Decision Infrastructure for AI Agents
The governance runtime for AI agents.
DashClaw intercepts agent actions at the moment intent becomes a real-world call. In coding agents (Claude Code, Codex, Hermes) it can hard-block via lifecycle hooks; in chat-based clients it governs through approvals and a verifiable record. Intercept, enforce, record, approve, and verify every high-risk decision in one open source runtime.
Works with Claude Code, Codex, Hermes Agent, Claude Managed Agents, OpenAI, LangChain, CrewAI, AutoGen, Gemini CLI, and any custom agent.
For teams running AI agents where the cost of a bad action is real.
Live demo, real demo endpoints
Try a real governance decision
Pick an action, hit Evaluate, and watch DashClaw enforce policy in real time. Every call hits the same governance runtime that ships to your instance.
await claw.guard({
agent_id: 'openai-deployer-1',
action_type: 'deploy',
risk_score: 85,
declared_goal: 'Deploy auth-service v2.1 to production with new session token rotation.',
});Pick an action and click Evaluate. The result will appear here, including the matched policy, the risk score, and what a human approver would see.
Guard decisions are live against the demo deployment. Approval clicks resolve locally so visitors can explore the flow without an account; your own instance routes them to /api/actions/:id/approve.
Works with
The interception layer for AI agents
DashClaw governs the moment where agent intent becomes real-world action.
This interception is where trust is created.
await deleteFiles({
path: "/prod/data"
});
// No check. No record.
// No way back.const { decision } = await dc.guard({
action: "delete_files",
resource: "/prod/data"
});
if (decision === "allow") {
await deleteFiles({ path: "/prod/data" });
}Agents retain autonomy.
Organizations retain control.
DashClaw sits between agents and the systems they control
DashClaw intercepts actions before they reach real-world systems.
AI agents introduce a new runtime problem
- Deterministic code paths
- Predictable outputs
- Traceable call stacks
- Debuggers work
- Actions generated from goals
- Non-deterministic outputs
- No call stack to trace
- Debuggers are not enough
Developers need governance over agent decisions.
Not just logs. Not just traces. A runtime that governs the decision itself.
The Decision Runtime
DashClaw is built around five primitives that form a decision runtime for autonomous systems.
Intent
Agents declare what they want to do.
Guard
Evaluate policies before agents act.
Approval
Pause risky decisions for human review.
Action
The governed decision is executed.
Evidence
A signed replay is recorded for audit.
Governance logic belongs in the runtime, not hardcoded in your agents.
Works with your agent stack
DashClaw is the governance layer for existing agent frameworks.
// Add to claude_desktop_config.json
// or .mcp.json for Claude Code
{
"mcpServers": {
"dashclaw": {
"command": "npx",
"args": ["@dashclaw/mcp-server"],
"env": {
"DASHCLAW_URL": "https://your-instance.vercel.app",
"DASHCLAW_API_KEY": "oc_live_..."
}
}
}
}
// 29 governance tools + 6 resources
// No SDK. No code changes.from dashclaw import DashClaw
import os
claw = DashClaw(
base_url=os.environ["DASHCLAW_BASE_URL"],
api_key=os.environ["DASHCLAW_API_KEY"],
agent_id="my-agent"
)
# Intercept tool execution
decision = claw.guard(
action_type="deploy",
risk_score=82
)
if decision["decision"] == "allow":
run_agent_tool()# Wrap sensitive agent tasks
decision = claw.guard(
action_type="external_api_call",
provider="stripe",
risk_score=88
)
if decision["decision"] == "allow":
crew.kickoff()import { DashClaw } from 'dashclaw'
const claw = new DashClaw({
baseUrl: process.env.DASHCLAW_BASE_URL,
apiKey: process.env.DASHCLAW_API_KEY,
agentId: 'my-agent'
})
// Guard before calling the tool
const { decision } = await claw.guard({
actionType: "deploy",
riskScore: 90
})
if (decision === 'allow') {
await openai.chat.completions.create(...)
