autonomy demo openclaw

Demo the OpenClaw agent scenario: permitted calls, exfiltration block, WAL rollback

Synopsis

Runs the OpenClaw demo agent against a real AutonomyOps governance runtime.

The agent submits three tool calls via POST /v1/tool.  The governance
runtime evaluates the embedded OPA/Rego policy before each one executes:

  tool.echo     → ALLOW  (environment probe; permitted by demo policy)
  tool.http_get → skipped (no upstream endpoint registered in demo mode)
  tool.shell    → DENY   (exfiltration attempt; blocked before execution)

After the shell call is denied, a policy-scoped rollback fires and the
unsafe state transition is recorded in the local WAL.  Every decision is
written to the WAL before this command exits — the record survives process
restart and cannot be altered by the agent.

A "System footprint (this run)" panel is printed before exit listing the
WAL directory, the agent-script directory, and the file sizes the run
produced on disk.

By default the WAL and agent-script directories are temp dirs that are
removed on exit.  Pass --keep to preserve them, or set
AUTONOMY_DEMO_WAL_DIR=<path> to pin the WAL to a known location (the path
is created if missing and is never auto-removed).

No Docker, external registry, or control-plane connection is needed.
Requires python3 on PATH.

Usage

autonomy demo openclaw [flags]

Options

      --keep   preserve the WAL and agent-script directories on exit (default: remove them)

See also

• autonomy demo — Run self-contained demos that require no Docker or control plane