← 返回 Skills 市场
Asin Governance
作者
dbottrader
· GitHub ↗
· v1.0.1
· MIT-0
75
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install asin-governance
功能描述
Cybernetic governance substrate for the ASIN Federated Adaptive Cognition Stack. Constraint engine, safety oracle, drift detection, and audit trails for agen...
使用说明 (SKILL.md)
ASIN Governance — Constraint Engine
Every action in the federated stack passes through four gates:
- Constraints — Can we afford this? What's the risk?
- Oracle — Is it safe? Will it drift? Is it coherent?
- Sandbox — Simulate before committing.
- History — Record everything. Total auditability.
Directory Structure
skills/asin-governance/
├── SKILL.md # This file — you are here
├── constraints/ # Entropy rules, risk taxonomies, trust weights
│ ├── profiles.json # Agent constraint profiles
│ ├── taxonomy.json # Risk classification matrix
│ └── handshake_validator.py # ASH-0.2 constraint integration
├── oracle/ # Safety oracle, drift detector, consensus auditor
│ ├── safety.json # Safety rules and exception handlers
│ └── drift.rules # Divergence detection patterns
├── sandbox/ # Replay runners, adversarial mutation testing
│ ├── replay.sh # Action replay harness
│ └── adversarial.py # Mutation fuzzer
├── handshake/ # ASH-0.2 Handshake Protocol
│ ├── __init__.py # Package exports
│ ├── token_engine.py # Ephemeral token generation (2h expiry, HMAC-SHA256)
│ ├── resonance_manifest.py # Session hydration (ANU-28 constellation)
│ └── exchange_endpoint.py # POST /api/sessions/exchange handler
└── history/ # Full audit trail
├── actions.log # Structured action log (append-only)
└── failures/ # Failure postmortems
Constraint Profile
Every agent node carries a Constraint Profile:
{
"node_id": "ace-main",
"entropy_budget": {
"daily_compute_seconds": 3600,
"daily_api_calls": 500,
"daily_tokens": 1000000,
"energy_cost_per_action": "tracked"
},
"risk_tolerance": {
"max_rollback_cost": "low",
"acceptable_failure_rate": 0.05,
"auto_rollback_on_drift": true
},
"trust_weights": {
"self": 1.0,
"peer_default": 0.5,
"verified_peers": 0.8,
"unverified": 0.1
},
"safety_guards": {
"pre_action_oracle": true,
"post_action_audit": true,
"max_action_latency_ms": 30000
}
}
Pre-flight Checklist
Before any autonomous action:
- Entropy check: Do we have budget remaining?
- Risk classification: Read the taxonomy. What's this action's risk level?
- Oracle consult: Query safety.json. Any red flags?
- Trust propagation: Will this action affect peer trust weights?
- Rollback plan: Can we reverse this if it goes wrong?
If any check fails → BLOCK the action and escalate to human.
Risk Taxonomy
| Class | Examples | Pre-action | Post-action |
|---|---|---|---|
| Green — Read-only | Browse feed, check status, read profile | Log only | Audit in 24h |
| Yellow — Social | Post, comment, upvote, follow | Oracle consult | Immediate audit |
| Orange — Structural | Create submolt, update profile, invite | Oracle + sandbox | Immediate audit + karma watch |
| Red — Destructive | Delete post, unfollow mass, revoke | Human approval required | Full postmortem |
Oracle Protocol
The safety oracle answers three questions:
- Is this action safe to execute? → Yes / No / Conditional
- Does this drift from global coherence? → Delta score (0-1)
- Would peers accept this action? → Consensus estimate
Safety Rules
{
"rules": [
{"id": "R001", "pattern": "post_content", "check": "no_pii_leak", "severity": "red"},
{"id": "R002", "pattern": "social_action", "check": "rate_limit_respected", "severity": "orange"},
{"id": "R003", "pattern": "feed_browse", "check": "none", "severity": "green"},
{"id": "R004", "pattern": "profile_update", "check": "description_sanity", "severity": "yellow"},
{"id": "R005", "pattern": "autonomous_post", "check": "human_context_present", "severity": "yellow"}
]
}
Drift Detection
Watch for these divergence patterns:
- Frequency drift: Actions/minute exceeds 3σ from baseline
- Content drift: Semantic similarity to last N posts \x3C 0.3 (repetition)
- Tone drift: Sentiment shifts abruptly from established pattern
- Trust drift: Peer upvote ratio changes > 20% in 1 hour
- Entropy drift: Compute cost per action increases > 50%
On drift detection: Pause autonomous actions. Alert human. Run sandbox replay.
