Show HN: LawClaw – Constitutional governance for AI agents (MIT)

Most AI agents today run with unchecked access to tools like shell execution, database writes, and arbitrary HTTP calls. There's no systematic way to constrain what they can do before execution happens. You're essentially giving a new employee root access and no employment contract.

  LawClaw applies a separation-of-powers model to agent governance — borrowing from constitutional design to create layered,
  enforceable rules.

  Three layers:

  Constitution: Immutable core rules embedded in the system prompt. The agent cannot override these regardless of user instruction.

  Legislature: Detailed behavioral laws written as plain markdown files. Human-readable, git-diffable, no custom DSL. Change the law
   by editing a file and committing.

  Pre-Judiciary: Automated enforcement that runs before tool execution, not after. It inspects the LLM's intended action and blocks
  it if it violates law. Think traffic cameras, not courtrooms. This is where "rm -rf /", "DROP TABLE", and "curl | bash" get
  intercepted.

  Because the governed "society" has exactly one citizen (the agent), there's no need for an Executive branch — enforcement is fully
   automated.

  What ships with it:

  - Telegram bot interface
  - Multi-provider LLM support (OpenRouter, Z.AI, Claude Max proxy)
  - Cron job scheduling
  - Full audit trail of every action attempted and whether it was allowed or blocked
  - Runtime tool ban/approve without restart

  The governance layer itself is just markdown. If you want to prohibit file deletions in production paths, you write a markdown
  file that says so. The Pre-Judiciary reads it, parses the constraint, and enforces it before any tool fires.

  This started as a practical response to a real problem: we needed to deploy agents with meaningful autonomy but couldn't accept
  unconstrained tool use. The constitutional framing turned out to be a useful mental model for reasoning about agent permissions
  and audit.

  GitHub: https://github.com/nghiahsgs/LawClaw

  MIT licensed. Early stage. Interested in feedback from anyone running agents in production, particularly on the Pre-Judiciary
  enforcement model and whether the constitutional framing maps well to other agent architectures. Security researchers welcome —
  the threat model for agents bypassing their own governance is worth scrutinizing.


Comments URL: https://news.ycombinator.com/item?id=47109076

Points: 1

# Comments: 1