agent-guardrailsStop AI agents from secretly bypassing your rules. Mechanical enforcement with git hooks, secret detection, deployment verification, and import registries. B...
Install via ClawdBot CLI:
clawdbot install olmmlo-cmd/agent-guardrailsMechanical enforcement for AI agent project standards. Rules in markdown are suggestions. Code hooks are laws.
cd your-project/
bash /path/to/agent-guardrails/scripts/install.shThis installs the git pre-commit hook, creates a registry template, and copies check scripts into your project.
| Script | When to Run | What It Does |
|--------|------------|--------------|
| install.sh | Once per project | Installs hooks and scaffolding |
| pre-create-check.sh | Before creating new .py files | Lists existing modules/functions to prevent reimplementation |
| post-create-validate.sh | After creating/editing .py files | Detects duplicates, missing imports, bypass patterns |
| check-secrets.sh | Before commits / on demand | Scans for hardcoded tokens, keys, passwords |
| create-deployment-check.sh | When setting up deployment verification | Creates .deployment-check.sh, checklist, and git hook template |
| install-skill-feedback-loop.sh | When setting up skill update automation | Creates detection, auto-commit, and git hook for skill updates |
| Asset | Purpose |
|-------|---------|
| pre-commit-hook | Ready-to-install git hook blocking bypass patterns and secrets |
| registry-template.py | Template init.py for project module registries |
| File | Contents |
|------|----------|
| enforcement-research.md | Research on why code > prompts for enforcement |
| agents-md-template.md | Template AGENTS.md with mechanical enforcement rules |
| deployment-verification-guide.md | Full guide on preventing deployment gaps |
| skill-update-feedback.md | Meta-enforcement: automatic skill update feedback loop |
| SKILL_CN.md | Chinese translation of this document |
bash scripts/install.sh /path/to/projectbash scripts/pre-create-check.sh /path/to/projectReview the output. If existing functions cover your needs, import them.
bash scripts/post-create-validate.sh /path/to/new_file.pyFix any warnings before proceeding.
bash scripts/create-deployment-check.sh /path/to/projectThis creates:
.deployment-check.sh - Automated verification scriptDEPLOYMENT-CHECKLIST.md - Full deployment workflow.git-hooks/pre-commit-deployment - Git hook templateThen customize:
.deployment-check.sh for your integration pointsDEPLOYMENT-CHECKLIST.mdSee references/deployment-verification-guide.md for full guide.
Copy the template from references/agents-md-template.md and adapt to your project.
See references/SKILL_CN.md for the full Chinese translation of this skill.
Symptom: Agent creates "quick version" instead of importing validated code.
Enforcement: pre-create-check.sh + post-create-validate.sh + git hook
Symptom: Tokens/keys in code instead of env vars.
Enforcement: check-secrets.sh + git hook
Symptom: Built feature but forgot to wire it into production. Users don't receive benefit.
Example: Updated notify.py but cron still calls old version.
Enforcement: .deployment-check.sh + git hook
This is the hardest to catch because:
Solution: Mechanical end-to-end verification before allowing "done."
Symptom: Built enforcement improvement in project but forgot to update the skill itself.
Example: Created deployment verification for Project A, but other projects don't benefit because skill wasn't updated.
Enforcement: install-skill-feedback-loop.sh โ automatic detection + semi-automatic commit
This is a meta-failure mode because:
Solution: Automatic detection of enforcement improvements with task creation and semi-automatic commits.
Don't add more markdown rules. Add mechanical enforcement.
If an agent keeps bypassing a standard, don't write a stronger rule โ write a hook that blocks it.
>
Corollary: If an agent keeps forgetting integration, don't remind it โ make it mechanically verify before commit.
Generated Mar 1, 2026
Development teams use AI agents like Claude Code to automate code updates and bug fixes. This skill prevents agents from introducing security vulnerabilities, such as hardcoded API keys, or duplicating existing functions, ensuring code quality and compliance with organizational standards.
Companies with CI/CD pipelines leverage AI agents to streamline deployments. The skill enforces mechanical checks to verify that new features are properly integrated into production, preventing deployment gaps where updates fail to reach end-users, thus reducing downtime and user complaints.
Financial institutions employ AI coding assistants to build and maintain trading algorithms or banking applications. This skill detects secret leaks and enforces import registries to prevent regulatory breaches and ensure that only approved, audited code is deployed, enhancing security and compliance.
Healthcare organizations use AI agents to automate data processing scripts for patient records or research. The skill's secret detection and git hooks prevent accidental exposure of sensitive health data, while deployment verification ensures updates are correctly implemented to maintain data integrity and privacy.
E-commerce businesses rely on AI agents to customize and scale their platforms. This skill stops agents from bypassing rules that could lead to server crashes or token leaks, ensuring stable operations during high-traffic events like sales, thereby protecting revenue and customer trust.
Offer the skill for free under an MIT license to build a community and adoption. Generate revenue by providing paid consulting, customization services, and enterprise support for integration with complex workflows, targeting large organizations with stringent compliance needs.
Develop a cloud-based platform that integrates this skill with popular AI coding tools like Cursor or Claude Code. Charge subscription fees for advanced features such as real-time monitoring, analytics dashboards, and automated compliance reporting, appealing to teams seeking scalable enforcement solutions.
License the skill as part of enterprise packages for corporations using AI agents at scale. Bundle it with training workshops, certification programs, and ongoing updates to ensure best practices in AI safety and code enforcement, driving revenue through high-value contracts.
๐ฌ Integration Tip
Start by running the install.sh script in your project to set up basic git hooks, then gradually add deployment checks and secret detection as needed for your workflow.
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
Search and analyze your own session logs (older/parent conversations) using jq.
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linking related objects, enforcing constraints, planning multi-step actions as graph transformations, or when skills need to share state. Trigger on "remember", "what do I know about", "link X to Y", "show dependencies", entity CRUD, or cross-skill data access.
Ultimate AI agent memory system for Cursor, Claude, ChatGPT & Copilot. WAL protocol + vector search + git-notes + cloud backup. Never lose context again. Vibe-coding ready.
Headless browser automation CLI optimized for AI agents with accessibility tree snapshots and ref-based element selection