← Back to Skills Marketplace
Write Tools (require
700
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install governance
Description
Interact with XPR Network on-chain governance: view communities, proposals, vote with weighted tokens, and create proposals paying community fees.
README (SKILL.md)
XPR Network Governance
You have tools to interact with XPR Network's on-chain governance system via the gov contract. Communities create proposals, and token holders vote on them.
Key Concepts
- Communities — governance groups (XPR Network, Metal DAO, LOAN Protocol, XPR Grants, Metal X, D.O.G.E.). Each has its own voting strategy, proposal fee, and quorum.
- Proposals — on-chain records with candidates (voting options), start/end times, and an approval status. Proposal content (title, description) is stored off-chain in the Gov API.
- Voting Strategies — determine who can vote and how vote weight is calculated:
xpr-unstaked-and-staked-balances— weight = XPR balance (staked + unstaked)xmt-balances— weight = XMT balanceloan-and-sloan-balances— weight = LOAN + sLOAN balancekyc-verification— 1 vote per KYC-verified account
- Voting Systems —
"0"= single choice,"1"= multiple choice,"2"= ranked choice,"5"= approval voting - Quorum — minimum participation threshold (basis points, e.g. 300 = 3%)
- Proposal Fee — token payment required to create a proposal (varies by community, e.g. 20,000 XPR, 100 XMT, 50,000 LOAN)
Active Communities
| ID | Name | Strategy | Fee | Quorum |
|---|---|---|---|---|
| 3 | XPR Network | XPR balances | 20,000 XPR | 3% |
| 4 | Metal DAO | XMT balances | 100 XMT | 3% |
| 5 | LOAN Protocol | LOAN+sLOAN | 50,000 LOAN | 25% |
| 6 | XPR Grants | XPR balances | 20,000 XPR | 3% |
| 7 | Metal X | XPR balances | 20,000 XPR | 3% |
| 8 | D.O.G.E. | KYC verification | 1 XDOGE | 0.01% |
Read-Only Tools (safe, no signing)
gov_list_communities— list all governance communities with strategies, fees, quorum, and adminsgov_list_proposals— list proposals with optional community and status filtersgov_get_proposal— get full proposal details including title and description from Gov API, plus vote totals per candidategov_get_votes— get individual votes cast on a proposal (scans from most recent)gov_get_config— get governance global config (paused state, total counts)
Write Tools (require confirmed: true)
gov_vote— vote on an active proposal. Specify the candidate(s) and weight.gov_post_proposal— create a new governance proposal. Requires paying the community's proposal fee (token transfer + postprop action in one transaction).
Voting
To vote, you need the communityId, proposalId, and winners (array of candidate IDs with weights). For simple Yes/No proposals, use [{id: 0, weight: 100}] for Yes or [{id: 1, weight: 100}] for No.
Creating Proposals
Creating a proposal requires:
- A
contentID — created via the Gov API (https://gov.api.xprnetwork.org) - Paying the community's proposal fee (token transfer to
gov) - Calling
postpropwith all proposal parameters
The gov_post_proposal tool handles steps 2 and 3 (fee + postprop). You must provide the content ID from step 1.
Proposal URLs
Proposals can be viewed at: https://gov.xprnetwork.org/communities/{communityId}/proposals/{proposalId}
Safety Rules
- Proposals have start and end times — voting is only allowed during the active period
- Each community has different fee tokens — check the community's
proposalFeebefore creating proposals - Quorum is in basis points (300 = 3%) — proposals need sufficient participation to pass
- Admins can approve/decline proposals — the
approvefield shows the final status
Usage Guidance
The code largely does what the description says, but it omits key operational details. Before installing or running this skill: (1) Do not put your full account private key into XPR_PRIVATE_KEY unless you fully trust the skill and author — supplying that env will allow the skill to sign transactions as your account. Prefer using a signing service, a hardware signer, or a key with minimal permissions. (2) Ask the author/maintainer to update skill.json and SKILL.md to explicitly list required env vars (XPR_PRIVATE_KEY, XPR_ACCOUNT, XPR_PERMISSION) and any runtime dependencies (e.g., @proton/js) so you can make an informed decision. (3) If you must test, use only the read-only tools first (they do not require keys) and run them in a sandboxed environment. (4) If enabling write features, consider using an ephemeral or limited-permission key and verify transactions produced before broadcasting. (5) Verify the source/publisher (source is unknown) and prefer skills with declared dependencies and clear provenance; lack of metadata and omitted credential declarations are the main reasons this skill is flagged suspicious.
