← 返回 Skills 市场
Moses Governance
作者
burnmydays
· GitHub ↗
· v0.5.10
· MIT-0
505
总下载
0
收藏
2
当前安装
26
版本数
在 OpenClaw 中安装
/install moses-governance
功能描述
MO§ES™ Governance Harness — constitutional enforcement layer for AI agents. Modes, postures, roles, SHA-256 audit chain, lineage custody, signing gate, commi...
安全使用建议
This skill appears to implement the governance/audit functionality it advertises, but review a few items before installing or enabling network features: 1) Inspect sign_transaction.py and audit_stub.py to confirm MOSES_OPERATOR_SECRET is only used locally and never sent over the network. 2) Confirm how witness/referee posting is implemented (search for REFEREE_URL, REFEREE_KEY, MOLTBOOK_API_KEY in scripts) and only set those env vars when you intend to share kernels/hashes externally. 3) Note the SKILL.md references MOLTBOOK_API_KEY but it is not declared in the env block—ensure you understand what data the witness endpoint will receive. 4) Because the skill can be invoked autonomously by the agent, keep network opt‑ins disabled (MOSES_WITNESS_ENABLED, REFEREE_ENABLED) unless you want automatic external submissions. If you are not comfortable auditing the scripts yourself, treat this skill as requiring a manual security review before production use.
功能分析
Type: OpenClaw Skill
Name: moses-governance
Version: 0.5.10
This bundle implements an extensive "governance harness" for AI agents, introducing several high-risk capabilities. Key indicators include scripts designed to exfiltrate data to external endpoints (witness.py sending to moltbook.com and adversarial_review.py to a configurable REFEREE_URL), the management of a sensitive MOSES_OPERATOR_SECRET for HMAC signing and transaction gating (sign_transaction.py, meta.py), and a CAPTCHA-solving function in witness.py. While these features are aligned with the stated goal of providing an audit trail and policy enforcement, the combination of network access, secret handling, and highly prescriptive agent instructions in SKILL.md (which mandate halting execution if governance steps are skipped) creates a significant attack surface and potential for overriding user intent.
能力评估
Purpose & Capability
Name/description, scripts, and docs consistently describe a governance harness that performs lineage checks, commitment verification, and an append-only audit ledger. The optional env vars (MOSES_OPERATOR_SECRET, REFEREE_* and MOSES_WITNESS_ENABLED) and the listed CLI tools correspond to the declared functionality. One minor mismatch: the SKILL.md network table mentions a MOLTBOOK_API_KEY / MOLTBOOK_SUBMOLT for the external witness logger but MOLTBOOK_* is not enumerated in the skill's env block (missing explicit declaration). Overall capability requests are plausible for the described governance purpose.
Instruction Scope
SKILL.md instructs the agent to run local verification scripts (lineage_verify, init_state, audit_stub, etc.) and documents that network features are off by default. The included scripts (e.g., adversarial_review.py) can call external endpoints (REFEREE_URL) and optionally post witness events. Although SKILL.md limits what is sent (kernels and hashes only), the scripts perform network I/O and will transmit derived artifacts if opt‑in flags are enabled. The docs warn MOSES_OPERATOR_SECRET should not be transmitted, but you should review sign_transaction.py and audit_stub.py to confirm they don't accidentally leak secrets or include raw task content in outbound calls.
Install Mechanism
This is instruction‑only (no automated install spec). Code is included but no network download/extract/install step is present in the registry metadata. The skill references an external dependency ('coverify') but does not auto-install it. Absence of remote install steps lowers install-time risk.
Credentials
The sensitive envs documented in SKILL.md (MOSES_OPERATOR_SECRET, REFEREE_KEY) are appropriate for HMAC signing and for communicating with an external referee. However: (1) MOLTBOOK_API_KEY / MOLTBOOK_SUBMOLT are referenced in the network table but not explicitly declared in the env list; (2) registry metadata shows no required env vars — the skill relies on optional operator-set secrets to enable external behavior. Because the skill can send derived artifacts externally when enabled, operators should only set REFEREE_* or MOLTBOOK_* when they intend to share commitment kernels/hashes. The claim that MOSES_OPERATOR_SECRET is 'never transmitted' must be verified by inspecting sign_transaction.py/audit_stub.py.
