← 返回 Skills 市场

consensus-deployment-guard

Name: consensus-deployment-guard
Author: kaicianflone

作者 Kai Cianflone · GitHub ↗ · v0.1.10

cross-platform ✓ 安全检测通过

454

总下载

当前安装

版本数

在 OpenClaw 中安装

/install consensus-deployment-guard

功能描述

Pre-deployment governance for release and infrastructure rollout requests. Use when an agent or workflow proposes shipping code/config/infrastructure changes...

使用说明 (SKILL.md)

consensus-deployment-guard

consensus-deployment-guard is the final safety gate before deployment execution.

What this skill does

validates deployment requests against a strict JSON schema (reject unknown fields)
evaluates hard-block and rewrite policy flags for release risk patterns
runs deterministic persona-weighted voting (or aggregates external votes)
returns one of: ALLOW | BLOCK | REQUIRE_REWRITE
writes decision artifacts for replay/audit

Decision policy shape

Hard-block examples:

required tests not passing
CI status failed
rollback artifact missing when required
incompatible schema migration
error budget already breached

Rewrite examples:

production rollout not using canary when policy requires it
initial rollout percentage above policy limit
production deploy missing explicit human confirmation gate
CI still pending
schema compatibility unknown

Runtime and safety model

runtime binaries: node, tsx
network behavior: none in guard decision logic
environment config read by this package: CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT
filesystem writes: consensus board/state artifacts under configured state path

Invoke contract

invoke(input, opts?) -> Promise\x3COutputJson | ErrorJson>

Modes:

mode="persona" (default): use local deterministic persona defaults for internal voting
mode="external_agent": consume external_votes[], aggregate deterministically, and enforce policy

Install

npm i consensus-deployment-guard

Quick start

node --import tsx run.js --input ./examples/input.json

Tests

npm test

Coverage includes schema rejection, hard-block paths, rewrite paths, allow paths, idempotent retries, and external-agent aggregation behavior.

See also: SECURITY-ASSURANCE.md for threat model, runtime boundaries, and deployment hardening guidance.

安全使用建议

This package is coherent with its stated purpose as a local pre-deployment guard, but review these before installing: - Provide Node >=18 and tsx from your environment (do not rely on the skill to supply the Node runtime). The metadata claim about 'creating binaries: node, tsx' appears to be a documentation/metadata error. - Set CONSENSUS_STATE_ROOT/CONSENSUS_STATE_FILE to a dedicated, non-privileged directory (do NOT point it at /etc, home, or any secrets volume). Follow the SECURITY-ASSURANCE.md recommendations (non-root user, scoped writable mount, deny-by-default egress). - Inspect and pin the transitive dependency 'consensus-guard-core' before running in production — the package delegates state/aggregation to that dependency and the maintainer note calls it part of the trust boundary. - Note run.js will also write a ./out/deployment-<timestamp>.json file in the current working directory; in automated environments set the working directory or container mount so that this write is acceptable. - Run npm test in an isolated environment and verify behavior on representative inputs; prefer running in a container or VM with limited egress and a scoped filesystem mount. If you need higher assurance, request evidence that consensus-guard-core has been audited/pinned and consider running the package inside a sandbox with a minimal environment allowlist.

功能分析

Type: OpenClaw Skill Name: consensus-deployment-guard Version: 0.1.10 The OpenClaw AgentSkills skill bundle 'consensus-deployment-guard' is classified as benign. Its purpose is pre-deployment governance, involving input validation, policy evaluation, and local audit artifact generation. The skill explicitly states in `SKILL.md`, `metadata.json`, and `SECURITY-ASSURANCE.md` that it performs no outbound network calls. File system interactions are limited to reading input and schema, and writing decision artifacts to a configured state path (`CONSENSUS_STATE_FILE`, `CONSENSUS_STATE_ROOT`), with strong recommendations in `SECURITY-ASSURANCE.md` for secure configuration. There is no evidence of intentional harmful behavior, data exfiltration, persistence mechanisms, or prompt injection attempts against the agent.

能力评估

ℹ Purpose & Capability

Name/description match the code: the package validates a deployment JSON schema, computes policy flags, aggregates votes, and emits ALLOW|BLOCK|REQUIRE_REWRITE while writing audit artifacts. Required binaries (node, tsx) and state-path env vars align with a Node/npm package. Minor inconsistency: the install metadata claims the package 'creates binaries: node, tsx' — packages should not be creating system Node binaries; this is likely a metadata/doc error and not needed for the stated purpose.

ℹ Instruction Scope

SKILL.md and the code are scoped: schema validation, deterministic voting, and artifact writes under the configured state path. The handler only reads inputs and the resolved state path; it does not perform network calls or access other env vars. Small runtime detail: run.js (provided example entrypoint) also writes a separate ./out/deployment-<ts>.json file in the current dir in addition to the state artifact — this extra local write may be unexpected in some automation environments and should be considered when picking working directory and permissions.

✓ Install Mechanism

Install is via npm (npm i consensus-deployment-guard) and the package.json/lockfile show only normal npm dependencies (ajv, ajv-formats, consensus-guard-core, tsx). No arbitrary remote downloads or URL-extract installs are present. The only oddity is the metadata entry claiming the package 'creates binaries: node, tsx' — npm install will provide 'tsx' as a dependency binary but it will not 'create' the system 'node' runtime; ensure Node >=18 is provided by the environment.

✓ Credentials

The skill only requires two env vars (CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT) used for state path resolution; no API keys or unrelated credentials are requested. The package and security note explicitly recommend using a dedicated non-privileged directory for state and not exposing unrelated sensitive env vars.

✓ Persistence & Privilege

always:false and no special platform-wide privileges are requested. The skill writes its own board/state artifacts and does not modify other skills or system configuration. It does not require permanent inclusion or elevated privileges.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install consensus-deployment-guard
安装完成后，直接呼叫该 Skill 的名称或使用 /consensus-deployment-guard 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.1.10

Bumped consensus-guard-core dependency to ^1.1.15 and rolled forward release.

v0.1.9

Added explicit requires/env/install SKILL frontmatter for registry scanner parity.

v0.1.8

Declared required state env vars in package config and README for scanner clarity.

v0.1.7

Updated to consensus-guard-core ^1.1.13 with package-root import contract and compatibility fixes.

v0.1.6

Bumped consensus-guard-core dependency to ^1.1.11 and rolled forward release.

v0.1.5

Added SECURITY-ASSURANCE.md and linked auditor guidance from SKILL.md.

v0.1.4

Metadata/docs aligned to consensus-interact strategy; removed ambiguous backend wording.

v0.1.3

Bumped consensus-guard-core dependency to ^1.1.10 and released patch version.

v0.1.2

Bumped semver deps (consensus-guard-core 1.1.5 / consensus-tools 0.1.8) and version.

v0.1.1

Decoupled guard/provider path; deterministic contract updates.

v0.1.0

Initial release: deployment guard with strict schema validation, deterministic policy flags, idempotency, board artifacts, and vector-driven tests.

元数据

Slug consensus-deployment-guard

版本 0.1.10

许可证 —

累计安装 2

当前安装数 2

历史版本数 11

常见问题