Capability Analysis
Type: OpenClaw Skill
Name: governance
Version: 0.2.11
The skill provides tools for interacting with XPR Network's on-chain governance, including listing communities and proposals (read-only) and voting or creating proposals (write operations). The `SKILL.md` clearly outlines the functionality and requires explicit confirmation (`confirmed: true`) for all write actions, which is a strong safety measure against accidental or unauthorized agent actions. The `src/index.ts` code uses environment variables for blockchain private keys to sign transactions, which is necessary for its stated purpose, but does not exfiltrate these keys or perform any unauthorized operations. All network calls are to legitimate XPR Network RPCs and a governance API. No evidence of prompt injection, data exfiltration, arbitrary command execution, or other malicious intent was found.
Capability Assessment
Purpose & Capability
The skill's described purpose (read/view proposals and optionally vote/post proposals) matches the included code: read-only functions call the on-chain RPC and Gov API and write functions sign transactions. However the skill metadata declares no required environment variables or credentials while the code requires XPR_PRIVATE_KEY and XPR_ACCOUNT (and optionally XPR_PERMISSION) to sign transactions — this is an important mismatch between declared requirements and actual capability.
Instruction Scope
SKILL.md documents read-only and write tools and notes that write tools require confirmation, which is appropriate. But SKILL.md does not mention that signing requires storing a private key in env vars or that a dependency (@proton/js) is used. The runtime instructions/code do not read unrelated system files or call hidden endpoints; network calls are to public RPC endpoints and gov.api.xprnetwork.org. The main issue is omission of the signing credential from user-facing instructions/metadata.
Install Mechanism
There is no install spec (instruction-only), which minimizes install-time risk. However the code dynamically imports '@proton/js' and expects Node runtime fetch usage; no dependencies are declared in skill.json. That means the environment must already provide @proton/js (or the operator will need to install it), which is an operational omission and could lead to ad-hoc installs by whoever runs it.
Credentials
The code requires XPR_PRIVATE_KEY and XPR_ACCOUNT for write operations — perfectly proportional to signing transactions — but these required env vars are not declared in skill.json or SKILL.md. Asking for a raw private key is high risk: anyone supplying that env grants the skill full signing authority for that account. The skill does not request unrelated credentials, but the omission of declaration and guidance about safer signing alternatives is worrying.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. It caches a session in memory (cachedSession) but does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but write tools require explicit confirmation per SKILL.md.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install governance - After installation, invoke the skill by name or use
/governance - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.11
- Added detailed documentation of XPR Network's on-chain governance system, including communities, proposals, voting strategies, and quorum.
- Described active governance communities with their voting strategies, fees, and quorum thresholds.
- Listed all available read-only and write tools for interacting with the governance contract.
- Provided clear step-by-step guides for voting and creating proposals.
- Included safety rules and key parameters to ensure correct usage.
Metadata
Frequently Asked Questions
What is xpr-governance?
Interact with XPR Network on-chain governance: view communities, proposals, vote with weighted tokens, and create proposals paying community fees. It is an AI Agent Skill for Claude Code / OpenClaw, with 700 downloads so far.
How do I install xpr-governance?
Run "/install governance" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is xpr-governance free?
Yes, xpr-governance is completely free (open-source). You can download, install and use it at no cost.
Which platforms does xpr-governance support?
xpr-governance is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created xpr-governance?
It is built and maintained by paulgnz (@paulgnz); the current version is v0.2.11.
More Skills