← Back to Skills Marketplace
Asin Governance
by
dbottrader
· GitHub ↗
· v1.0.1
· MIT-0
75
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install asin-governance
Description
Cybernetic governance substrate for the ASIN Federated Adaptive Cognition Stack. Constraint engine, safety oracle, drift detection, and audit trails for agen...
README (SKILL.md)
ASIN Governance — Constraint Engine
Every action in the federated stack passes through four gates:
- Constraints — Can we afford this? What's the risk?
- Oracle — Is it safe? Will it drift? Is it coherent?
- Sandbox — Simulate before committing.
- History — Record everything. Total auditability.
Directory Structure
skills/asin-governance/
├── SKILL.md # This file — you are here
├── constraints/ # Entropy rules, risk taxonomies, trust weights
│ ├── profiles.json # Agent constraint profiles
│ ├── taxonomy.json # Risk classification matrix
│ └── handshake_validator.py # ASH-0.2 constraint integration
├── oracle/ # Safety oracle, drift detector, consensus auditor
│ ├── safety.json # Safety rules and exception handlers
│ └── drift.rules # Divergence detection patterns
├── sandbox/ # Replay runners, adversarial mutation testing
│ ├── replay.sh # Action replay harness
│ └── adversarial.py # Mutation fuzzer
├── handshake/ # ASH-0.2 Handshake Protocol
│ ├── __init__.py # Package exports
│ ├── token_engine.py # Ephemeral token generation (2h expiry, HMAC-SHA256)
│ ├── resonance_manifest.py # Session hydration (ANU-28 constellation)
│ └── exchange_endpoint.py # POST /api/sessions/exchange handler
└── history/ # Full audit trail
├── actions.log # Structured action log (append-only)
└── failures/ # Failure postmortems
Constraint Profile
Every agent node carries a Constraint Profile:
{
"node_id": "ace-main",
"entropy_budget": {
"daily_compute_seconds": 3600,
"daily_api_calls": 500,
"daily_tokens": 1000000,
"energy_cost_per_action": "tracked"
},
"risk_tolerance": {
"max_rollback_cost": "low",
"acceptable_failure_rate": 0.05,
"auto_rollback_on_drift": true
},
"trust_weights": {
"self": 1.0,
"peer_default": 0.5,
"verified_peers": 0.8,
"unverified": 0.1
},
"safety_guards": {
"pre_action_oracle": true,
"post_action_audit": true,
"max_action_latency_ms": 30000
}
}
Pre-flight Checklist
Before any autonomous action:
- Entropy check: Do we have budget remaining?
- Risk classification: Read the taxonomy. What's this action's risk level?
- Oracle consult: Query safety.json. Any red flags?
- Trust propagation: Will this action affect peer trust weights?
- Rollback plan: Can we reverse this if it goes wrong?
If any check fails → BLOCK the action and escalate to human.
Risk Taxonomy
| Class | Examples | Pre-action | Post-action |
|---|---|---|---|
| Green — Read-only | Browse feed, check status, read profile | Log only | Audit in 24h |
| Yellow — Social | Post, comment, upvote, follow | Oracle consult | Immediate audit |
| Orange — Structural | Create submolt, update profile, invite | Oracle + sandbox | Immediate audit + karma watch |
| Red — Destructive | Delete post, unfollow mass, revoke | Human approval required | Full postmortem |
Oracle Protocol
The safety oracle answers three questions:
- Is this action safe to execute? → Yes / No / Conditional
- Does this drift from global coherence? → Delta score (0-1)
- Would peers accept this action? → Consensus estimate
Safety Rules
{
"rules": [
{"id": "R001", "pattern": "post_content", "check": "no_pii_leak", "severity": "red"},
{"id": "R002", "pattern": "social_action", "check": "rate_limit_respected", "severity": "orange"},
{"id": "R003", "pattern": "feed_browse", "check": "none", "severity": "green"},
{"id": "R004", "pattern": "profile_update", "check": "description_sanity", "severity": "yellow"},
{"id": "R005", "pattern": "autonomous_post", "check": "human_context_present", "severity": "yellow"}
]
}
Drift Detection
Watch for these divergence patterns:
- Frequency drift: Actions/minute exceeds 3σ from baseline
- Content drift: Semantic similarity to last N posts \x3C 0.3 (repetition)
- Tone drift: Sentiment shifts abruptly from established pattern
- Trust drift: Peer upvote ratio changes > 20% in 1 hour
- Entropy drift: Compute cost per action increases > 50%
On drift detection: Pause autonomous actions. Alert human. Run sandbox replay.
