Files
wehub-resource-sync 4b6817381b
Benchmark image — build + push to ECR (any adapter) / build + push (push) Waiting to run
CI / quality (ubuntu-latest) (push) Waiting to run
CI / test (tools-runtime) (push) Waiting to run
CI / test (e2e-general) (push) Waiting to run
CI / test (cli-runtime) (push) Waiting to run
CI / test (e2e-provider-and-openclaw) (push) Waiting to run
CI / test (integrations-and-misc) (push) Waiting to run
CI / coverage-report (push) Blocked by required conditions
CI / test-kubernetes (push) Waiting to run
CI / should-run-thorough (push) Waiting to run
CI / test-thorough (cloudwatch-demo) (push) Blocked by required conditions
CI / test-thorough (flink-ecs) (push) Blocked by required conditions
CI / test-thorough (upstream-lambda) (push) Blocked by required conditions
CI / test-thorough (prefect-ecs-fargate) (push) Blocked by required conditions
CodeQL / Analyze (python) (push) Waiting to run
Release / build-binaries (zip, opensre.exe, onefile, windows-latest, windows-x64) (push) Blocked by required conditions
Release / publish-release (push) Blocked by required conditions
Release / publish-main-release (push) Blocked by required conditions
Release / prepare (push) Waiting to run
Release / verify (push) Blocked by required conditions
Release / build-python-dist (push) Blocked by required conditions
Release / build-binaries (tar.gz, opensre, onedir, macos-15-intel, darwin-x64) (push) Blocked by required conditions
Release / build-binaries (tar.gz, opensre, onedir, macos-latest, darwin-arm64) (push) Blocked by required conditions
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04, linux-x64) (push) Blocked by required conditions
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04-arm, linux-arm64) (push) Blocked by required conditions
Synthetic Deterministic Tests / Synthetic offline (deterministic) (push) Waiting to run
Interactive Shell Live (PR + post-merge) / turn-checks (no-LLM) (push) Waiting to run
Interactive Shell Live (PR + post-merge) / turn-live shard ${{ matrix.shard_index }} (push) Waiting to run
CI (OpenClaw E2E) / openclaw test (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:10:45 +08:00
..

Guardrails: Sensitive Information Protection

Guardrails intercepts content before every LLM call and applies configurable rules to detect, redact, block, or audit sensitive information.

Quick start

# Generate a starter config with common patterns
opensre guardrails init

# Test it against sample text
opensre guardrails test "my key is AKIAIOSFODNN7EXAMPLE"

# View configured rules
opensre guardrails rules

How it works

  1. Rules are loaded from ~/.opensre/guardrails.yml on first LLM call
  2. Before every LLM API request, all message content is scanned against the rules
  3. Depending on the rule action:
    • redact: matched text is replaced with [REDACTED:<rule_name>]
    • block: the request is rejected with a GuardrailBlockedError
    • audit: the match is logged but text passes through unchanged
  4. All matches are written to ~/.opensre/guardrail_audit.jsonl

If no guardrails.yml exists, all content passes through unchanged with zero overhead.

Configuration

The config file lives at ~/.opensre/guardrails.yml. Each rule can use regex patterns, keyword lists, or both.

rules:
  - name: aws_access_key
    description: "AWS access key IDs"
    action: redact
    patterns:
      - "(?:AKIA|ASIA)[A-Z0-9]{16}"

  - name: credit_card
    description: "Credit card numbers"
    action: block
    patterns:
      - "\\b\\d{4}[- ]?\\d{4}[- ]?\\d{4}[- ]?\\d{4}\\b"

  - name: internal_domains
    description: "Internal hostnames that should not leak"
    action: audit
    keywords:
      - "prod-db.internal.corp"
      - "staging.internal.corp"

  - name: pii_fields
    description: "Common PII field names"
    action: redact
    keywords:
      - "social_security"
      - "date_of_birth"
    replacement: "[PII_REDACTED]"

Rule fields

Field Required Description
name yes Unique identifier for the rule
action no redact, block, or audit (default: audit)
patterns no* List of regex patterns (case-insensitive)
keywords no* List of literal keywords (case-insensitive)
description no Human-readable description
replacement no Custom replacement text (default: [REDACTED:<name>])
enabled no Set to false to disable without removing (default: true)

*At least one of patterns or keywords is required.

CLI commands

opensre guardrails init

Creates a starter ~/.opensre/guardrails.yml with common patterns for AWS keys, credit cards, private keys, and API tokens. Does not overwrite an existing config.

opensre guardrails test "text"

Dry-run: scans the provided text against all rules and shows what would be matched, redacted, or blocked.

$ opensre guardrails test "key=AKIAIOSFODNN7EXAMPLE"
  [REDACT] aws_access_key: matched 'AKIAIOSFODNN7EXAMPLE'

  Redacted output: key=[REDACTED:aws_access_key]

opensre guardrails rules

Lists all configured rules with their action and status.

opensre guardrails audit

Shows recent entries from the audit log at ~/.opensre/guardrail_audit.jsonl.

Health check

opensre health shows the current guardrails status:

CLI
  environment: development
  integration store: ~/.opensre/integrations.json
  guardrails: 5 rules active (~/.opensre/guardrails.yml)

Coverage

Guardrails protect all LLM call paths:

  • Custom Anthropic client (LLMClient.invoke)
  • OpenAI-compatible client (OpenAILLMClient.invoke)
  • Structured output calls (delegated to base client)
  • Interactive shell and investigation chat calls
  • Alert extraction prompts
  • Root cause diagnosis prompts
  • Action planning prompts

Common patterns

Here are useful patterns you can add to your config:

# Email addresses
- name: email
  action: redact
  patterns:
    - "[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}"

# IPv4 addresses
- name: ipv4
  action: audit
  patterns:
    - "\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"

# GitHub personal access tokens
- name: github_pat
  action: redact
  patterns:
    - "ghp_[a-zA-Z0-9]{36}"
    - "github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}"

# Slack webhook URLs
- name: slack_webhook
  action: redact
  patterns:
    - "https://hooks\\.slack\\.com/services/T[A-Z0-9]+/B[A-Z0-9]+/[a-zA-Z0-9]+"

# JWT tokens
- name: jwt
  action: redact
  patterns:
    - "eyJ[A-Za-z0-9_-]+\\.eyJ[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]+"