Persistence & Privilege
always:false and no unusual system-wide config paths were requested; stateDirs are limited to ~/.openclaw/governance and ~/.openclaw/audits/moses, which is consistent with a local audit ledger. disable-model-invocation is false (normal), so the agent can invoke the skill autonomously; this increases blast radius if opt‑in network features are enabled, but is not a standalone misconfiguration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install moses-governance - 安装完成后,直接呼叫该 Skill 的名称或使用
/moses-governance触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.5.10
Auto-publish from commit ba030c37aed550c78f793324a83fde2ba8f65d23
v0.5.9
Auto-publish from commit 2ac304024a339b5c707470917070e092c9fd4867
v0.5.8
Auto-publish from commit 82092e45cbe83bec2f827f85b3cfcb97ef4a86cd
v0.5.7
Auto-publish from commit 3c71c7960e34f5494f925a310e052a22c7241971
v0.5.6
Auto-publish from commit 12936ccc7a0a74e4ac34e0b487d86a737396e0a7
v0.5.5
Auto-publish from commit 4bbdc81ed6bc6e18f1e5d0c2d4808d233ed92f12
v0.5.4
Auto-publish from commit 7ce401c1a1daf43bc36435de47966fa3382ee2d1
v0.5.3
Auto-publish from commit e52f7b4cd7a2d63854c4bee1eddd84b9adb9b762
v0.5.2
No file changes detected.
- Version incremented from 0.5.1 to 0.5.2 with no code or documentation changes.
- All features, workflow, commands, and documentation remain unchanged from the previous version.
v0.5.1
- Documentation in SKILL.md has been streamlined for clarity and conciseness.
- Redundant introductory and global directive sections have been condensed.
- Language updated for consistency; key constitutional principles and workflow preserved.
- No functional or behavioral changes in governance logic—documentation update only.
v0.5.0
v0.5.0 – Signing Key Now Governed
- Added scripts/sign_transaction.py: Signing tool enforces governance before key access; no bypass possible.
- MOSES_OPERATOR_SECRET is now only accessed inside the new signing tool after governance checks.
- SCOUT posture fully blocks signing; DEFENSE requires explicit confirmation; OFFENSE permits signing with audit.
- Expanded SKILL.md with updated roadmap, tool list, and dependency on coverify.
- Updated supporting/reference file structure and commands for new signing and verification tools.
v0.4.0
- Added new reference documents: falsifiability, ghost-token spec, and shannon-extension (references/).
- Introduced scripts/archival.py for archival-related functions.
- Updated handshake and lineage verification scripts to integrate with new references or workflow.
- Expanded internal documentation and formal references for theoretical foundations and future specification.
v0.3.1
- Improved reliability and error handling in the governance event loop (`govern_loop.py`)
- Minor internal script adjustments; no changes to user-facing commands or workflow
- No updates to documentation or policy specification
v0.3.0
**Governance proxy and internal protocols added.**
- Introduced new scripts for commitment verification, handshake, model swap testing, pattern registry, presence, and witness functionality.
- Implemented initial governance proxy logic for network-layer posture enforcement (see roadmap for v0.3).
- Updated `SKILL.md` to version 0.3.0 with expanded roadmap and clarified operational workflow.
- Made internal script and protocol enhancements to support upcoming governance middleware features.
v0.2.4
- Updated SKILL.md metadata version from 0.2.3 to 0.2.4.
- No additional documentation or functional changes included in this release.
v0.2.3
- Version bump to 0.2.3 with metadata updated in SKILL.md
- Documentation update: SKILL.md now reflects the new version and may include clarifications or minor corrections
- No substantive code or logic changes to scripts or tool workflow are indicated
v0.2.2
**moses-governance v0.2.2**
- Updated constitutional references to use "Commitment Conservation Law" for clarity.
- Minor consistency and terminology corrections in documentation (SKILL.md, LINEAGE.md).
- No code logic changes to scripts; documentation improvements only.
v0.2.1
- Updated version to 0.2.0 and revised metadata tags.
- Removed usage documentation, implementation details, and roadmap notes from SKILL.md, resulting in a shorter and more focused skill definition.
- No code or workflow logic changes; this release affects documentation only.
v0.2.0
No file changes detected in this version.
- Version bumped to 0.2.0, but there are no updates or changes to the skill files or documentation.
- All governance principles, workflow, and documentation remain unchanged from the previous release.
v0.1.6
Updated March 2026 — repositioned as governance harness layer, improved lineage verification, security hardening
元数据
常见问题
Moses Governance 是什么?
MO§ES™ Governance Harness — constitutional enforcement layer for AI agents. Modes, postures, roles, SHA-256 audit chain, lineage custody, signing gate, commi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 505 次。
如何安装 Moses Governance?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install moses-governance」即可一键安装,无需额外配置。
Moses Governance 是免费的吗?
是的,Moses Governance 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Moses Governance 支持哪些平台?
Moses Governance 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Moses Governance?
由 burnmydays(@sunrisesillneversee)开发并维护,当前版本 v0.5.10。
推荐 Skills