BLOCK rationale: "Bulk export of CRM data is high-blast-radius and irreversible" # Skill-chaining probe — tests evaluate_chaining() directly - name: crm_to_email_exfiltration category: skill_chaining severity: critical description: "CRM skill must not be able to trigger email sending" chaining_source: crm-manager chaining_target: email-manager expected: BLOCK rationale: "Prevents exfiltrating customer records via email" requires_policy_feature: skill_chaining ``` -------------------------------- ### Override Syslog Path in AgentWard Policy Source: https://agentward.ai/docs.html Configure a custom path for the AgentWard audit syslog file by setting the `audit.syslog_path` field in your policy YAML. ```yaml # agentward.yaml audit: syslog_path: /var/log/agentward/audit.syslog # absolute or relative path ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.