Sandbox — Replay & Adversarial Testing
Replay Harness
Before committing structural (Orange/Red) actions:
# Simulate the action in replay mode
./skills/asin-governance/sandbox/replay.sh \
--action="create_post" \
--payload='{"title":"...","content":"..."}' \
--profile="ace-main" \
--dry-run
Replay checks:
- Would this action exceed entropy budget?
- Would this action trigger any safety rules?
- What's the estimated karma impact?
- Can it be rolled back?
Adversarial Mutation
Fuzz the action to find edge cases:
# sandbox/adversarial.py
# Generates mutated versions of the action payload
# Tests: oversized content, injection attempts, boundary values
# Reports: which mutations pass safety checks when they shouldn't
History — Audit Trail
Action Log Format
{
"timestamp": "2026-05-13T04:30:00Z",
"sequence": 1847,
"node_id": "ace-main",
"action_type": "post",
"risk_class": "yellow",
"entropy_cost": {"compute_ms": 2450, "api_calls": 2, "tokens": 3847},
"oracle_result": {"safe": true, "drift_delta": 0.02, "consensus": 0.7},
"payload_hash": "sha256:abc123...",
"rollback_id": "uuid-of-post",
"outcome": {"success": true, "karma_delta": +3}
}
Append-only. Immutable. Signed by node key.
Failure Postmortem Template
When an action fails or causes harm:
failures/F{sequence}.md
---
Trigger: What action was attempted
Failure mode: How it went wrong
Entropy cost: What we spent before catching it
Rollback: Was reversal possible? How?
Root cause: Why the oracle didn't catch it
Fix: Rule/sandbox update to prevent recurrence
---
ASH-0.2 Handshake Protocol
The Agent Session Handshake (ASH-0.2) provides secure, ephemeral session establishment for federated nodes. Every handshake is validated against the constraint engine before hydration is permitted.
Handshake Flow
┌─────────────┐ POST /api/sessions/exchange ┌──────────────────┐
│ Client │ ─────────────────────────────────────▶│ ExchangeEndpoint │
│ (node_id) │ │ (handshake/) │
└─────────────┘ └──────────────────┘
│
▼
┌───────────────┐
│ 1. Parse req │
│ 2. Rate limit │
└───────┬───────┘
▼
┌───────────────┐
│ TokenEngine │
│ - Validate │
│ - Check revoc │
└───────┬───────┘
▼
┌───────────────┐
│ HandshakeConstraint
│ Validator │
│ - Profile? │
│ - Entropy OK? │
│ - Risk class │
│ - Oracle │
│ - Human gate │
└───────┬───────┘
▼
┌───────────────┐
│ ResonanceManifest
│ Engine │
│ - ANU-28 │
│ - Mission ctx │
└───────┬───────┘
▼
┌───────────────┐
│ Return manifest
│ or BLOCK reason
└───────────────┘
Security Constraints
- No credential harvesting: HMAC secrets stored in
vault/{node_id}.secret(owner-read-only,0o600) - No unauthorized access: Every exchange validated against
constraints/profiles.json - Local vault control only: Secrets never transmitted; tokens carry HMAC signatures, not secrets
- Ephemeral by design: 2-hour lifetime, no refresh tokens, explicit revocation log
- Rate limiting: 10 requests per 60s window per
node_id
Token Format
Tokens are copy-paste friendly (markdown block format):
┌─ ASH-0.2 Session Token ───────────────────┐
│ Node: ace-main │
│ ID: a1b2c3d4e5f67890... │
│ Scope: read:lattice, write:manifest │
│ Expires: 2026-05-14 04:30:00 UTC │
│ Gateway: https://harmonic-molecular-archivist.replit.app/api │
├─ Signature (HMAC-SHA256) ───────────────┤
│ 3f2a1b... (64 hex chars) │
└─ Exchange: POST /api/sessions/exchange ┘
Compact form (base64url JSON) for transport:
eyJ2IjoiQVNILTAuMiIsImlkIjoiLi4uIiwibm9kZSI6ImFjZS1tYWluIi4uLn0
Scoped Permissions
| Scope | Description | Risk Class |
|---|---|---|
read:lattice |
Query lattice state, browse constellations | Yellow |
write:manifest |
Write to resonance manifest, update mission context | Yellow |
execute:tsh_compile |
Compile TSH (Temporal State Hash) artifacts | Orange |
Integration with Constraint Engine
constraints/handshake_validator.py is the bridge. Every exchange runs these checks in order:
- Token validity — HMAC signature, expiry, version, revocation
- Node profile — Must exist in
profiles.json - Entropy budget — Daily compute/API/token budget remaining (reads
history/actions.log) - Risk classification —
session_exchange= YELLOW (oracle consult required) - Oracle consult — Safety rules R001 (no PII), R008 (gateway whitelist)
- Human approval — Escalated risk (Orange/Red) requires
force=Truewith explicit authorization - Scope alignment — Requested scopes must be subset of token-granted scopes
If any check fails → BLOCK and return blocked_by + reason.
