Gws Modelarmor
Wire Google Model Armor into your agent or SaaS so prompts and model outputs are sanitized through named templates before users see them.
Overview
gws-modelarmor is an agent skill for the Ship phase that documents how to filter user-generated and model content through Google Model Armor using the `gws` CLI.
Install
npx skills add https://github.com/googleworkspace/cli --skill gws-modelarmorWhat is this skill?
- CLI surface: `gws modelarmor <resource> <method>` with schema discovery via `gws schema`
- Helper skills: +sanitize-prompt, +sanitize-response, and +create-template for common flows
- Requires `gws` binary and shared `gws-shared` auth and security rules
- Inspect methods with `gws modelarmor --help` before building `--params` / `--json` calls
- OpenClaw metadata v0.22.5 with productivity category tagging
- 3 documented helper commands: +sanitize-prompt, +sanitize-response, +create-template
- OpenClaw skill metadata version 0.22.5
Adoption & trust: 15.2k installs on skills.sh; 26.9k GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You are launching an AI feature but have no standardized way to run prompts and responses through Google’s safety templates from your coding agent.
Who is it for?
Solo builders on Google Workspace / Cloud who already use `gws` and need Model Armor wired into agent-driven deploy or test scripts.
Skip if: Teams without the `gws` CLI, non-Google stacks, or builders who only need generic prompt rules with no Model Armor API.
When should I use this skill?
Google Model Armor: Filter user-generated content for safety.
What do I get? / Deliverables
You can discover Model Armor methods, call sanitize and template APIs with correct params, and chain helper skills for prompt/response filtering before go-live.
- Working `gws modelarmor` API invocations with validated params
- Model Armor templates and sanitize calls for prompts/responses
Recommended Skills
Journey fit
Content safety filtering belongs on the Ship shelf because it hardens AI-facing surfaces before production traffic, alongside other release-time security controls. Model Armor is explicitly about filtering user-generated and model-generated content for safety, which maps directly to the security subphase rather than generic integrations.
How it compares
Use this Google Cloud integration skill instead of pasting raw REST docs into chat when you want schema-guided CLI calls.
Common Questions / FAQ
Who is gws-modelarmor for?
Indie developers and small teams shipping AI features on Google Cloud who want their agent to invoke Model Armor sanitization and templates via the official `gws` workflow.
When should I use gws-modelarmor?
Use it in Ship (security) while hardening chat or agent endpoints, and in Build (integrations) when prototyping safety calls—always after loading gws-shared auth rules.
Is gws-modelarmor safe to install?
It instructs network and API access through `gws`; review the Security Audits panel on this Prism page and treat credentials and template policies as secrets you control.
SKILL.md
READMESKILL.md - Gws Modelarmor
# modelarmor (v1) > **PREREQUISITE:** Read `../gws-shared/SKILL.md` for auth, global flags, and security rules. If missing, run `gws generate-skills` to create it. ```bash gws modelarmor <resource> <method> [flags] ``` ## Helper Commands | Command | Description | |---------|-------------| | [`+sanitize-prompt`](../gws-modelarmor-sanitize-prompt/SKILL.md) | Sanitize a user prompt through a Model Armor template | | [`+sanitize-response`](../gws-modelarmor-sanitize-response/SKILL.md) | Sanitize a model response through a Model Armor template | | [`+create-template`](../gws-modelarmor-create-template/SKILL.md) | Create a new Model Armor template | ## Discovering Commands Before calling any API method, inspect it: ```bash # Browse resources and methods gws modelarmor --help # Inspect a method's required params, types, and defaults gws schema modelarmor.<resource>.<method> ``` Use `gws schema` output to build your `--params` and `--json` flags.