SidClaw – AI 에이전트를 위한 승인 계층(오픈 소스)

The approval and accountability layer for agentic AI Identity. Policy. Approval. Trace. Website · Documentation · Live Demo · SDK on npm · SDK on PyPI Your AI agents are acting without oversight. SidClaw adds the missing governance layer — policy evaluation, human approval with rich context, and tamper-proof audit trails — without changing your agent code. What makes SidClaw different: Everyone else does Identity + Policy + Audit. SidClaw adds the Approval primitive — where a human sees exactly what an agent wants to do, why it was flagged, the agent's reasoning, and the risk level — then approves or denies with one click. That's what FINRA 2026 mandates, what the EU AI Act requires, and what no one else has shipped. Try it right now — no signup needed: | Financial Services Demo | DevOps Demo | Healthcare Demo | |---|---|---| | AI sends customer email → approval required | AI scales production → approval required | AI orders labs → physician approves | SidClaw integrates with 18+ frameworks and platforms — including OpenClaw (329K+ users), LangChain, OpenAI, MCP, Claude Agent SDK, Google ADK, NemoClaw, Copilot Studio, GitHub Copilot, and more. Add governance in one line of code. See all integrations → An AI agent wants to send a customer email. Policy flags it for review. The reviewer sees full context — who, what, why — and approves with one click. Every step is traced. An AI agent wants to scale production services. High-risk deployments require human approval. Read-only monitoring is allowed instantly. An AI assistant recommends lab orders. The physician reviews the clinical context and approves. Medication prescribing is blocked by policy — only physicians can prescribe. Agent wants to act → SidClaw evaluates → Policy decides → Human approves (if needed) → Action executes → Trace recorded Four primitives govern every agent action: ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐ │ Identity │ → │ Policy │ → │ Approval │ → │ Trace │ │ │ │ │ │ │ │ │ │ Every │ │ Every │ │ High-risk│ │ Every │ │ agent │ │ action │ │ actions │ │ decision │ │ has an │ │ evaluated│ │ get human│ │ creates │ │ owner & │ │ against │ │ review │ │ tamper- │ │ scoped │ │ explicit │ │ with rich│ │ proof │ │ perms │ │ rules │ │ context │ │ audit │ └──────────┘ └──────────┘ └──────────┘ └──────────┘ - allow → action executes immediately, trace recorded - approval_required → human sees context card, approves/denies, trace recorded - deny → blocked before execution, no data accessed, trace recorded npx create-sidclaw-app my-agent cd my-agent npm start The CLI: - Signs you up (opens the dashboard if needed) - Creates a governed agent with 3 demo policies - Scaffolds a project with the SDK pre-configured Run npm start to see all three governance outcomes: search_docs -- allowed (matches allow policy)send_email -- requires approval (go to the dashboard to approve)export_data -- denied (blocked by policy) Add to Existing Project (TypeScript) — use this if you already have an agent and want to add governance See the quickstart guide for step-by-step instructions covering SDK installation, agent registration, policy creation, and wrapping your tools with governance. npm install @sidclaw/sdk import { AgentIdentityClient, withGovernance } from '@sidclaw/sdk'; const client = new AgentIdentityClient({ apiKey: process.env.SIDCLAW_API_KEY, apiUrl: 'https://api.sidclaw.com', agentId: process.env.SIDCLAW_AGENT_ID, }); const sendEmail = withGovernance(client, { operation: 'send_email', target_integration: 'email_service', resource_scope: 'customer_emails', data_classification: 'confidential', }, async (to, subject, body) => { await emailService.send({ to, subject, body }); }); await sendEmail('[email protected]', 'Follow-up', 'Hello...'); // Policy says "allow"? → executes immediately // Policy says "approval_required"? → waits for human approval // Policy says "deny"? → throws ActionDeniedError, no email sent Add to Existing Project (Python) — use this if you already have a Python agent See the quickstart guide for full setup instructions. pip install sidclaw import os from sidclaw import SidClaw from sidclaw.middleware.generic import with_governance, GovernanceConfig client = SidClaw( api_key=os.environ["SIDCLAW_API_KEY"], agent_id=os.environ["SIDCLAW_AGENT_ID"], ) @with_governance(client, GovernanceConfig( operation="send_email", target_integration="email_service", data_classification="confidential", )) def send_email(to, subject, body): email_service.send(to=to, subject=subject, body=body) SidClaw wraps your existing agent tools — no changes to your agent logic. | TypeScript | Python | | |---|---|---| | Core client | @sidclaw/sdk | sidclaw | | MCP proxy | @sidclaw/sdk/mcp | sidclaw.mcp | | LangChain | @sidclaw/sdk/langchain | sidclaw.middleware.langchain | | OpenAI Agents | @sidclaw/sdk/openai-agents | sidclaw.middleware.openai_agents | | CrewAI | @sidclaw/sdk/crewai | sidclaw.middleware.crewai | | Vercel AI | @sidclaw/sdk/vercel-ai | — | | Py