DashClaw is a GitHub project designed to serve as a governance layer for AI agents. Its core functionality revolves around intercepting actions initiated by AI agents, allowing for policy enforcement, human approval, and comprehensive auditing. The system is built to sit between agents and external systems, evaluating each potentially risky action before execution.
Key features include the ability to block, warn, or hold actions for approval based on defined policies. It supports identity verification for agents using JWKS-verified OIDC bearer tokens, offering cryptographic attribution and replay protection. Declarative policies can be implemented to manage risk thresholds, deployment gates, capability access, and semantic checks. For actions requiring human oversight, DashClaw routes approval requests to a dashboard, CLI inbox, mobile PWA, Telegram, or Discord.
Every agent action processed by DashClaw generates a replayable decision record, detailing the agent's goal, reasoning, risk score, matched policies, assumptions, and evidence. The system also ensures that terminal outcomes are durable and prevents double execution from retried agents. Furthermore, it offers a capability registry to wrap HTTP APIs with per-agent access rules, rate limits, and audit trails. DashClaw integrates with various agent runtimes and frameworks, such as Claude Code, Codex, Hermes Agent, OpenClaw, LangChain, CrewAI, AutoGen, LangGraph, and OpenAI Agents SDK.