OpenClaw · Skill
DCG
An OpenClaw plugin that hard-blocks dangerous shell commands before they execute. Works on any OpenClaw installation (Windows, macOS, Linux, local, VPS, anywhere). No binary dependencies required.
Install
Start with the primary install command. Alternate entrypoints are included below for ClawHub and OpenClaw CLI users.
Primary command
clawhub install starensen/dcg-guardClawHub installer
npx clawhub@latest install starensen/dcg-guardOpenClaw CLI
openclaw skills install starensen/dcg-guardDirect OpenClaw install
openclaw install starensen/dcg-guardWhat this skill does
An OpenClaw plugin that hard-blocks dangerous shell commands before they execute. Works on any OpenClaw installation (Windows, macOS, Linux, local, VPS, anywhere). No binary dependencies required.
Why it matters
Blocks commands before they reach the shell, so dangerous operations never execute, unlike post-execution logging or manual review workflows.
Typical use cases
- Blocking accidental recursive deletions during agent file cleanup tasks
- Preventing force pushes to shared git repositories
- Stopping irreversible Windows registry deletes in automated workflows
- Catching destructive git branch deletions before they run
- Guarding against disk format commands in agent sessions
Source instructions
DCG Guard
An OpenClaw plugin that hard-blocks dangerous shell commands before they execute. Works on any OpenClaw installation (Windows, macOS, Linux, local, VPS, anywhere). No binary dependencies required.
What It Does
Intercepts every exec/bash tool call via OpenClaw's before_tool_call plugin event. Pipes the command through DCG (Dangerous Command Guard). Safe commands pass silently with zero overhead. Dangerous commands are blocked before execution.
Blocked (Unix): rm -rf ~, git push --force, git reset --hard, git clean -fd, git branch -D
Blocked (Windows): Remove-Item -Recurse -Force, rd /s /q, del /s, Format-Volume, reg delete HKLM
Allowed: ls, cat, echo, git status, npm install, dir, Get-ChildItem
Install
# After clawhub install dcg-guard:
bash install.sh
Or manually:
# 1. Install DCG binary
curl -sSL https://raw.githubusercontent.com/Dicklesworthstone/destructive_command_guard/master/install.sh | bash
# 2. Link plugin into OpenClaw
openclaw plugins install -l /path/to/dcg-guard
openclaw gateway restart
How It Works
- Agent calls
execwith a command - Plugin intercepts via
before_tool_call(runs before execution) - Command is checked against built-in rules (cross-platform, <1ms, no subprocess)
- If no built-in match and DCG binary is installed, command is piped to DCG (~27ms)
- Safe: silent passthrough, agent never knows the plugin exists
- Dangerous:
{ block: true }returned to OpenClaw, command never executes
v1.1.0: Built-in rules work without the DCG binary. DCG binary is optional (adds extra unix rules). Windows fully supported out of the box.
Security
- No shell interpolation. Commands are passed to DCG via stdin using
execFileSync(notexecSync). No injection risk. - Fail-open. If DCG binary is missing or crashes, commands pass through. The plugin never deadlocks your agent.
- Zero dependencies. Only requires the DCG binary (single Go binary, no runtime deps).
Configuration
Optional, in openclaw.json under plugins.entries.dcg-guard.config:
{
"enabled": true,
"dcgBin": "/custom/path/to/dcg"
}
Default DCG path: ~/.local/bin/dcg
Override with env var: DCG_BIN=/path/to/dcg
Agent Instructions (optional)
Add to your workspace AGENTS.md:
When a command is blocked by DCG Guard, do NOT retry it.
Ask the user for explicit permission before attempting any alternative.
The block exists because the command is destructive or irreversible.