Disabling guardrail
defenseclaw setup guardrail --disable rolls everything back. Connector hooks are removed (or restored from the byte-for-byte backup), the proxy stops, and the agent talks directly to its native upstream again.
defenseclaw setup guardrail --disableThis is the safe rollback. It runs the active connector's Teardown(), removes DefenseClaw-owned hook entries (or restores agent files from the hash-checked backup), stops the guardrail proxy, and clears the guardrail.enabled flag in ~/.defenseclaw/config.yaml.
--disable always restarts the gateway. Leaving the proxy running defeats the purpose of disabling.
What it touches
| Connector | Restored from backup | Surgically removed if file drifted |
|---|---|---|
| Claude Code | ~/.claude/settings.json (hooks + OTEL_* env) | DefenseClaw hook entries only |
| Codex | ~/.codex/config.toml (hooks, otel, notify) | DefenseClaw blocks only |
| Cursor | ~/.cursor/hooks.json | DefenseClaw hook entries only |
| Windsurf | ~/.codeium/windsurf/hooks.json | DefenseClaw hook entries only |
| Gemini CLI | ~/.gemini/settings.json | DefenseClaw hook entries + native OTLP block |
| GitHub Copilot CLI | <workspace>/.github/hooks/defenseclaw.json | DefenseClaw hook entries |
| Hermes | ~/.hermes/config.yaml | DefenseClaw hook entries |
| OpenClaw | ~/.openclaw/openclaw.json | Plugin allow/load entries |
| ZeptoClaw | ~/.zeptoclaw/config.json (api_base, safety) | DefenseClaw rewrites |
The audit DB and ~/.defenseclaw/ config are not removed. Use defenseclaw uninstall for the full reset.
Verify the rollback
defenseclaw doctordoctor will confirm that no DefenseClaw hook scripts remain in the agent's config and that the gateway is offline (or running without the proxy listener bound).
Switching connectors
defenseclaw setup mode <connector> — switch the active connector with smart guardrail inheritance. Audit history is preserved; only the connector wiring moves.
Setup unified LLM key
Wire up DEFENSECLAW_LLM_KEY — the single environment variable that powers the LLM judge, the MCP / skill / plugin scanners, and any custom LLM call DefenseClaw makes through Bifrost.