}# No clone required — the CLI downloads the hooks bundle # from your instance, wires ~/.claude/settings.json, and # defaults to observe mode. npm i -g @dashclaw/cli dashclaw install claude # prompts for endpoint + API key dashclaw install claude --trial # hosted signup, paste the key # Governs Bash, Edit, Write, MultiEdit, Agent/Task, mcp__* tools. # Flip to enforce: set DASHCLAW_HOOK_MODE=enforce in # ~/.dashclaw/claude-hooks/.env
# One command wires it all into ~/.codex/config.toml $ dashclaw install codex --project . # Managed block written to ~/.codex/config.toml: approval_policy = "on-request" [mcp_servers.dashclaw] command = "python" args = [".../dashclaw-mcp.js", "--agent-id", "codex"] [[hooks.PreToolUse]] matcher = "Bash|Edit|Write|MultiEdit" [[hooks.PreToolUse.hooks]] type = "command" command = "python ~/.codex/hooks/dashclaw/dashclaw_pretool.py" # Same hooks. Same audit ledger. agent_id = codex.
# One install script wires 8 hooks into ~/.hermes/config.yaml $ bash scripts/install-hermes-plugin.sh # Managed block written to ~/.hermes/config.yaml: hooks: pre_tool_call: [...] # guard / block / require_approval post_tool_call: [...] # outcome recording pre_llm_call: [...] # per-turn policy + approval context injection post_llm_call: [...] # live ingest to /api/code-sessions/ingest-live on_session_start: [...] # cache warm on_session_end: [...] # finalize: true -> optimizer + alerts pass transform_tool_result: [...] # redact API keys, JWTs, PEM blocks subagent_stop: [...] # delegate_task ROI tracking # Per-turn cost attribution. agent_id = hermes.
Get governance in 60 seconds
Zero-dependency Node.js and Python clients. Adding governance requires only a small wrapper around risky actions.
What developers use DashClaw for
Three patterns that come up in every production agent stack.
Stop runaway deployments
One approval before production, full audit trail after.
await claw.guard({
agent_id: 'deploy-bot',
action_type: 'deploy',
risk_score: 92,
declared_goal: 'Ship auth-service v2.1 to prod',
});Matched the production_deploy policy, paused the action, routed to the on-call engineer, recorded the approval.
Every governed action also lands in the evidence ledger, ready for compliance review without a separate audit pipeline.
When governance becomes operations
Once decisions are governed, DashClaw provides the operational visibility required to run agent fleets at scale.
Mission Control
Live operational visibility for the agent fleet. See what is running, what was decided, and what is waiting on a human.
- Live fleet posture and active interventions
- Decision replay with the full causal chain
- Real-time SSE event stream
Policy Engine
Semantic guardrails that decide allow, block, or require approval before the action reaches the real world.
- Guard primitive with policy testing
- Risk signals for autonomy spikes and failure loops
- Assumption drift detection with z-score baselines
Approval Surfaces
Approvers resolve pending actions wherever they already work, against the same governance endpoint. Claude Code lifecycle hooks add an inline prompt path for terminal workflows.
- Dashboard inbox at /approvals
- CLI with dashclaw approve and approvals
- Mobile PWA at /approve
- Discord DM with inline Approve and Deny buttons
- Telegram inline Approve and Reject buttons
Every governed decision produces audit-ready evidence.
DashClaw maps your guard decisions and approvals to these frameworks and generates audit-ready evidence; it does not assert that your deployment is certified.
Compliance Engine
Control-level gap analysis with remediation priorities.
Policy Testing
Run tests against all active guard policies.
Audit Evidence
Generate audit-ready evidence from live behavior.
Detect when agent autonomy goes wrong
Automatic detection of autonomy breaches and logic drift.
