SetupGuardrail

Quick setup aliases

defenseclaw setup codex, setup claude-code, setup cursor, setup copilot, setup openhands, setup antigravity, setup hermes, setup opencode, setup omnigent, setup geminicli, setup windsurf, setup openclaw, setup zeptoclaw — one command per agent, no questions asked.

Each connector has a top-level alias that wraps defenseclaw setup guardrail --connector <name> with the right defaults. Use them for fast subsequent runs and CI scripts.

Direct-to-upstream aliases (hook or policy enforcement)

These connectors talk directly to their native upstream, so DefenseClaw never sits in the LLM data path. Observe mode records telemetry; action mode returns supported agent-native hook verdicts or, for OmniGent, native ALLOW / ASK / DENY policy decisions.

defenseclaw setup claude-code
defenseclaw setup codex --with-local-stack   # also brings up Prom/Loki/Tempo/Grafana
defenseclaw setup cursor --no-restart        # apply config without bouncing the gateway

These aliases are shorthand for setup guardrail --connector <name> with connector-specific options. On a single-connector host that connector is the active posture. On a host with another hook or policy connector already active, choose Add to keep both connectors wired under guardrail.connectors and let claw.mode become multi.

What a direct-to-upstream alias does

Selects the target connector exactly as if you had passed defenseclaw setup guardrail --connector <name>.

Wires the connector's documented hook surface or OmniGent policy bridge and, where supported, native OTel exporter settings. No proxy listener binds; the agent talks directly to its native upstream.

Uses observe mode by default. With --mode action, supported lifecycle callbacks return native block/approval decisions; OmniGent maps all six policy phases to ALLOW, ASK, or DENY.

Persists config.yaml, updates the active connector roster, and writes the picked_connector hint for compatibility with flows that still need a default selection. On multi-connector hosts, use explicit --connector <name> whenever you mean to scope a later command to one connector.

Restarts the gateway (unless --no-restart).

Common flags

Prop

Type

Full guardrail aliases (proxy connectors)

OpenClaw and ZeptoClaw run the full guardrail proxy regardless of mode — there is no observability-only path because the proxy is the integration. Their aliases mirror defenseclaw setup guardrail --connector <name> with safer defaults.

defenseclaw setup openclaw --mode observe --restart
defenseclaw setup openclaw --mode action --human-approval --rule-pack default --restart

Add or reconfigure connectors

Use defenseclaw setup <connector> to add or reconfigure that connector. On hosts that already have another connector wired, the interactive flow asks whether to add the connector alongside the existing one or replace the old wiring. Use defenseclaw setup remove <connector> when you want to retire a connector.

Why aliases at all?

Operators previously walked through the full setup guardrail wizard just to configure one connector. The aliases expose the common observe/action path directly:

defenseclaw setup codex                         # observe by default
defenseclaw setup claude-code --mode action    # native lifecycle verdicts
defenseclaw setup omnigent --mode action       # native ALLOW / ASK / DENY policy
defenseclaw setup openclaw       # full guardrail for OpenClaw

Both halves are really --connector shortcuts. That matters after setup too: defenseclaw skill list --connector codex, defenseclaw mcp scan --connector cursor, and defenseclaw guardrail status --connector hermes all use the same connector scope instead of relying on a single global "current connector" mental model.