Integrations gateway for agents with 2FA for destructive ops (OSS)

Description

Hey HN! I've been wanting to use something like OpenClaw for a while but couldn't get myself to give it access to anything important due to all the risks involved. Prompt injection is still a problem (even though some people seem to ignore it) and so are hallucinations and mishaps that cause agents to do things like delete production data [1]. Even harnesses like Claude Code and Codex are subject to this, particularly since we're getting progressively looser about how we run t