Skip to content
Arxo Arxo

Examples and Report Walkthrough

Examples and Report Walkthrough

Section titled “Examples and Report Walkthrough”

This page shows practical openclaw_architecture setup and how to interpret results.

Example arxo.yaml

Section titled “Example arxo.yaml”
metrics:
  - id: openclaw_architecture
    enabled: true
    config:
      scoring:
        axis_weights:
          config_security: 0.40
          skill_governance: 0.35
          observability: 0.10
          supply_chain: 0.15
        metric_weights:
          gateway_auth_gap_score: 2.0
          tool_poisoning_susceptibility_score: 2.0
          skill_virus_scan_absence_score: 2.5


policy:
  invariants:
    - metric: openclaw_architecture.overall_openclaw_health
      op: ">="
      value: 0.70
      message: "OpenClaw architecture baseline not met"
    - metric: openclaw_architecture.supply_chain_score
      op: ">="
      value: 0.75
      message: "Supply chain controls must be strong"

Run:

Terminal window
arxo analyze --path . --config arxo.yaml --format json --output report.json

Example Output (Trimmed)

Section titled “Example Output (Trimmed)”
{
  "results": [
    {
      "id": "openclaw_architecture",
      "data": [
        { "key": "openclaw_architecture.config_security_score", "value": { "kind": "number", "v": 0.82 } },
        { "key": "openclaw_architecture.skill_governance_score", "value": { "kind": "number", "v": 0.74 } },
        { "key": "openclaw_architecture.observability_score", "value": { "kind": "number", "v": 0.63 } },
        { "key": "openclaw_architecture.supply_chain_score", "value": { "kind": "number", "v": 0.69 } },
        { "key": "openclaw_architecture.overall_openclaw_health", "value": { "kind": "number", "v": 0.74 } }
      ],
      "findings": [
        {
          "rule_id": "arxo/openclaw-skill-virus-scan-absence",
          "severity": "critical",
          "recommendation": "Enable virus scan for ClawHub/skill sources."
        },
        {
          "rule_id": "arxo/openclaw-audit-log-disabled",
          "severity": "high",
          "recommendation": "Enable diagnostics logging for audit trail."
        }
      ]
    }
  ],
  "violations": []
}

How to Interpret Results

Section titled “How to Interpret Results”
  1. Start with overall_openclaw_health for a top-level gate.
  2. Use axis scores to locate the weakest control domain.
  3. Prioritize Critical and High findings by rule ID and recommendation.
  4. Track trend over time in CI to confirm remediation is effective.

Example CI Gate Outcome

Section titled “Example CI Gate Outcome”
  • overall_openclaw_health = 0.74 passes a >= 0.70 gate.
  • supply_chain_score = 0.69 fails a stricter >= 0.75 gate.
  • Action: implement supply-chain hardening before promotion.
Section titled “Read Next”