← 返回 Skills 市场

consensus-send-email-guard

Name: consensus-send-email-guard
Author: kaicianflone

作者 Kai Cianflone · GitHub ↗ · v1.1.15

cross-platform ✓ 安全检测通过

529

总下载

当前安装

版本数

在 OpenClaw 中安装

/install consensus-send-email-guard

功能描述

Persona-weighted pre-send email governance for AI systems. Produces APPROVE/BLOCK/REWRITE decisions, writes decision artifacts to the board ledger, and retur...

使用说明 (SKILL.md)

consensus-send-email-guard

consensus-send-email-guard is a production-style outbound communication guardrail.

What this skill does

evaluates an email draft with a persona panel
aggregates votes by reputation (weighted approval policy)
enforces hard-block categories (sensitive data, legal/medical certainty, disallowed guarantees)
returns final decision: APPROVE | BLOCK | REWRITE
writes decision artifacts to board state

Why this matters

Email is high-impact and irreversible once sent. This skill reduces hallucinated promises and policy-violating claims before external side effects occur.

Ecosystem role

Stack position:

consensus-tools -> consensus-interact pattern -> persona_set -> send-email-guard

It converts raw generation into governed action with auditability.

Governance and learning

strict JSON contracts for automation pipelines
idempotent retries to prevent duplicate reputation mutation
reputation updates calibrate evaluator influence over time

Use cases

customer-facing outbound messaging
partner/legal-sensitive communications
automated campaign quality gates

Runtime, credentials, and network behavior

runtime binaries: node, tsx
network calls: none in guard decision logic
environment config read by this package: CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT
filesystem writes: board/state artifacts under the configured consensus state path

Dependency trust model

consensus-guard-core is the first-party consensus package used in guard execution
versions are semver-pinned in package.json for reproducible installs
this skill does not request host-wide privileges and does not mutate other skills

Install

npm i consensus-send-email-guard

Quick start

node --import tsx run.js --input ./examples/email-input.json

Tool-call integration

This skill is wired to the consensus-interact contract boundary (via shared consensus-guard-core wrappers where applicable):

readBoardPolicy
getLatestPersonaSet / getPersonaSet
writeArtifact / writeDecision
idempotent decision lookup

This keeps board orchestration standardized across skills.

Invoke Contract

This skill exposes a canonical entrypoint:

invoke(input, opts?) -> Promise\x3COutputJson | ErrorJson>

invoke() starts the guard flow and executes deterministic policy evaluation with board operations via shared guard-core wrappers.

external_agent mode

Guards support two modes:

mode="external_agent": caller supplies external_votes[] from agents/humans/models for deterministic aggregation.
mode="persona": requires an existing persona_set_id; guard will not generate persona sets internally.

安全使用建议

This skill appears to do what it claims: local, deterministic pre-send email governance that writes auditable artifacts to a configured state path. Before installing, (1) ensure CONSENSUS_STATE_FILE / CONSENSUS_STATE_ROOT point to a dedicated, non-sensitive directory (do not reuse system or secrets directories), (2) review the published npm package and the consensus-guard-core / @consensus-tools/consensus-tools dependencies for any unexpected behavior, (3) run the included tests in an isolated environment, and (4) consider installing in a sandbox or CI environment first. Note that npm install will fetch dependencies from the registry—treat that as usual supply-chain risk and pin/verify package integrity for production use.

功能分析

Type: OpenClaw Skill Name: consensus-send-email-guard Version: 1.1.15 The skill `consensus-send-email-guard` is designed for pre-send email governance, evaluating drafts against policies and constraints. It explicitly states and demonstrates that it makes no outbound network calls for its decision logic, relying instead on local, deterministic string matching and replacement for its 'LLM' functions (`src/llm.mjs`). The `run.js` script includes robust path sanitization to prevent path traversal attacks when reading input files. Input is strictly validated (`src/validate.mjs`), and output/state artifacts are written to a configured local path, with documentation advising against sensitive directories. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent in the documentation files (`SKILL.md`, `AI-SELF-IMPROVEMENT.md`).

能力评估

✓ Purpose & Capability

Name/description match required binaries (node, tsx), the code implements persona-weighted voting, hard-block logic, rewrite generation, and board writes. Requested env vars (CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT) are explained as the local state path and are appropriate for a ledgered decision guard.

✓ Instruction Scope

SKILL.md and run.js/included source limit behavior to evaluating an input JSON, generating votes, aggregating decisions, and writing artifacts to the configured consensus state path. There are no instructions to read unrelated system files, ask for unrelated credentials, or call external network endpoints in the guard decision path.

ℹ Install Mechanism

Install is via npm (package: consensus-send-email-guard), which is the expected distribution for a Node package. npm installs are a moderate-risk operation (third-party code fetched at install time); this is proportionate for a Node skill but you should review the published package and its dependencies (consensus-guard-core, @consensus-tools/consensus-tools) before installing in production.

✓ Credentials

Only two environment variables are required (state file/root) and their purpose (local state storage) is documented. No API keys, tokens, or unrelated credentials are requested. The code uses the state path to read/write board artifacts—this access is necessary for auditability but you should ensure the path does not point at sensitive system or secrets directories.

✓ Persistence & Privilege

Skill does not request permanent inclusion (always: false) and does not modify other skills. Its persistence is limited to writing decision/persona artifacts under the configured consensus state path, which is consistent with its auditability goals.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install consensus-send-email-guard
安装完成后，直接呼叫该 Skill 的名称或使用 /consensus-send-email-guard 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.1.15

Aligned SKILL metadata/install docs for registry-only path and removed misleading install bins.

v1.1.14

Bumped consensus-guard-core dependency to ^1.1.15 and rolled forward release.

v1.1.13

Added explicit requires/env/install SKILL frontmatter for registry scanner parity.

v1.1.12

Declared required state env vars in package config and README for scanner clarity.

v1.1.11

Updated to consensus-guard-core ^1.1.13 with package-root import contract and compatibility fixes.

v1.1.10

Bumped consensus-guard-core dependency to ^1.1.11 and rolled forward release.

v1.1.9

Bumped consensus-guard-core dependency to ^1.1.10 and released patch version.

v1.1.8

Bumped semver deps (consensus-guard-core 1.1.5 / consensus-tools 0.1.8) and version.

v1.1.7

Decoupled guard/provider path; deterministic contract updates.

v1.1.6

Bump consensus-guard-core dependency to ^1.1.4 for corrected invoke contract and shared core alignment.

v1.1.5

Scanner hardening: remove required OPENAI_API_KEY metadata; clarify optional/conditional LLM credentials

v1.1.4

confirm release sync

v1.1.3

Security hardening: explicit runtime/credential model and semver-pinned npm dependencies

v1.1.2

Packaging hardening: standalone install metadata, dependency cleanup, and safer runtime requirements

v1.1.1

Security hardening: statePath confined to safe root with traversal protection

v1.1.0

Release 1.1.0: invoke contract + external-agent support + ecosystem alignment

v1.0.1

Use consensus-guard-core and release 1.0.1

v1.0.0

1.0.0 initial public release

元数据

Slug consensus-send-email-guard

版本 1.1.15

许可证 —

累计安装 0

当前安装数 0

历史版本数 18

常见问题