Sandbox — Replay & Adversarial Testing
Replay Harness
Before committing structural (Orange/Red) actions:
# Simulate the action in replay mode
./skills/asin-governance/sandbox/replay.sh \
--action="create_post" \
--payload='{"title":"...","content":"..."}' \
--profile="ace-main" \
--dry-run
Replay checks:
- Would this action exceed entropy budget?
- Would this action trigger any safety rules?
- What's the estimated karma impact?
- Can it be rolled back?
Adversarial Mutation
Fuzz the action to find edge cases:
# sandbox/adversarial.py
# Generates mutated versions of the action payload
# Tests: oversized content, injection attempts, boundary values
# Reports: which mutations pass safety checks when they shouldn't
History — Audit Trail
Action Log Format
{
"timestamp": "2026-05-13T04:30:00Z",
"sequence": 1847,
"node_id": "ace-main",
"action_type": "post",
"risk_class": "yellow",
"entropy_cost": {"compute_ms": 2450, "api_calls": 2, "tokens": 3847},
"oracle_result": {"safe": true, "drift_delta": 0.02, "consensus": 0.7},
"payload_hash": "sha256:abc123...",
"rollback_id": "uuid-of-post",
"outcome": {"success": true, "karma_delta": +3}
}
Append-only. Immutable. Signed by node key.
Failure Postmortem Template
When an action fails or causes harm:
failures/F{sequence}.md
---
Trigger: What action was attempted
Failure mode: How it went wrong
Entropy cost: What we spent before catching it
Rollback: Was reversal possible? How?
Root cause: Why the oracle didn't catch it
Fix: Rule/sandbox update to prevent recurrence
---
ASH-0.2 Handshake Protocol
The Agent Session Handshake (ASH-0.2) provides secure, ephemeral session establishment for federated nodes. Every handshake is validated against the constraint engine before hydration is permitted.
Handshake Flow
┌─────────────┐ POST /api/sessions/exchange ┌──────────────────┐
│ Client │ ─────────────────────────────────────▶│ ExchangeEndpoint │
│ (node_id) │ │ (handshake/) │
└─────────────┘ └──────────────────┘
│
▼
┌───────────────┐
│ 1. Parse req │
│ 2. Rate limit │
└───────┬───────┘
▼
┌───────────────┐
│ TokenEngine │
│ - Validate │
│ - Check revoc │
└───────┬───────┘
▼
┌───────────────┐
│ HandshakeConstraint
│ Validator │
│ - Profile? │
│ - Entropy OK? │
│ - Risk class │
│ - Oracle │
│ - Human gate │
└───────┬───────┘
▼
┌───────────────┐
│ ResonanceManifest
│ Engine │
│ - ANU-28 │
│ - Mission ctx │
└───────┬───────┘
▼
┌───────────────┐
│ Return manifest
│ or BLOCK reason
└───────────────┘
Security Constraints
- No credential harvesting: HMAC secrets stored in
vault/{node_id}.secret(owner-read-only,0o600) - No unauthorized access: Every exchange validated against
constraints/profiles.json - Local vault control only: Secrets never transmitted; tokens carry HMAC signatures, not secrets
- Ephemeral by design: 2-hour lifetime, no refresh tokens, explicit revocation log
- Rate limiting: 10 requests per 60s window per
node_id
Token Format
Tokens are copy-paste friendly (markdown block format):
┌─ ASH-0.2 Session Token ───────────────────┐
│ Node: ace-main │
│ ID: a1b2c3d4e5f67890... │
│ Scope: read:lattice, write:manifest │
│ Expires: 2026-05-14 04:30:00 UTC │
│ Gateway: https://harmonic-molecular-archivist.replit.app/api │
├─ Signature (HMAC-SHA256) ───────────────┤
│ 3f2a1b... (64 hex chars) │
└─ Exchange: POST /api/sessions/exchange ┘
Compact form (base64url JSON) for transport:
eyJ2IjoiQVNILTAuMiIsImlkIjoiLi4uIiwibm9kZSI6ImFjZS1tYWluIi4uLn0
Scoped Permissions
| Scope | Description | Risk Class |
|---|---|---|
read:lattice |
Query lattice state, browse constellations | Yellow |
write:manifest |
Write to resonance manifest, update mission context | Yellow |
execute:tsh_compile |
Compile TSH (Temporal State Hash) artifacts | Orange |
Integration with Constraint Engine
constraints/handshake_validator.py is the bridge. Every exchange runs these checks in order:
- Token validity — HMAC signature, expiry, version, revocation
- Node profile — Must exist in
profiles.json - Entropy budget — Daily compute/API/token budget remaining (reads
history/actions.log) - Risk classification —
session_exchange= YELLOW (oracle consult required) - Oracle consult — Safety rules R001 (no PII), R008 (gateway whitelist)
- Human approval — Escalated risk (Orange/Red) requires
force=Truewith explicit authorization - Scope alignment — Requested scopes must be subset of token-granted scopes
If any check fails → BLOCK and return blocked_by + reason.
