# Sample: OpenClaw Safe Agent Ops Kit

This is the public sample. The paid kit includes the full editable templates:

- approval policy
- tenant boundary checklist
- skill review worksheet
- launchd audit CSV
- weekly operator review
- May 2026 research memo

Checkout: https://buy.stripe.com/4gMcN59eAbTw7xTfSH3sI1q

Diagnostic: https://buy.stripe.com/9B6fZhduQ4r42dz7mb3sI1h

Use the $49 kit if you want templates you can apply yourself. Use the $99 diagnostic if your machine is already showing runaway memory, stuck Outbox messages, uncontrolled restore, or unclear agent permissions.

## Sample Boundary Language

> You are buying a managed worker for an approved workflow, not raw access to my agent gateway. I keep workspaces, credentials, logs, and approval gates separated per customer.

## Sample Stop Rule

Stop the workflow immediately if:

- Outbox starts filling
- repeated API errors occur
- the same message would be posted twice
- a browser session opens unexpected compose windows
- a tool requests broader permissions than the workflow needs

## Sample Memory Rule

Disable automatic restore for tmux, terminal tabs, agent sessions, and browser profiles unless each restored process has a named owner, project, memory budget, and stop condition.

## Sample Approval Rule

Require explicit human approval before:

- sending email or social messages
- posting public comments
- charging, refunding, or invoicing
- deleting files or changing production systems
- adding a new MCP server, skill, launch agent, or background worker