-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathinstall.sh
More file actions
148 lines (128 loc) · 4 KB
/
install.sh
File metadata and controls
148 lines (128 loc) · 4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
#!/usr/bin/env bash
set -euo pipefail
# OpenClaw Guardian Safety Agent — Install Script
# Usage: ./install.sh /path/to/openclaw
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
PATCH_DIR="$SCRIPT_DIR"
if [ $# -lt 1 ]; then
echo "Usage: $0 <openclaw-root-dir>"
echo " Example: $0 /home/user/openclaw"
exit 1
fi
OPENCLAW_ROOT="$(cd "$1" && pwd)"
if [ ! -f "$OPENCLAW_ROOT/package.json" ]; then
echo "Error: $OPENCLAW_ROOT does not look like an OpenClaw repo (package.json not found)"
exit 1
fi
if [ ! -d "$OPENCLAW_ROOT/src/security" ]; then
echo "Error: $OPENCLAW_ROOT/src/security not found. Is this a valid OpenClaw source tree?"
exit 1
fi
echo "=== OpenClaw Guardian Safety Agent — Install ==="
echo "Target: $OPENCLAW_ROOT"
echo ""
# --- Step 1: Copy new files ---
echo "[1/3] Copying new guardian files..."
NEW_FILES=(
"src/security/guardian-types.ts"
"src/security/guardian-agent.ts"
"src/security/guardian-audit.ts"
"src/security/guardian-risk.ts"
"src/security/guardian-agent.test.ts"
"src/security/guardian-audit.test.ts"
"src/security/guardian-config.test.ts"
"src/security/guardian-hook.test.ts"
"src/security/guardian-risk.test.ts"
"src/security/guardian-scenario.test.ts"
)
for f in "${NEW_FILES[@]}"; do
if [ -f "$OPENCLAW_ROOT/$f" ]; then
echo " Warning: $f already exists, backing up to $f.bak"
cp "$OPENCLAW_ROOT/$f" "$OPENCLAW_ROOT/$f.bak"
fi
cp "$PATCH_DIR/files/$f" "$OPENCLAW_ROOT/$f"
echo " + $f"
done
# --- Step 2: Apply patches to modified files ---
echo ""
echo "[2/3] Applying patches to existing files..."
PATCH_FILE="$PATCH_DIR/patches/modified-files.patch"
if [ ! -f "$PATCH_FILE" ]; then
echo " Error: Patch file not found: $PATCH_FILE"
exit 1
fi
cd "$OPENCLAW_ROOT"
# Try git apply first, fall back to patch command.
if command -v git &>/dev/null && git rev-parse --git-dir &>/dev/null; then
if git apply --check "$PATCH_FILE" 2>/dev/null; then
git apply "$PATCH_FILE"
echo " Applied via git apply"
else
echo " git apply --check failed. Trying with --3way..."
if git apply --3way "$PATCH_FILE" 2>/dev/null; then
echo " Applied via git apply --3way"
else
echo " Error: Patch cannot be applied cleanly."
echo " Your OpenClaw version may be incompatible, or the patch is already applied."
echo " Try applying manually: cd $OPENCLAW_ROOT && git apply --reject $PATCH_FILE"
exit 1
fi
fi
else
if command -v patch &>/dev/null; then
patch -p1 < "$PATCH_FILE"
echo " Applied via patch -p1"
else
echo " Error: Neither git nor patch command available."
exit 1
fi
fi
# --- Step 3: Verify ---
echo ""
echo "[3/3] Verifying installation..."
VERIFY_FILES=(
"src/security/guardian-types.ts"
"src/security/guardian-agent.ts"
"src/security/guardian-audit.ts"
"src/security/guardian-risk.ts"
)
ALL_OK=true
for f in "${VERIFY_FILES[@]}"; do
if [ -f "$OPENCLAW_ROOT/$f" ]; then
echo " OK: $f"
else
echo " MISSING: $f"
ALL_OK=false
fi
done
if grep -q "requiresGuardianReview" "$OPENCLAW_ROOT/src/agents/pi-tools.before-tool-call.ts" 2>/dev/null; then
echo " OK: Guardian hook integration detected"
else
echo " WARNING: Guardian hook integration not detected in pi-tools.before-tool-call.ts"
ALL_OK=false
fi
if grep -q "SafetyConfig" "$OPENCLAW_ROOT/src/config/types.openclaw.ts" 2>/dev/null; then
echo " OK: SafetyConfig type detected"
else
echo " WARNING: SafetyConfig not detected in types.openclaw.ts"
ALL_OK=false
fi
echo ""
if [ "$ALL_OK" = true ]; then
echo "=== Installation complete! ==="
echo ""
echo "To enable the guardian, add to your openclaw.json:"
echo ' {'
echo ' "safety": {'
echo ' "guardian": {'
echo ' "enabled": true,'
echo ' "model": "openrouter/qwen/qwen3-32b"'
echo ' }'
echo ' }'
echo ' }'
echo ""
echo "To run guardian tests:"
echo " cd $OPENCLAW_ROOT && npx vitest run src/security/guardian-"
else
echo "=== Installation completed with warnings. Please check the output above. ==="
fi