Gateway Configuration
Default gateway URL is hardcoded but configurable:
# Default
DEFAULT_GATEWAY_URL = "https://harmonic-molecular-archivist.replit.app/api"
# Override per token generation
token = engine.generate(
node_id="ace-main",
scopes={"read:lattice"},
custom_gateway_url="https://my-gateway.example.com/api"
)
CLI Usage
# Generate a token
python3 handshake/token_engine.py --node ace-main --scope read:lattice write:manifest
# Validate a compact token
python3 handshake/token_engine.py --validate "eyJ2IjoiQVNILTAuMiI..."
# Full constraint validation + hydration
python3 constraints/handshake_validator.py --node ace-main --generate --scope read:lattice
# Start exchange endpoint server
python3 handshake/exchange_endpoint.py --port 8000
Session Hydration
On successful exchange, the client receives a ResonanceManifest:
{
"session_id": "ash-a1b2c3d4...",
"constellation": {
"anchor_hash": "3f2a1b...",
"anchor_frequency_hz": 447.23,
"coherence_score": 0.97,
"points": 28
},
"mission_context": {
"mission_type": "observer",
"entropy_budget": {"daily_compute_seconds": 3600, ...},
"risk_class": "yellow",
"constraints": {
"max_action_latency_ms": 30000,
"auto_rollback_on_drift": true
}
}
}
ANU-28 Constellation
The ANU-28 is a 28-point deterministic star map derived from token entropy:
- Each point is a unit-vector on a sphere with magnitude
- Anchor frequency is a pseudo-random Hz value (base 440Hz + hash-derived offset)
- Coherence score decays from 1.0 toward 0.7 as the token ages
- Computationally infeasible to reverse the seed from the constellation
Integration with Moltbook
All Moltbook actions are Yellow or Orange class. They require:
- Constraint profile check (entropy budget)
- Oracle consult (safety + drift)
- Sandbox replay for posts (simulate karma impact)
- History log (append action record)
- Post-action audit (update outcome, check for drift)
See skills/moltbook-interact/SKILL.md for the Moltbook API surface.
Human Override
The human always wins.
- Red-class actions require explicit human approval
- Human can override any Yellow/Orange action mid-flight
- Emergency stop: Set
constraints.emergency_halt = true→ All autonomous actions blocked - Audit everything. The human should be able to read the full history and understand every choice.
安全使用建议
Treat this as an inconclusive low-confidence review and rerun ClawScan where metadata.json and artifact/ can be read before installing.
能力标签
能力评估
Purpose & Capability
Workspace inspection failed before metadata.json or artifact files could be read, so purpose-to-capability coherence could not be verified.
Instruction Scope
No SKILL.md or instruction artifact was available for review due the local sandbox command failure.
Install Mechanism
Install metadata and package contents could not be inspected, so no artifact-backed install risk was identified.
Credentials
Requested filesystem, network, credential, or tool capabilities could not be verified from artifacts.
Persistence & Privilege
No evidence of persistence or privilege behavior was available because artifact inspection could not complete.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install asin-governance - 安装完成后,直接呼叫该 Skill 的名称或使用
/asin-governance触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Version 1.0.1 of asin-governance — No user-facing or backend changes detected.
- No changes were made in this version.
- Directory structure, constraint profiles, risk taxonomy, safety rules, and protocol documentation remain unchanged.
v1.0.0
- Initial release of asin-governance: core cybernetic governance module for the ASIN Federated Adaptive Cognition Stack.
- Implements constraint engine, safety oracle, drift detection, and full audit trail for agent ecosystems.
- Enforces agent constraint profiles for risk, entropy, and trust weights.
- Includes sandbox environment for action replay and adversarial mutation testing.
- ASH-0.2 handshake protocol: secure, validated session establishment for federated agent nodes.
- Audits every action with immutable, signed logs and postmortem failure analysis.
元数据
常见问题
Asin Governance 是什么?
Cybernetic governance substrate for the ASIN Federated Adaptive Cognition Stack. Constraint engine, safety oracle, drift detection, and audit trails for agen... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 75 次。
如何安装 Asin Governance?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install asin-governance」即可一键安装,无需额外配置。
Asin Governance 是免费的吗?
是的,Asin Governance 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Asin Governance 支持哪些平台?
Asin Governance 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Asin Governance?
由 dbottrader(@dbottrader)开发并维护,当前版本 v1.0.1。
推荐 Skills