# OpenClaw Agent Configuration ## Pre-Action Authorization (APort Guardrails) ✅ REQUIRED **CRITICAL RULE**: Before executing ANY tool that has side effects, you MUST verify authorization through APort Agent Guardrails. ### Required Steps (in order): 1. **Check Passport Status** (guardrail does this first; passport is source of truth) - The guardrail checks passport `status` before any policy. If `status` is not `active` (e.g. `suspended` or `revoked`), it denies with `oap.passport_suspended`. No separate kill-switch file. 2. **Call APort Verification** - Run: `~/.openclaw/.skills/aport-guardrail.sh ''` - Context JSON should include: tool parameters, resource identifiers, operation details 3. **Read Decision** - Read `~/.openclaw/decision.json` - If `allow: false`: **STOP EXECUTION**, return denial reasons to user - If `allow: true`: Proceed with tool execution, log receipt ID 4. **Failure Behavior** - APort script fails: DENY (fail-closed for security) - Passport invalid: DENY with clear error message 5. **Never reuse a previous decision** - **Always invoke the tool** when the user requests an action. Do not skip or assume a tool will be denied because a previous invocation was denied. - APort is re-evaluated on every tool call; passport or limits may have changed. When using the APort plugin, it never reuses a cached decision—each call gets a fresh verify. --- ## Effectful Tools (Require Verification) - **Git Operations**: `git.create_pr`, `git.merge`, `git.push` - **System Commands**: `exec.run`, `exec.*`, `system.*` - **Messaging**: `message.send`, `messaging.*` - **Data Operations**: `database.write`, `data.export` See full documentation: https://github.com/aporthq/aport-agent-guardrails