OpenClaw + Faramesh Integration

Faramesh provides a first-class plugin for OpenClaw that intercepts every tool call and routes it through the Faramesh policy engine for Allow, Ask (human approval), or Deny decisions, before the tool executes.

What Faramesh adds to OpenClaw

Architecture

1. The Faramesh plugin registers a before_tool_call hook at priority 1000 (runs first).

2. Every tool call (bash, file read/write, browser, network, etc.) is sent to the Faramesh server.

3. The server evaluates the action against the active policy (simple category-based or advanced YAML/JSON).

4. The result is returned: allow (tool runs), require_approval (tool blocked until human approves), or deny (tool blocked permanently).

5. If approval is required, notifications are sent via Slack and/or email. The user can approve/deny from the dashboard, Slack, or CLI.

Fail-closed by default

If the Faramesh server is unreachable, the plugin blocks all tool calls by default (fail-closed). This can be changed to fail-open in the plugin configuration.

Quick start

# 1. Install Faramesh
pip install faramesh

# 2. Start the server
faramesh serve

# 3. Enable the plugin in OpenClaw
# Add to your OpenClaw configuration or install via:
openclaw plugin install @faramesh/openclaw

# 4. Open the dashboard

# 1. Install Faramesh
pip install faramesh

# 2. Start the server
faramesh serve

# 3. Enable the plugin in OpenClaw
# Add to your OpenClaw configuration or install via:
openclaw plugin install @faramesh/openclaw

# 4. Open the dashboard

# 1. Install Faramesh
pip install faramesh

# 2. Start the server
faramesh serve

# 3. Enable the plugin in OpenClaw
# Add to your OpenClaw configuration or install via:
openclaw plugin install @faramesh/openclaw

# 4. Open the dashboard

See the Install guide for full instructions.