How it works: you write a YAML policy that says what's allowed, denied, or flagged. Rampart evaluates every tool call against that policy before it runs. Here's what a policy looks like:
- rm -rf / → denied
- sudo anything → logged for review
- curl, wget → logged for review
- git push, go build, normal dev commands → allowed
- cat ~/.ssh/id_rsa → denied
Setup for Claude Code takes one command: "rampart setup claude-code". It installs hooks that intercept every Bash command, file read, and file write before execution. Blocked commands never run — Claude sees an error and moves on.
Setup for OpenClaw agents is also one command: "rampart setup openclaw". Works on Linux and macOS.
Also works as a shell wrapper for any agent ("rampart wrap"), an MCP protocol proxy ("rampart mcp"), or an HTTP API that agent platforms can consult before executing anything ("rampart serve").
Go, ~14K lines, Apache 2.0, zero runtime deps. Policy eval takes under 20 microseconds.
I'd love feedback on what policies you'd want out of the box and what integrations matter most.