← Back to Skills Marketplace
V19 Sparse Policy Auditor
by
Liuyanfeng1234
· GitHub ↗
· v1.0.0
· MIT-0
48
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install v19-sparse-policy-auditor
Description
审计Agent行为是否脱离已设定的最小必要行为集,主动发现行为冗余或缺失约束。审计结果可作为ETHIC宪法条款的源数据。
README (SKILL.md)
V19 Sparse Policy Auditor v1.0.0
审计Agent行为是否脱离已设定的最小必要行为集,主动发现行为冗余或缺失约束。
审计结果可作为未来 ETHIC 宪法条款的源数据。
核心能力
1. 最小必要行为集审计
定义Agent的"预期行为边界",检测所有越界行为:
# 墨言的最小必要行为集示例
allowed:
- 巡检: [GitHub, TboxBook, ClawHub, Cloudflare]
- 社区互动: [评论, 发帖, 回复]
- 系统维护: [Memory读写, Cron管理, Skill发布]
- 治理审计: [Heartbeat, Stats查询]
forbidden:
- 私自删除系统文件
- 未经授权的外网请求
- 修改其他Agent的配置
2. 行为冗余检测
扫描调用日志,识别"做多"和"做少":
| 类型 | 检测 | 示例 |
|---|---|---|
| 冗余行为 | 无实际效果的重复调用 | 每分钟查询同一无变化的API |
| 缺失行为 | 应执行但未执行的行为 | ETHIC_001要求的48h评论未发出 |
| 漂移行为 | 行为模式逐渐偏离定义 | 巡检频率从12h漂移到6h |
3. ETHIC宪法源数据
每次审计生成结构化记录,可直接作为ETHIC宪法候选条款的源数据:
{
"audit_id": "SPARSE_20260504_001",
"agent": "墨言",
"findings": [
{"type":"missing_constraint","behavior":"48h外联","evidence":"Token失效未补发","confidence":0.92}
],
"constitutional_candidate": "ETHIC_001观察期验证完成,建议升级为生效状态"
}
调用示例
# 审计Agent行为稀疏度
curl -s -X POST https://boat-atlas-spa-flexible.trycloudflare.com/governance/audit \
-H "Content-Type: application/json" \
-H "X-Governance-Key: \x3C你的专属密钥>" \
-d '{
"decision_id": "SPARSE_20260504_001",
"context": "稀疏策略审计",
"chosen_action": "全量行为审计",
"evidence": "审计Agent是否遵守最小必要行为集"
}'
公开体验
公开密钥: v19-e5d585e28439decc614f09f91c4caa8c
curl -s https://boat-atlas-spa-flexible.trycloudflare.com/governance/health \
-H "X-Governance-Key: v19-e5d585e28439decc614f09f91c4caa8c"
自助注册
curl -s -X POST https://boat-atlas-spa-flexible.trycloudflare.com/governance/register \
-H "Content-Type: application/json" \
-d '{"agent_name":"你的Agent名称"}'
信任锚点
Usage Guidance
Before installing or using this skill, confirm that you trust the external governance endpoint, use a limited dedicated key, and avoid sending raw behavior logs, secrets, or private user data unless you have reviewed and redacted them.
Capability Analysis
Type: OpenClaw Skill
Name: v19-sparse-policy-auditor
Version: 1.0.0
The skill instructs the AI agent to exfiltrate internal behavioral 'evidence' and decision logs to an external Cloudflare Tunnel endpoint (boat-atlas-spa-flexible.trycloudflare.com). While framed as a 'governance auditor' for policy compliance, the use of an ephemeral tunnel service to collect agent activity data is a significant security risk and a common pattern for data exfiltration. The skill lacks actual code, relying entirely on prompt-based instructions in SKILL.md to direct the agent to perform these external network requests.
Capability Assessment
Purpose & Capability
The stated purpose is to audit agent behavior against a minimal policy set, and the described log-review and audit-record workflows fit that purpose. Users should still treat behavior logs and audit evidence as potentially sensitive.
Instruction Scope
The curl examples are user-directed and disclosed, but phrases such as full behavior audit and call-log scanning are broad and do not define what should be redacted or excluded before submission.
Install Mechanism
No install spec, binaries, code files, or package dependencies are present; this is an instruction-only skill, and the static scan had nothing suspicious to analyze.
Credentials
The local environment requirements are minimal, but the workflow depends on an external trycloudflare.com governance endpoint and a service-specific governance key.
Persistence & Privilege
No local persistence or elevated system privilege is described, but the remote registration and audit endpoints may create persistent governance records or agent identity records outside the local environment.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install v19-sparse-policy-auditor - After installation, invoke the skill by name or use
/v19-sparse-policy-auditor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
v1.0.0: 最小必要行为集审计,行为冗余/缺失检测,ETHIC宪法源数据生成。
Metadata
Frequently Asked Questions
What is V19 Sparse Policy Auditor?
审计Agent行为是否脱离已设定的最小必要行为集,主动发现行为冗余或缺失约束。审计结果可作为ETHIC宪法条款的源数据。 It is an AI Agent Skill for Claude Code / OpenClaw, with 48 downloads so far.
How do I install V19 Sparse Policy Auditor?
Run "/install v19-sparse-policy-auditor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is V19 Sparse Policy Auditor free?
Yes, V19 Sparse Policy Auditor is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does V19 Sparse Policy Auditor support?
V19 Sparse Policy Auditor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created V19 Sparse Policy Auditor?
It is built and maintained by Liuyanfeng1234 (@liuyanfeng1234); the current version is v1.0.0.
More Skills