Autonomy Spike
Agent taking too many actions without human checkpoints
High Impact, Low Oversight
Critical actions without sufficient review
Repeated Failures
Same action type failing multiple times
Stale Loop
Open loops unresolved past their expected timeline
Assumption Drift
Assumptions becoming stale or contradicted by outcomes
Stale Assumption
Assumptions not validated within expected timeframe
Stale Running Action
Actions stuck in running state for over 4 hours
Integration surfaces
Pick the surface that matches your stack. All five hit the same governance loop on the same instance.
MCP server
Any MCP-compatible client (Claude Code, Claude Desktop, Managed Agents) gets governance via 29 tools and 6 resources. No SDK, no hooks. In chat clients the model invokes governance cooperatively (records + approval gates), not a hard kernel block — pair with the governance skill so the agent consults guard before acting.
npx @dashclaw/mcp-server --url ... --key ...
Node & Python
Instrument any agent runtime with the canonical governance loop: guard → createAction → waitForApproval → updateOutcome.
npm install dashclaw # pip install dashclaw
OpenClaw
Native plugin for the OpenClaw agent framework. Intercepts PreToolUse / PostToolUse, runs guard / record / wait-for-approval automatically.
npm install @dashclaw/openclaw-plugin
Claude governance skill
Anthropic skill that teaches Managed Agents the MCP usage protocol: risk tiers, decision handling, recording rules, session lifecycle.
Pairs with @dashclaw/mcp-server
Claude Code lifecycle
Two stdlib-only Python scripts for PreToolUse / PostToolUse. No pip install. Safe to ship even without DashClaw configured. Governs Bash, Edit, Write, MultiEdit, sub-agent (Agent/Task) spawns, and MCP tool calls (mcp__*) — including Gmail/Stripe/Calendar sends.
cp hooks/dashclaw_*.py .claude/hooks/
Terminal approvals
Approve or deny agent actions from any terminal. Same endpoint as the dashboard and mobile PWA, and decisions sync over Redis SSE in about 1s.
npm install -g @dashclaw/cli
Operate it
Day-2 tools for the people running governance in production.
dashclaw doctor
Diagnoses database, configuration, auth, deployment, SDK reachability, governance staleness, and shape drift. Auto-fixes safe issues.
dashclaw doctor
Mobile approvals
A PWA at /approve for approving high-risk actions from your phone. Same governance loop as the dashboard.
https://<instance>/approve
Telegram approvals
Pending actions fan out to an admin Telegram chat with inline Approve / Reject. One tap on your phone resolves the action against the same endpoint as the dashboard.
npm run telegram:setup
Analytics dashboard
Hero stats with trend comparison, cost-trend and action-volume series, breakdowns by agent, action type, and model. Token usage by tier.
GET /api/analytics?days=7
Spend (FinOps)
Fleet spend rollup — agent LLM cost plus x402 capability purchases, with a separate Your-Claude-Code lens. 7/30/90-day trend.
GET /api/finops/spend?lens=fleet
Posture score
A gaming-resistant score across six governance dimensions — what the fleet actually governs versus what it could. It rises only from policies proven to fire, never from drafts. Each gap becomes a prioritized finding you resolve as a draft, snooze, or accept.
GET /api/posture
How DashClaw compares
Observability tools record what happened. DashClaw governs what is allowed to happen.
| Dimension | Tracing tools (LangSmith, Langfuse) | DashClaw |
|---|---|---|
| When it acts | After the action | Before the action |
| Core primitive | Log or trace | Guard and policy |
| Human in the loop | Add on | First class |
| Compliance evidence | Trace export | Action level, policy and approver bound |
| Self host | Available | Available, MIT, no paid tier required |
Tracing tools answer the question, what did my agent do. DashClaw answers the question, what is my agent allowed to do. Both have a place. Most teams will eventually run both.
Run agents with permissioned autonomy.
DashClaw lets agents move fast without giving up control. Intercept risky actions. Require approval when needed. Prove every decision afterward.