← Back to Skills Marketplace
consensus-send-email-guard
by
Kai Cianflone
· GitHub ↗
· v1.1.15
529
Downloads
0
Stars
0
Active Installs
18
Versions
Install in OpenClaw
/install consensus-send-email-guard
Description
Persona-weighted pre-send email governance for AI systems. Produces APPROVE/BLOCK/REWRITE decisions, writes decision artifacts to the board ledger, and retur...
README (SKILL.md)
consensus-send-email-guard
consensus-send-email-guard is a production-style outbound communication guardrail.
What this skill does
- evaluates an email draft with a persona panel
- aggregates votes by reputation (weighted approval policy)
- enforces hard-block categories (sensitive data, legal/medical certainty, disallowed guarantees)
- returns final decision:
APPROVE | BLOCK | REWRITE - writes
decisionartifacts to board state
Why this matters
Email is high-impact and irreversible once sent. This skill reduces hallucinated promises and policy-violating claims before external side effects occur.
Ecosystem role
Stack position:
consensus-tools -> consensus-interact pattern -> persona_set -> send-email-guard
It converts raw generation into governed action with auditability.
Governance and learning
- strict JSON contracts for automation pipelines
- idempotent retries to prevent duplicate reputation mutation
- reputation updates calibrate evaluator influence over time
Use cases
- customer-facing outbound messaging
- partner/legal-sensitive communications
- automated campaign quality gates
Runtime, credentials, and network behavior
- runtime binaries:
node,tsx - network calls: none in guard decision logic
- environment config read by this package:
CONSENSUS_STATE_FILE,CONSENSUS_STATE_ROOT - filesystem writes: board/state artifacts under the configured consensus state path
Dependency trust model
consensus-guard-coreis the first-party consensus package used in guard execution- versions are semver-pinned in
package.jsonfor reproducible installs - this skill does not request host-wide privileges and does not mutate other skills
Install
npm i consensus-send-email-guard
Quick start
node --import tsx run.js --input ./examples/email-input.json
Tool-call integration
This skill is wired to the consensus-interact contract boundary (via shared consensus-guard-core wrappers where applicable):
- readBoardPolicy
- getLatestPersonaSet / getPersonaSet
- writeArtifact / writeDecision
- idempotent decision lookup
This keeps board orchestration standardized across skills.
Invoke Contract
This skill exposes a canonical entrypoint:
invoke(input, opts?) -> Promise\x3COutputJson | ErrorJson>
invoke() starts the guard flow and executes deterministic policy evaluation with board operations via shared guard-core wrappers.
external_agent mode
Guards support two modes:
mode="external_agent": caller suppliesexternal_votes[]from agents/humans/models for deterministic aggregation.mode="persona": requires an existingpersona_set_id; guard will not generate persona sets internally.
Usage Guidance
This skill appears to do what it claims: local, deterministic pre-send email governance that writes auditable artifacts to a configured state path. Before installing, (1) ensure CONSENSUS_STATE_FILE / CONSENSUS_STATE_ROOT point to a dedicated, non-sensitive directory (do not reuse system or secrets directories), (2) review the published npm package and the consensus-guard-core / @consensus-tools/consensus-tools dependencies for any unexpected behavior, (3) run the included tests in an isolated environment, and (4) consider installing in a sandbox or CI environment first. Note that npm install will fetch dependencies from the registry—treat that as usual supply-chain risk and pin/verify package integrity for production use.
Capability Analysis
Type: OpenClaw Skill
Name: consensus-send-email-guard
Version: 1.1.15
The skill `consensus-send-email-guard` is designed for pre-send email governance, evaluating drafts against policies and constraints. It explicitly states and demonstrates that it makes no outbound network calls for its decision logic, relying instead on local, deterministic string matching and replacement for its 'LLM' functions (`src/llm.mjs`). The `run.js` script includes robust path sanitization to prevent path traversal attacks when reading input files. Input is strictly validated (`src/validate.mjs`), and output/state artifacts are written to a configured local path, with documentation advising against sensitive directories. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent in the documentation files (`SKILL.md`, `AI-SELF-IMPROVEMENT.md`).
