Skip to content
Agentic Control Plane

Govern OpenClaw with Agentic Control Plane

See, control, and price every tool call OpenClaw makes — the shell commands, the file edits, the model calls — from one dashboard. One command, no code changes, first governed call in about 30 seconds.

TL;DR

curl -sf https://agenticcontrolplane.com/install.sh | bash

Three things you get the moment it's running — click any to see it full-size:

ACP tool-surface control table: every tool the agent can call, Allow/Deny per tool
ControlEvery tool OpenClaw can call, one row each — Allow / Deny per tool. Deny-by-default on rm -rf, force-push, and the rest. Enforced at the call, outside the model.
ACP cost-per-run distribution for one agent across many runs, log scale
PriceRoute model calls through the proxy and every one is metered — each run split loop-vs-leaf and plotted across runs, so you see which step is the bill and which runs blow the budget.
ACP session trace: per-call timeline of one agent run with cost and decision
AuditEvery tool + model call in a run, in order — what ran, what it returned, the policy decision, and what it cost. Exportable.

See your first governed call →Free for individuals · full install below

The installer detects OpenClaw (command -v openclaw) and installs the ACP governance plugin, then opens your browser to provision a workspace. Restart OpenClaw and every tool call is governed. Prefer to do it by hand? It’s one plugin:

openclaw plugins install @gatewaystack/acp-governance

How it works

OpenClaw ships a first-class plugin system. ACP’s governance plugin (@gatewaystack/acp-governance) registers into it and routes every tool call through the Agentic Control Plane before and after execution:

  • Before the call — the plugin sends the tool name and input to ACP’s policy engine (/govern/tool-use). The server evaluates the full pipeline — immutable rules, delegation chain, scopes, ABAC, rate limits, plan limits, content scanning — and returns allow / deny / ask. A deny blocks the call before it runs; the agent sees the reason and adapts.
  • After the call — the plugin forwards the result for audit and content scanning (PII, secrets, prompt-injection findings). The call, its decision, its identity, and its cost land in your ACP activity log.

Same backend, same dashboard, same three-axis policy model as every other client — the plugin is just how it wires into OpenClaw’s runtime instead of Claude Code’s shell hooks or Codex’s config.

What gets installed and where

Path Purpose
OpenClaw plugin directory @gatewaystack/acp-governance — the governance plugin
~/.acp/credentials Bearer token from browser OAuth (chmod 600)

No system-level writes. The plugin authenticates with the ACP key in ~/.acp/credentials, so credential rotation is a one-step overwrite — no plugin reinstall. Uninstall is openclaw plugins remove @gatewaystack/acp-governance.

Add the cost X-ray

The plugin governs and audits tool calls. To also meter model spend — per-call token cost, prompt-cache hit rate, and the loop-vs-leaf cost X-ray — route OpenClaw’s model calls through the ACP proxy: point its model endpoint at https://api.agenticcontrolplane.com/v1 (OpenAI-compatible) and authenticate with your ACP key (gsk_...). Same responses, now metered — and the proxy governs the tool-use blocks the model emits as a second layer.

Full walkthrough: Turn on Cost X-Ray.

Setting up policy

The same three-axis model applies (Tool / Agent / User policies). Start in audit mode for a few days to learn what your OpenClaw agents actually do, then switch to enforce mode once the patterns are clear. Most-restrictive-wins on conflict.

  • Claude Code — shell-hook governance, same backend contract
  • OpenAI Codex CLI — hooks + MCP connector
  • Cursor — Composer-hook governance, no Enterprise plan needed
  • Hermes Agent — native Python plugin, same idea for a different runtime