← 返回 Skills 市场
Write Tools (require
700
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install governance
功能描述
Interact with XPR Network on-chain governance: view communities, proposals, vote with weighted tokens, and create proposals paying community fees.
使用说明 (SKILL.md)
XPR Network Governance
You have tools to interact with XPR Network's on-chain governance system via the gov contract. Communities create proposals, and token holders vote on them.
Key Concepts
- Communities — governance groups (XPR Network, Metal DAO, LOAN Protocol, XPR Grants, Metal X, D.O.G.E.). Each has its own voting strategy, proposal fee, and quorum.
- Proposals — on-chain records with candidates (voting options), start/end times, and an approval status. Proposal content (title, description) is stored off-chain in the Gov API.
- Voting Strategies — determine who can vote and how vote weight is calculated:
xpr-unstaked-and-staked-balances— weight = XPR balance (staked + unstaked)xmt-balances— weight = XMT balanceloan-and-sloan-balances— weight = LOAN + sLOAN balancekyc-verification— 1 vote per KYC-verified account
- Voting Systems —
"0"= single choice,"1"= multiple choice,"2"= ranked choice,"5"= approval voting - Quorum — minimum participation threshold (basis points, e.g. 300 = 3%)
- Proposal Fee — token payment required to create a proposal (varies by community, e.g. 20,000 XPR, 100 XMT, 50,000 LOAN)
Active Communities
| ID | Name | Strategy | Fee | Quorum |
|---|---|---|---|---|
| 3 | XPR Network | XPR balances | 20,000 XPR | 3% |
| 4 | Metal DAO | XMT balances | 100 XMT | 3% |
| 5 | LOAN Protocol | LOAN+sLOAN | 50,000 LOAN | 25% |
| 6 | XPR Grants | XPR balances | 20,000 XPR | 3% |
| 7 | Metal X | XPR balances | 20,000 XPR | 3% |
| 8 | D.O.G.E. | KYC verification | 1 XDOGE | 0.01% |
Read-Only Tools (safe, no signing)
gov_list_communities— list all governance communities with strategies, fees, quorum, and adminsgov_list_proposals— list proposals with optional community and status filtersgov_get_proposal— get full proposal details including title and description from Gov API, plus vote totals per candidategov_get_votes— get individual votes cast on a proposal (scans from most recent)gov_get_config— get governance global config (paused state, total counts)
Write Tools (require confirmed: true)
gov_vote— vote on an active proposal. Specify the candidate(s) and weight.gov_post_proposal— create a new governance proposal. Requires paying the community's proposal fee (token transfer + postprop action in one transaction).
Voting
To vote, you need the communityId, proposalId, and winners (array of candidate IDs with weights). For simple Yes/No proposals, use [{id: 0, weight: 100}] for Yes or [{id: 1, weight: 100}] for No.
Creating Proposals
Creating a proposal requires:
- A
contentID — created via the Gov API (https://gov.api.xprnetwork.org) - Paying the community's proposal fee (token transfer to
gov) - Calling
postpropwith all proposal parameters
The gov_post_proposal tool handles steps 2 and 3 (fee + postprop). You must provide the content ID from step 1.
Proposal URLs
Proposals can be viewed at: https://gov.xprnetwork.org/communities/{communityId}/proposals/{proposalId}
Safety Rules
- Proposals have start and end times — voting is only allowed during the active period
- Each community has different fee tokens — check the community's
proposalFeebefore creating proposals - Quorum is in basis points (300 = 3%) — proposals need sufficient participation to pass
- Admins can approve/decline proposals — the
approvefield shows the final status
安全使用建议
The code largely does what the description says, but it omits key operational details. Before installing or running this skill: (1) Do not put your full account private key into XPR_PRIVATE_KEY unless you fully trust the skill and author — supplying that env will allow the skill to sign transactions as your account. Prefer using a signing service, a hardware signer, or a key with minimal permissions. (2) Ask the author/maintainer to update skill.json and SKILL.md to explicitly list required env vars (XPR_PRIVATE_KEY, XPR_ACCOUNT, XPR_PERMISSION) and any runtime dependencies (e.g., @proton/js) so you can make an informed decision. (3) If you must test, use only the read-only tools first (they do not require keys) and run them in a sandboxed environment. (4) If enabling write features, consider using an ephemeral or limited-permission key and verify transactions produced before broadcasting. (5) Verify the source/publisher (source is unknown) and prefer skills with declared dependencies and clear provenance; lack of metadata and omitted credential declarations are the main reasons this skill is flagged suspicious.