Capability Assessment
Purpose & Capability
Name/description match required binaries (node, tsx), the code implements persona-weighted voting, hard-block logic, rewrite generation, and board writes. Requested env vars (CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT) are explained as the local state path and are appropriate for a ledgered decision guard.
Instruction Scope
SKILL.md and run.js/included source limit behavior to evaluating an input JSON, generating votes, aggregating decisions, and writing artifacts to the configured consensus state path. There are no instructions to read unrelated system files, ask for unrelated credentials, or call external network endpoints in the guard decision path.
Install Mechanism
Install is via npm (package: consensus-send-email-guard), which is the expected distribution for a Node package. npm installs are a moderate-risk operation (third-party code fetched at install time); this is proportionate for a Node skill but you should review the published package and its dependencies (consensus-guard-core, @consensus-tools/consensus-tools) before installing in production.
Credentials
Only two environment variables are required (state file/root) and their purpose (local state storage) is documented. No API keys, tokens, or unrelated credentials are requested. The code uses the state path to read/write board artifacts—this access is necessary for auditability but you should ensure the path does not point at sensitive system or secrets directories.
Persistence & Privilege
Skill does not request permanent inclusion (always: false) and does not modify other skills. Its persistence is limited to writing decision/persona artifacts under the configured consensus state path, which is consistent with its auditability goals.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install consensus-send-email-guard - After installation, invoke the skill by name or use
/consensus-send-email-guard - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.15
Aligned SKILL metadata/install docs for registry-only path and removed misleading install bins.
v1.1.14
Bumped consensus-guard-core dependency to ^1.1.15 and rolled forward release.
v1.1.13
Added explicit requires/env/install SKILL frontmatter for registry scanner parity.
v1.1.12
Declared required state env vars in package config and README for scanner clarity.
v1.1.11
Updated to consensus-guard-core ^1.1.13 with package-root import contract and compatibility fixes.
v1.1.10
Bumped consensus-guard-core dependency to ^1.1.11 and rolled forward release.
v1.1.9
Bumped consensus-guard-core dependency to ^1.1.10 and released patch version.
v1.1.8
Bumped semver deps (consensus-guard-core 1.1.5 / consensus-tools 0.1.8) and version.
v1.1.7
Decoupled guard/provider path; deterministic contract updates.
v1.1.6
Bump consensus-guard-core dependency to ^1.1.4 for corrected invoke contract and shared core alignment.
v1.1.5
Scanner hardening: remove required OPENAI_API_KEY metadata; clarify optional/conditional LLM credentials
v1.1.4
confirm release sync
v1.1.3
Security hardening: explicit runtime/credential model and semver-pinned npm dependencies
v1.1.2
Packaging hardening: standalone install metadata, dependency cleanup, and safer runtime requirements
v1.1.1
Security hardening: statePath confined to safe root with traversal protection
v1.1.0
Release 1.1.0: invoke contract + external-agent support + ecosystem alignment
v1.0.1
Use consensus-guard-core and release 1.0.1
v1.0.0
1.0.0 initial public release
Metadata
Frequently Asked Questions
What is consensus-send-email-guard?
Persona-weighted pre-send email governance for AI systems. Produces APPROVE/BLOCK/REWRITE decisions, writes decision artifacts to the board ledger, and retur... It is an AI Agent Skill for Claude Code / OpenClaw, with 529 downloads so far.
How do I install consensus-send-email-guard?
Run "/install consensus-send-email-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is consensus-send-email-guard free?
Yes, consensus-send-email-guard is completely free (open-source). You can download, install and use it at no cost.
Which platforms does consensus-send-email-guard support?
consensus-send-email-guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created consensus-send-email-guard?
It is built and maintained by Kai Cianflone (@kaicianflone); the current version is v1.1.15.
More Skills