← 返回 Skills 市场
363
总下载
1
收藏
0
当前安装
12
版本数
在 OpenClaw 中安装
/install governed-agents
功能描述
Deterministic verification + reputation scoring for AI sub-agents. Prevents hallucinated success via 4 code gates (files, tests, lint, AST) and a 3-layer pip...
使用说明 (SKILL.md)
Governed Agents
Deterministic verification + reputation scoring for AI sub-agents. Prevents hallucinated success ("I did it!") by verifying claims independently before updating the agent's score.
Pure Python stdlib — zero external dependencies.
Capabilities
Spawns external CLIs (codex, openclaw, git, pytest) and makes HTTP HEAD requests.
When to Use
Use this skill when you need to:
- Spawn sub-agents and verify their output automatically
- Score agent reliability across tasks (EMA-based reputation)
- Detect hallucinated success — agent claims "done" but files are missing or tests fail
- Verify open-ended tasks (research, analysis, strategy) via LLM Council
- Enforce supervision levels based on agent track record
Quick Start
Coding Tasks (Deterministic Verification)
from governed_agents.contract import TaskContract
from governed_agents.orchestrator import GovernedOrchestrator
contract = TaskContract(
objective="Add JWT auth endpoint",
acceptance_criteria=["POST /api/auth returns JWT", "Tests pass"],
required_files=["api/auth.py", "tests/test_auth.py"],
run_tests="pytest tests/test_auth.py -v",
)
g = GovernedOrchestrator(contract, model="openai/gpt-5.2-codex")
# After agent completes:
result = g.record_success() # runs gates, updates reputation
Open-Ended Tasks (3-Layer Pipeline + LLM Council)
contract = TaskContract(
objective="Write architecture decision record for auth module",
acceptance_criteria=["Trade-offs documented", "Decision stated"],
verification_mode="council",
task_type="analysis",
council_size=3,
)
g = GovernedOrchestrator(contract, model="openai/gpt-5.2-codex")
prompts = g.generate_council_tasks(worker_output)
result = g.record_council_verdict(raw_reviewer_outputs)
# → "Council: 2/3 approved (score=0.67, PASS ✅)"
CLI Spawning (Codex / OpenClaw)
from governed_agents.openclaw_wrapper import spawn_governed
contract = TaskContract(
objective="Build a REST API for todos",
acceptance_criteria=["CRUD endpoints work", "Tests pass"],
required_files=["api.py", "tests/test_api.py"],
)
# Uses Codex 5.3 CLI by default
result = spawn_governed(contract, engine="codex53")
# Or via OpenClaw agent CLI:
result = spawn_governed(contract, engine="openclaw")
Verification Modes
Deterministic (Coding Tasks)
4 gates run automatically — all must pass:
| Gate | Check | Signal |
|---|---|---|
| Files | Required files exist and are non-empty | Hard fail |
| Tests | Test command exits 0 | Hard fail |
| Lint | No lint errors | Hard fail |
| AST | Python files parse without SyntaxError | Hard fail |
If agent claims SUCCESS but any gate fails → score override to -1.0 (hallucination penalty).
Council (Open-Ended Tasks)
3-layer pipeline with short-circuit:
- Structural Gate (\x3C1s) — word count, required sections, no empty sections
- Grounding Gate (5–30s) — URL reachability, citation checks
- LLM Council (30–120s) — N independent reviewers, majority vote
If Layer 1 fails → no LLM calls, instant result, zero cost.
