4 Governance Domains

Ensures that sensitive data never leaves the boundaries you define. PII is automatically detected and redacted, data residency rules are enforced, and every data type is classified for compliance tracking.

PII Redaction

Detects and redacts email addresses, phone numbers, credit cards, SSNs, IBANs, IP addresses, and person names (via spaCy NER + regex). The Rust engine processes each scan in 0.71µs.

Data Residency Enforcement

Restricts data to allowed geographic or logical zones — EU, local, or custom-defined regions. Prevents governed data from being routed to disallowed destinations.

Data Classification

Categorizes data types automatically so downstream compliance checks (Domain 4) can match each payload against the correct regulatory requirements.

Patterns detected

NER (Named Entity Recognition) uses spaCy en_core_web_sm. Regex-based patterns work for all languages. Multilingual NER is on the roadmap.

An opt-in domain that provides a fully governed AI stack — LLM serving, RAG pipelines, and a Web UI — all enabled via admina.yaml configuration.

LLM Engine

Abstracts Ollama and vLLM backends with automatic GPU detection (NVIDIA and AMD). Supports hot model switching without downtime — swap models while live traffic continues to be served.

RAG Pipeline

ChromaDB vector store with recursive character and semantic chunking. Ingests multiple formats: PDF, DOCX, HTML, CSV, XML.

Web UI

Open WebUI container with built-in OIDC and LDAP authentication. Provides a chat interface for end-users while all traffic flows through the Admina governance proxy.

Protects the full agent lifecycle — from prompt injection attacks to runaway loops — with microsecond-latency checks that apply to every agent-to-agent call transiting the proxy.

Anti-Injection Firewall

15+ compiled regex patterns plus heuristic scoring, all executed in a single RegexSet pass at 2.33µs latency.

Covers: instruction override, role hijacking, prompt extraction, delimiter injection, jailbreak, data exfiltration, obfuscation.

Detects: DAN mode, developer mode, multilingual evasion, roleplay escape, tool abuse.

Loop Breaker

TF-IDF + cosine similarity on a sliding window of recent requests (configurable threshold 0.85). Latency: 2.62µs. Automatically circuit-breaks sessions before runaway costs or deadlocks occur.

Proxy governance

The full security pipeline applies to all agent-to-agent calls transiting the proxy — not just user-facing requests. Every hop is inspected.

Risk levels and actions

Provides regulatory compliance tooling — EU AI Act risk classification, a tamper-proof forensic black box, and native OpenTelemetry integration — so you can prove what happened and when.

EU AI Act Classification

Risk categories aligned with the EU AI Act: unacceptable, high, limited, minimal. Implements Articles 6–15 with automated risk classification and gap analysis.

Forensic Black Box

SHA-256 hash chain persisted to MinIO (S3-compatible) with WORM semantics. Each record links to the previous hash, making any modification immediately detectable.

Record structure

{
  "seq": 1024,
  "timestamp": "2026-03-06T14:23:01.442Z",
  "session_id": "sess_abc123",
  "agent_id": "openclaw-agent",
  "method": "tools/call",
  "action": "ALLOW",
  "risk_level": "LOW",
  "pillar": "firewall",
  "hash": "sha256:a3f8...",
  "prev_hash": "sha256:9c12..."
}

Chain verification

curl http://localhost:8080/api/forensic/verify \
  -H "X-API-Key: $ADMINA_API_KEY"
# {"valid": true, "records": 1024, "last_hash": "sha256:a3f8..."}

OpenTelemetry Integration

Native OTEL spans for all governance decisions. Exports to OTLP gRPC on port 4317. Every domain action is recorded as a span attribute — no code changes required in your agent.