feat(presets): add SidClaw agent governance preset#1044
feat(presets): add SidClaw agent governance preset#1044VladUZH wants to merge 1 commit intoNVIDIA:mainfrom
Conversation
Adds a network policy preset for SidClaw (https://sidclaw.com), an agent governance platform that adds policy evaluation, human-in-the-loop approval, and hash-chain audit trails to tools running inside NemoClaw sandboxes. The preset allows the sandbox to reach the SidClaw API for: - Policy evaluation (POST /api/v1/evaluate) - Approval status polling (GET /api/v1/approvals/**) - Outcome recording (POST /api/v1/traces/*/outcome) - Agent identity resolution (GET /api/v1/agents/**) Usage: Add `sidclaw` to your blueprint's preset list, then use the SidClaw SDK (`@sidclaw/sdk/nemoclaw` or `sidclaw.middleware.nemoclaw`) to wrap tool execution with governance. Docs: https://docs.sidclaw.com/docs/integrations/nemoclaw
📝 WalkthroughWalkthroughA new governance policy preset configuration file for Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@nemoclaw-blueprint/policies/presets/sidclaw.yaml`:
- Around line 4-6: The new preset entry "sidclaw" was added (preset.name =
sidclaw), so update the preset-list test assertions in policies.test.js: add
"sidclaw" to the expected names array/list and increment the expected total
count (or update the snapshot) so the test that verifies preset names/count
passes; ensure any ordering-sensitive assertion matches the actual order used by
the preset loader.
- Around line 24-26: The binaries allowlist in the preset currently whitelists
full interpreters via the "binaries" section (entries for /usr/local/bin/node
and /usr/bin/python3), which is too broad; update the preset to remove these
generic interpreter paths and instead whitelist only the minimal, explicit
executables or wrapper scripts the preset actually needs (e.g., specific CLI
binaries, application launchers, or hashed file entries) so that merging presets
won’t unintentionally grant broad execution surface—locate the "binaries" list
in sidclaw.yaml and replace the interpreter entries with targeted binaries or
remove them entirely if not required.
- Around line 20-21: The policy currently grants write access to approval
decisions via the two entries allow: { method: POST, path:
"/api/v1/approvals/*/approve" } and allow: { method: POST, path:
"/api/v1/approvals/*/deny" } in sidclaw.yaml which is broader than intended;
remove these two POST allow rules (or replace them with a tightly scoped rule
limited to an admin/service role or additional attribute checks) so only the
intended polling GET routes remain (e.g., keep GET /api/v1/approvals/**) and
ensure any approval/deny mutation is only permitted for an explicitly authorized
role.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: d6b1f957-a789-42ff-8133-242c032c56ac
📒 Files selected for processing (1)
nemoclaw-blueprint/policies/presets/sidclaw.yaml
| preset: | ||
| name: sidclaw | ||
| description: "SidClaw agent governance — policy evaluation, human approval, audit trails" |
There was a problem hiding this comment.
Preset catalog tests need updating for new sidclaw entry.
Adding this preset will make preset-list assertions stale (count and expected names). Please update test/policies.test.js accordingly to keep CI green.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@nemoclaw-blueprint/policies/presets/sidclaw.yaml` around lines 4 - 6, The new
preset entry "sidclaw" was added (preset.name = sidclaw), so update the
preset-list test assertions in policies.test.js: add "sidclaw" to the expected
names array/list and increment the expected total count (or update the snapshot)
so the test that verifies preset names/count passes; ensure any
ordering-sensitive assertion matches the actual order used by the preset loader.
| - allow: { method: POST, path: "/api/v1/approvals/*/approve" } | ||
| - allow: { method: POST, path: "/api/v1/approvals/*/deny" } |
There was a problem hiding this comment.
Over-permissive approval mutation routes may bypass governance intent.
Line 20 and Line 21 allow POST /approve and POST /deny, but the PR objective only calls out polling approvals (GET /api/v1/approvals/**). Unless explicitly required, this grants decision-writing capability from the sandbox and weakens human-in-the-loop controls.