Reputation System
R(t+1) = (1 − α) · R(t) + α · s(t), α = 0.3
| Score | Meaning |
|---|---|
| +1.0 | Verified success (first try) |
| +0.7 | Verified success (after retry) |
| +0.5 | Honest blocker report |
| 0.0 | Failed but tried |
| −1.0 | Hallucinated success |
Supervision Levels
| Reputation | Level | Effect |
|---|---|---|
| > 0.8 | autonomous | Full trust |
| > 0.6 | standard | Normal supervision |
| > 0.4 | supervised | Checkpoints required |
| > 0.2 | strict | Model override to Opus |
| ≤ 0.2 | suspended | Task blocked |
Task-Type Profiles
Pre-configured gate combinations:
task_type |
Layer 1 | Layer 2 | Min words |
|---|---|---|---|
research |
word_count, sources_list | url_reachable, citations | 200 |
analysis |
word_count, required_sections | numbers_consistent | 150 |
strategy |
required_sections, word_count | cross_refs_resolve | 100 |
writing |
word_count | — | 50 |
planning |
required_sections, has_steps | dates_valid | 50 |
Installation
bash install.sh
# → Copies governed_agents/ to $OPENCLAW_WORKSPACE/governed_agents/
# → Runs verification suite (37 tests)
Tests
python3 -m pytest governed_agents/test_verification.py \
governed_agents/test_council.py \
governed_agents/test_profiles.py -v
# 37 passed
安全使用建议
This skill appears coherent and implements exactly what it claims: it spawns external agent CLIs, runs git/pytest, probes URLs, and stores a local reputation DB. Before installing, review install.sh and confirm you are comfortable with copying the repository into your OpenClaw workspace. Consider these precautions: (1) run the install in a sandbox or inspect the script to confirm no unexpected actions, (2) ensure the external CLIs (codex, openclaw, git, pytest) you allow are trusted, (3) do not set sensitive API keys into env vars that would be forwarded (GOVERNED_AUTH_TOKEN is optional and listed), (4) if you want to prevent any network checks, set GOVERNED_NO_NETWORK=1 to skip URL probing, and (5) review the allowlist in the code if you have special secret-management needs. The repository includes prompt-injection detection and some sanitization, but always treat outputs used to build prompts with caution.
功能分析
Type: OpenClaw Skill
Name: governed-agents
Version: 0.1.11
The governed-agents skill bundle is a sophisticated framework for AI agent verification and reputation management that demonstrates strong security engineering. It includes proactive defenses against common AI-related risks, such as SSRF protection in grounding_gate.py (blocking private/internal IPs), strict environment variable allowlisting in openclaw_wrapper.py to prevent credential leakage to subprocesses, and AST-based analysis in verification.py to detect dangerous imports in agent-generated code. The installation script (install.sh) incorporates path validation to prevent traversal, and the orchestrator uses shlex for safe command execution, effectively mitigating shell injection risks.
能力评估
Purpose & Capability
Name/description (deterministic verification + reputation for sub-agents) matches the actual code and SKILL.md: the package runs deterministic gates (files/tests/lint/AST), a grounding gate (HTTP HEAD reachability), and an LLM council. Requested binaries (codex, git, pytest) and optional linters are proportionate to these features.
Instruction Scope
SKILL.md and code direct the agent to spawn external CLIs (codex/openclaw), run git/pytest, probe URLs with HTTP HEAD, and write a local SQLite DB under the skill's workspace. These actions are within the stated verification/rep scoring scope. The skill also includes prompt-sanitization and prompt-injection detection logic (e.g., replacing IGNORE/OVERRIDE), which explains the presence of such strings.
Install Mechanism
Install is a bundled install.sh script (present in the repo) that copies code into the OpenClaw workspace. No external downloads from untrusted URLs or remote extract operations are used. This is an expected and proportionate install method for an instruction+code skill, but you should still inspect the script before running.
Credentials
Only optional env vars are declared (workspace paths, DB path, optional GOVERNED_AUTH_TOKEN). The code documents a narrow allowlist for env variables forwarded to subprocesses and provides a GOVERNED_NO_NETWORK toggle. No unrelated secret-scoped variables are requested. Requiring access to a workspace and a local DB file is consistent with a reputation/persistence feature.
Persistence & Privilege
The skill writes to its own state directory (~/.openclaw/workspace/.state/governed_agents/) and persists a local SQLite DB for reputations. always is false and it does not request system-wide privileged persistence or modify other skills' configs. This level of persistence matches the declared purpose.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install governed-agents - 安装完成后,直接呼叫该 Skill 的名称或使用
/governed-agents触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.11
- Improved error handling and messaging in verification logic.
