← 返回 Skills 市场

Governed Delegation

Name: Governed Delegation
Author: joaodriessen

作者 Joao Driessen · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ 安全检测通过

150

总下载

当前安装

版本数

在 OpenClaw 中安装

/install governed-delegation

功能描述

Policy-guided governed delegation for subagent use. Use when deciding whether to delegate, which model tier is allowed, whether execution must fail closed, o...

使用说明 (SKILL.md)

Governed Delegation

Canonical model-routing source: docs/MODEL_ROUTING_POLICY.md

If this file conflicts with routing doctrine, the canonical policy doc wins.

Use this skill when a task may require subagents or governed delegation.

This is the canonical front door for delegation-envelope policy in configuration/governance work. Use it to answer one narrow question well:

If delegation is needed, what execution envelope is allowed?

Do not use this skill as a substitute for:

live runtime inspection
persisted config inspection
config mutation/apply workflows

Goal

Keep the split clean:

GPT decides whether delegation is needed, how to decompose the work, and whether deterministic execution is better
governed delegation decides the allowed execution envelope
OpenClaw runtime performs the actual spawn/execution through supported surfaces

Do not patch OpenClaw core for this. Do not depend on dist internals. Prefer add-on boundaries.

Default rule

Before delegating, classify the task on four axes:

taskClass: A|B|C|D
deterministic: true|false
criticalWrite: true|false
requiresDeepReasoning: true|false

Then use the helper:

node skills/governed-delegation/scripts/request.js '{...json...}'

For Class C/D or other fail-closed work, include frontDoor explicitly (for example orchestrator:orchestrators/reflect/orchestrator.md). The helper now rejects strict requests when the requested front door does not match canonical policy.

Policy intent

GPT for ambiguity, policy interpretation, arbitration, deep synthesis, and critical governance review
CODEX for bounded implementation, deterministic transforms, verification, backup/apply/validate routines
MINIMAX only for bounded low-risk read-only work
fail closed for Class C/D and other unsafe downgrade cases

When to use

Use this skill when:

an orchestrator needs subagents
a cron/delegated task needs model-tier guardrails
a task mixes planning and implementation and you need a safe split
a critical write or durable memory/governance task must not silently degrade to a weak model

Use it after deciding that delegation is actually on the table. For ordinary questions like "what is live right now?", "what does the saved config say?", or "apply this config change safely", start with the appropriate inspection/mutation surface instead.

Output contract

The helper should produce a decision containing:

chosen model
failClosed true/false
policy source
runner type
optional auditable spawn request envelope

Minimal workflow

Decide if delegation is actually needed
Classify task risk/type
Ask governed-delegation helper for decision
If safe, pass the resulting request to the supported runtime/tool surface
If not safe, refuse or escalate instead of degrading

Canonical config/governance split

live runtime state → inspect runtime/session/gateway state directly
saved config state → inspect persisted config/schema directly
safe mutation → use supported config patch/apply/restart flows
delegation policy → use this skill

If plain GPT or a direct deterministic runner is enough, do not add delegation. This skill reduces unsafe delegation — it is not a reason to turn everything into a subagent workflow.

安全使用建议

This skill appears to do what it says (build policy-guided delegation decisions) and does not try to exfiltrate secrets, but check these before installing: - Ensure a Node runtime will be available where the skill runs (SKILL.md invokes `node` but the metadata does not list it). If Node isn't present, the helper will fail. - Confirm that the internal module `lib/intent-router/policy.mjs` (and the canonical policy file docs/MODEL_ROUTING_POLICY.md) exist in your agent/runtime and are trusted — the script imports and depends on those internal libraries which are not bundled with the skill. - If you prefer a skill that is self-contained and does not rely on repo internals, request or provide an implementation that does not import '../../../lib/...'. - Test the helper with non-sensitive inputs to verify it behaves as expected, and review the referenced internal policy code for correctness and security because changes to that internal code will change this skill's decisions.

功能分析

Type: OpenClaw Skill Name: governed-delegation Version: 1.0.0 The skill implements a policy-guided delegation framework for subagents, focusing on enforcing model-tier guardrails and 'fail-closed' logic for critical tasks. The core logic in `scripts/request.js` processes task classifications and interfaces with local policy libraries to generate auditable spawn requests, showing no signs of malicious intent, data exfiltration, or unauthorized execution.

能力评估

ℹ Purpose & Capability

The name/description and the implementation align: this is a narrow policy helper that builds a governed-delegation decision and spawn envelope. Two minor inconsistencies: the SKILL.md shows running the helper via `node .../request.js` but the registry metadata lists no required binaries; and the script imports '../../../lib/intent-router/policy.mjs' (an internal repo/library) which is not included in the skill bundle. Both are plausible design choices (relying on the runtime repo), but they should be explicit.

✓ Instruction Scope

SKILL.md is narrowly scoped and instructs only to classify a task then call the helper. The script only reads JSON from argv/stdin, calls internal policy functions, builds a plan, and prints a JSON decision. It does not perform network I/O, read arbitrary files, or exfiltrate data in the included code.

✓ Install Mechanism

No install spec — lowest-risk model. The skill includes a small Node script but does not attempt to download or install external code. The only risk is runtime dependency on internal libraries (see purpose_capability).

✓ Credentials

The skill requires no environment variables or credentials and does not reference any secret-containing paths. Its input is JSON provided via argument/stdin; outputs are printed to stdout.

✓ Persistence & Privilege

The skill is not always-enabled, is user-invocable, and allows autonomous invocation (default). That autonomous capability is normal for skills and is not by itself a problem here.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install governed-delegation
安装完成后，直接呼叫该 Skill 的名称或使用 /governed-delegation 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

governed-delegation v1.0.0 - Introduces a governance skill for policy-guided, auditable delegation decisions. - Provides a structured helper to determine allowed execution envelope before delegating tasks. - Standardizes task classification on risk and type axes (taskClass, deterministic, criticalWrite, requiresDeepReasoning). - Enforces separation between task decomposition (GPT), policy (governed delegation), and execution (OpenClaw runtime). - Strongly discourages unsafe delegation and mandates “fail closed” for critical or high-risk operations. - Clarifies when to use the skill versus other configuration, inspection, or mutation workflows.

元数据

Slug governed-delegation

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题