Clasper Core Docs

Clasper Core

Stop AI tools from running without approval.

Clasper sits between AI agents (and OpenClaw) and tool execution. Before any tool runs, Clasper evaluates policy and produces a decision: allow, deny, or require approval.

OSS: local approvals and self-attested evidence
Cloud: external proof and tokenized approval authority
Unknown/new tools: controlled via explicit fallback policy (default: require_approval)

Clasper Core produces evidence you can stand behind:

trust status on traces
verifiable export bundles (offline verification)
policy as data + decision explainability
async human approvals for high-risk execution

Execution is optional and pluggable via execution adapters. Adapters are never trusted: they request permission, execute only within granted scope, and report telemetry back for audit and observability.

Core Pillars

Pillar	Description
Governance (mandatory)	Default-deny decisions: RBAC, risk, cost/budgets, overrides with audit
Observability (mandatory)	Traces, audit events, decision replay/diff, labels/annotations, retention
Execution (optional)	Built-in runtime adapter or external adapters (OpenClaw, Playwright, etc.)
Change control	Workspace versioning, environments, promotion checks, rollback with audit

What Clasper Core Is

A governance core that evaluates execution requests and enforces constraints
An ingest surface for telemetry (trace/audit/cost/metrics) from adapters
An adapter registry (versioned, disable-able) with capability and risk metadata
An Ops Console for audit-heavy operations: traces (with execution graph), governance health, agent inventory, incidents, policy simulation, and export
A Control Plane Contract for connecting to your backend’s tasks/messages/documents APIs
A reference built-in runtime adapter for dev and simple deployments

What Clasper Core Is Not

A “just run agents” runtime without governance
An implicit autonomy engine (no hidden execution)
A replacement for your backend (your backend remains the source of truth)

High-Level Architecture

┌────────────────────────────┐
│        Clasper Core        │
│   (Governance Plane)       │
│                            │
│  RBAC • Risk • Cost        │
│  Traces • Audit • Ops UI   │
│  Workspaces • Promotions   │
└────────────┬───────────────┘
             │ governed execution
             │ (approval + scope)
┌────────────▼───────────────┐
│     Execution Adapters     │
│   (optional, pluggable)     │
│  Built-in Runtime (opt)     │
│  OpenClaw Adapter           │
│  Playwright Adapter (future)│
└─────────────────────────────┘

Two Contracts (Keep Them Separate)

Control Plane Contract: Clasper Core ↔ your backend (tasks/messages/documents, etc.)
Adapter Contract: Clasper Core ↔ execution adapters (decision + telemetry ingest)

Known limits (OSS)

Decision replay: Replay APIs return trace context for debugging; full re-execution of traces is planned. Policy simulation re-evaluates decisions against new policies.
Token consumption: Decision tokens (/api/decisions/:id/consume) are Cloud-only; OSS uses local Ops Console resolution.
Exports: OSS export bundles are self-attested. Externally verifiable attestations require Clasper Cloud.

Quick Links

OpenClaw Governance Quickstart — Start here — Govern OpenClaw tool execution
Getting Started — Run governance + built-in runtime
OSS vs Cloud — Trust boundaries (self-attested vs external proof)
Runtime Adapter — Using the built-in runtime (Governance + Managed Execution)
Architecture — Core, adapters, and data flows
Trust & Enforcement — Signed telemetry + tool authorization
Configuration — Environment variables + rollout toggles
Integration — Backend contract + adapter contract
Governance — Default-deny, overrides, auditability
Policy Cookbook — Example policies for common patterns
Operations — Traces, policy simulation/diff, promotions/rollback (decision replay: context only; full re-execution planned)
Control Plane Contract — Backend requirements