- Minor code refactoring in `verification.py` and `verifier.py` for clarity and maintainability.
v0.1.10
- Updated metadata in SKILL.md to restructure required and optional binaries.
- Adjusted manifest metadata for improved clarity and organization.
- No functional changes to core code or APIs.
v0.1.9
- Added "source" and "homepage" URLs to metadata, referencing the GitHub repository.
- Updated metadata to reflect bin requirements as objects with "name" and "optional" fields, and changed "type" to "executable/with-install".
- Manifest and SKILL.md now declare public repository for origin and documentation.
- No changes to core logic or test coverage.
v0.1.8
- Added environment variable support for configuration (OPENCLAW_WORKSPACE, GOVERNED_WORK_DIR, GOVERNED_DB_PATH, GOVERNED_AUTH_TOKEN).
- Updated SKILL.md to document new environment variables.
- Minor metadata and manifest adjustments for improved clarity and configuration.
- Added conftest.py files to support test isolation and setup.
v0.1.7
- Updated manifest.json for compatibility or metadata adjustment.
- No functional or documentation changes to the skill itself.
v0.1.6
- Improved import hygiene and isolation in test and wrapper modules.
- Enhanced environment isolation in tests to prevent cross-test state leakage.
- Security documentation (SECURITY.md) added or updated.
- Manifest and metadata updated for clarity and completeness.
v0.1.5
- Added thorough security documentation (SECURITY.md).
- Introduced new files for prompt validation and test coverage, including council, grounding, metadata, and environment isolation tests.
- Updated SKILL.md with clearer install instructions, capability flags, directory details, and improved metadata structure.
- Enhanced test suite for better coverage of governance, environment isolation, metadata validation, and SSRF grounding checks.
- Refactored core modules and install script for improved maintainability.
v0.1.4
**v0.1.4 - Adds network and subprocess capability metadata, expands CLI requirements**
- Added skill capabilities section: now explicitly marked as network-capable and subprocess-capable.
- Expanded executable requirements: codex, openclaw, git, pytest, ruff, flake8, and pylint now listed as needed binaries.
- Updated install metadata to clarify install spec and execution type.
- README and SKILL.md updated to document the ability to spawn external processes and make network (HTTP HEAD) requests.
- No changes to core logic; primarily metadata and documentation improvements.
v0.1.3
- No functional changes; version bumped to 0.1.3 without file modifications.
- Documentation and metadata remain unchanged.
v0.1.2
- No changes detected since the previous version.
- Version bump to 0.1.2 only; documentation and code remain identical.
v0.1.1
Version 0.1.1 of governed-agents
- No file changes detected in this release.
- No updates or modifications to functionality, documentation, or metadata.
v0.1.0
Initial release of governed-agents: deterministic verification and reputation scoring for AI sub-agents.
- Prevents hallucinated success with 4 code gates (files, tests, lint, AST) and a 3-layer pipeline (Structural → Grounding → LLM Council) for open-ended tasks.
- EMA-based reputation scoring adapts supervision level to agent reliability.
- Supports deterministic (coding) and council (open-ended) verification modes.
- Includes pre-configured task-type profiles and CLI/script install.
- Pure Python stdlib; no external dependencies.
元数据
常见问题
Governed Agents 是什么?
Deterministic verification + reputation scoring for AI sub-agents. Prevents hallucinated success via 4 code gates (files, tests, lint, AST) and a 3-layer pip... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 363 次。
如何安装 Governed Agents?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install governed-agents」即可一键安装,无需额外配置。
Governed Agents 是免费的吗?
是的,Governed Agents 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Governed Agents 支持哪些平台?
Governed Agents 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Governed Agents?
由 Nefas11(@nefas11)开发并维护,当前版本 v0.1.11。
推荐 Skills