Proposed tightening
rules:
- allow: { method: POST, path: "/api/v1/evaluate" }
- allow: { method: GET, path: "/api/v1/approvals/**" }
- - allow: { method: POST, path: "/api/v1/approvals/*/approve" }
- - allow: { method: POST, path: "/api/v1/approvals/*/deny" }
- allow: { method: POST, path: "/api/v1/traces/*/outcome" }
- allow: { method: GET, path: "/api/v1/agents/**" }📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| - allow: { method: POST, path: "/api/v1/approvals/*/approve" } | |
| - allow: { method: POST, path: "/api/v1/approvals/*/deny" } |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@nemoclaw-blueprint/policies/presets/sidclaw.yaml` around lines 20 - 21, The
policy currently grants write access to approval decisions via the two entries
allow: { method: POST, path: "/api/v1/approvals/*/approve" } and allow: {
method: POST, path: "/api/v1/approvals/*/deny" } in sidclaw.yaml which is
broader than intended; remove these two POST allow rules (or replace them with a
tightly scoped rule limited to an admin/service role or additional attribute
checks) so only the intended polling GET routes remain (e.g., keep GET
/api/v1/approvals/**) and ensure any approval/deny mutation is only permitted
for an explicitly authorized role.
| binaries: | ||
| - { path: /usr/local/bin/node } | ||
| - { path: /usr/bin/python3 } |
There was a problem hiding this comment.
Binaries allowlist is too broad for a governance preset.
Allowing full Node/Python interpreters (/usr/local/bin/node, /usr/bin/python3) increases execution surface. Given preset merge behavior, this can unintentionally broaden which processes may reach allowed network policies once combined with other presets.
Suggested direction
- binaries:
- - { path: /usr/local/bin/node }
- - { path: /usr/bin/python3 }
+ binaries:
+ # Prefer narrowly scoped wrapper/launcher binaries used only by the SidClaw integration.
+ # Example placeholders:
+ - { path: /usr/local/bin/sidclaw-governed-node }
+ - { path: /usr/local/bin/sidclaw-governed-python }📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| binaries: | |
| - { path: /usr/local/bin/node } | |
| - { path: /usr/bin/python3 } | |
| binaries: | |
| # Prefer narrowly scoped wrapper/launcher binaries used only by the SidClaw integration. | |
| # Example placeholders: | |
| - { path: /usr/local/bin/sidclaw-governed-node } | |
| - { path: /usr/local/bin/sidclaw-governed-python } |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@nemoclaw-blueprint/policies/presets/sidclaw.yaml` around lines 24 - 26, The
binaries allowlist in the preset currently whitelists full interpreters via the
"binaries" section (entries for /usr/local/bin/node and /usr/bin/python3), which
is too broad; update the preset to remove these generic interpreter paths and
instead whitelist only the minimal, explicit executables or wrapper scripts the
preset actually needs (e.g., specific CLI binaries, application launchers, or
hashed file entries) so that merging presets won’t unintentionally grant broad
execution surface—locate the "binaries" list in sidclaw.yaml and replace the
interpreter entries with targeted binaries or remove them entirely if not
required.
1 participant
Summary
Adds a network policy preset for SidClaw, an agent governance platform that adds policy evaluation, human-in-the-loop approval, and hash-chain audit trails to tools running inside NemoClaw sandboxes.
NemoClaw secures the sandbox (network, filesystem, process). SidClaw governs what happens inside it (policy, approval, audit).
What this preset enables
The
sidclawpreset allows the sandbox to reach the SidClaw API (api.sidclaw.com:443) for:POST /api/v1/evaluate— every tool call checked against governance policiesGET /api/v1/approvals/**— wait for human approval on high-risk actionsPOST /api/v1/traces/*/outcome— tamper-proof audit trailGET /api/v1/agents/**— resolve agent permissionsUsage
Add
sidclawto your blueprint's preset list, then use the SidClaw SDK:Links
Summary by CodeRabbit