Disabling guardrail
defenseclaw setup guardrail --disable is the global rollback. Connector hooks are removed (or restored from the byte-for-byte backup), the proxy stops, and agents talk directly to their native upstreams again.
defenseclaw setup guardrail --disableThis is the safe rollback. It runs teardown for the configured connector wiring, removes DefenseClaw-owned hook entries (or restores agent files from the hash-checked backup), stops the guardrail proxy, and clears the guardrail.enabled flag in ~/.defenseclaw/config.yaml.
--disable always restarts the gateway. Leaving the proxy running defeats the purpose of disabling.
On a multi-connector install, setup guardrail --disable is intentionally broad: it unwires the active connector roster, stops the gateway path, and clears the global guardrail enable flag. To retire only one connector while keeping the rest protected, use the scoped kill switch instead:
defenseclaw guardrail disable --connector codex
defenseclaw guardrail enable --connector codexWhat it touches
| Connector | Restored from backup | Surgically removed if file drifted |
|---|---|---|
| Claude Code | ~/.claude/settings.json (hooks + OTEL_* env) | DefenseClaw hook entries only |
| Codex | ~/.codex/config.toml (hooks, otel, notify) | DefenseClaw blocks only |
| Cursor | ~/.cursor/hooks.json | DefenseClaw hook entries only |
| Windsurf | ~/.codeium/windsurf/hooks.json | DefenseClaw hook entries only |
| Gemini CLI | ~/.gemini/settings.json | DefenseClaw hook entries + native OTLP block |
| GitHub Copilot CLI | ~/.copilot/hooks/defenseclaw.json or pinned <workspace>/.github/hooks/defenseclaw.json | DefenseClaw hook entries |
| OpenHands | ~/.openhands/hooks.json or pinned <workspace>/.openhands/hooks.json | DefenseClaw hook entries |
| Antigravity | ~/.gemini/config/hooks.json | DefenseClaw defenseclaw-antigravity-* entries |
| Hermes | ~/.hermes/config.yaml | DefenseClaw hook entries |
| OpenCode | ~/.config/opencode/plugins/defenseclaw.js | Managed bridge plugin (file removed) |
| OmniGent | $OMNIGENT_CONFIG_HOME/config.yaml when set (otherwise ~/.omnigent/config.yaml), managed policy module, Python .pth file | DefenseClaw policy entries; unchanged managed files are restored/removed |
| OpenClaw | ~/.openclaw/openclaw.json | Plugin allow/load entries |
| ZeptoClaw | ~/.zeptoclaw/config.json (api_base, safety) | DefenseClaw rewrites |
The audit DB and ~/.defenseclaw/ config are not removed. Use defenseclaw uninstall for the full reset.
Verify the rollback
defenseclaw doctordoctor will confirm that no DefenseClaw hook scripts remain in the agent's config and that the gateway is offline (or running without the proxy listener bound).
Changing connectors
Use defenseclaw setup <connector> to add or reconfigure connector wiring, and setup remove <connector> to retire a connector without deleting audit history.
Setup unified LLM key
Wire up DEFENSECLAW_LLM_KEY — the single environment variable that powers the LLM judge, the MCP / skill / plugin scanners, and any custom LLM call DefenseClaw makes through Bifrost.