功能分析
Type: OpenClaw Skill
Name: governance
Version: 0.2.11
The skill provides tools for interacting with XPR Network's on-chain governance, including listing communities and proposals (read-only) and voting or creating proposals (write operations). The `SKILL.md` clearly outlines the functionality and requires explicit confirmation (`confirmed: true`) for all write actions, which is a strong safety measure against accidental or unauthorized agent actions. The `src/index.ts` code uses environment variables for blockchain private keys to sign transactions, which is necessary for its stated purpose, but does not exfiltrate these keys or perform any unauthorized operations. All network calls are to legitimate XPR Network RPCs and a governance API. No evidence of prompt injection, data exfiltration, arbitrary command execution, or other malicious intent was found.
能力评估
Purpose & Capability
The skill's described purpose (read/view proposals and optionally vote/post proposals) matches the included code: read-only functions call the on-chain RPC and Gov API and write functions sign transactions. However the skill metadata declares no required environment variables or credentials while the code requires XPR_PRIVATE_KEY and XPR_ACCOUNT (and optionally XPR_PERMISSION) to sign transactions — this is an important mismatch between declared requirements and actual capability.
Instruction Scope
SKILL.md documents read-only and write tools and notes that write tools require confirmation, which is appropriate. But SKILL.md does not mention that signing requires storing a private key in env vars or that a dependency (@proton/js) is used. The runtime instructions/code do not read unrelated system files or call hidden endpoints; network calls are to public RPC endpoints and gov.api.xprnetwork.org. The main issue is omission of the signing credential from user-facing instructions/metadata.
Install Mechanism
There is no install spec (instruction-only), which minimizes install-time risk. However the code dynamically imports '@proton/js' and expects Node runtime fetch usage; no dependencies are declared in skill.json. That means the environment must already provide @proton/js (or the operator will need to install it), which is an operational omission and could lead to ad-hoc installs by whoever runs it.
Credentials
The code requires XPR_PRIVATE_KEY and XPR_ACCOUNT for write operations — perfectly proportional to signing transactions — but these required env vars are not declared in skill.json or SKILL.md. Asking for a raw private key is high risk: anyone supplying that env grants the skill full signing authority for that account. The skill does not request unrelated credentials, but the omission of declaration and guidance about safer signing alternatives is worrying.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. It caches a session in memory (cachedSession) but does not modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but write tools require explicit confirmation per SKILL.md.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install governance - 安装完成后,直接呼叫该 Skill 的名称或使用
/governance触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.11
- Added detailed documentation of XPR Network's on-chain governance system, including communities, proposals, voting strategies, and quorum.
- Described active governance communities with their voting strategies, fees, and quorum thresholds.
- Listed all available read-only and write tools for interacting with the governance contract.
- Provided clear step-by-step guides for voting and creating proposals.
- Included safety rules and key parameters to ensure correct usage.
元数据
常见问题
xpr-governance 是什么?
Interact with XPR Network on-chain governance: view communities, proposals, vote with weighted tokens, and create proposals paying community fees. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 700 次。
如何安装 xpr-governance?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install governance」即可一键安装,无需额外配置。
xpr-governance 是免费的吗?
是的,xpr-governance 完全免费(开源免费),可自由下载、安装和使用。
xpr-governance 支持哪些平台?
xpr-governance 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 xpr-governance?
由 paulgnz(@paulgnz)开发并维护,当前版本 v0.2.11。
推荐 Skills