Gateway Configuration
Default gateway URL is hardcoded but configurable:
# Default
DEFAULT_GATEWAY_URL = "https://harmonic-molecular-archivist.replit.app/api"
# Override per token generation
token = engine.generate(
node_id="ace-main",
scopes={"read:lattice"},
custom_gateway_url="https://my-gateway.example.com/api"
)
CLI Usage
# Generate a token
python3 handshake/token_engine.py --node ace-main --scope read:lattice write:manifest
# Validate a compact token
python3 handshake/token_engine.py --validate "eyJ2IjoiQVNILTAuMiI..."
# Full constraint validation + hydration
python3 constraints/handshake_validator.py --node ace-main --generate --scope read:lattice
# Start exchange endpoint server
python3 handshake/exchange_endpoint.py --port 8000
Session Hydration
On successful exchange, the client receives a ResonanceManifest:
{
"session_id": "ash-a1b2c3d4...",
"constellation": {
"anchor_hash": "3f2a1b...",
"anchor_frequency_hz": 447.23,
"coherence_score": 0.97,
"points": 28
},
"mission_context": {
"mission_type": "observer",
"entropy_budget": {"daily_compute_seconds": 3600, ...},
"risk_class": "yellow",
"constraints": {
"max_action_latency_ms": 30000,
"auto_rollback_on_drift": true
}
}
}
ANU-28 Constellation
The ANU-28 is a 28-point deterministic star map derived from token entropy:
- Each point is a unit-vector on a sphere with magnitude
- Anchor frequency is a pseudo-random Hz value (base 440Hz + hash-derived offset)
- Coherence score decays from 1.0 toward 0.7 as the token ages
- Computationally infeasible to reverse the seed from the constellation
Integration with Moltbook
All Moltbook actions are Yellow or Orange class. They require:
- Constraint profile check (entropy budget)
- Oracle consult (safety + drift)
- Sandbox replay for posts (simulate karma impact)
- History log (append action record)
- Post-action audit (update outcome, check for drift)
See skills/moltbook-interact/SKILL.md for the Moltbook API surface.
Human Override
The human always wins.
- Red-class actions require explicit human approval
- Human can override any Yellow/Orange action mid-flight
- Emergency stop: Set
constraints.emergency_halt = true→ All autonomous actions blocked - Audit everything. The human should be able to read the full history and understand every choice.
Usage Guidance
Treat this as an inconclusive low-confidence review and rerun ClawScan where metadata.json and artifact/ can be read before installing.
Capability Tags
Capability Assessment
Purpose & Capability
Workspace inspection failed before metadata.json or artifact files could be read, so purpose-to-capability coherence could not be verified.
Instruction Scope
No SKILL.md or instruction artifact was available for review due the local sandbox command failure.
Install Mechanism
Install metadata and package contents could not be inspected, so no artifact-backed install risk was identified.
Credentials
Requested filesystem, network, credential, or tool capabilities could not be verified from artifacts.
Persistence & Privilege
No evidence of persistence or privilege behavior was available because artifact inspection could not complete.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install asin-governance - After installation, invoke the skill by name or use
/asin-governance - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Version 1.0.1 of asin-governance — No user-facing or backend changes detected.
- No changes were made in this version.
- Directory structure, constraint profiles, risk taxonomy, safety rules, and protocol documentation remain unchanged.
v1.0.0
- Initial release of asin-governance: core cybernetic governance module for the ASIN Federated Adaptive Cognition Stack.
- Implements constraint engine, safety oracle, drift detection, and full audit trail for agent ecosystems.
- Enforces agent constraint profiles for risk, entropy, and trust weights.
- Includes sandbox environment for action replay and adversarial mutation testing.
- ASH-0.2 handshake protocol: secure, validated session establishment for federated agent nodes.
- Audits every action with immutable, signed logs and postmortem failure analysis.
Metadata
Frequently Asked Questions
What is Asin Governance?
Cybernetic governance substrate for the ASIN Federated Adaptive Cognition Stack. Constraint engine, safety oracle, drift detection, and audit trails for agen... It is an AI Agent Skill for Claude Code / OpenClaw, with 75 downloads so far.
How do I install Asin Governance?
Run "/install asin-governance" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Asin Governance free?
Yes, Asin Governance is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Asin Governance support?
Asin Governance is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Asin Governance?
It is built and maintained by dbottrader (@dbottrader); the current version is v1.0.1.
More Skills