Openclaw Workspace Governance Installer
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a coherent, user-directed installer, but it asks you to install a latest external OpenClaw plugin and run commands that can change persistent workspace configuration.
Before installing, verify the GitHub repository and package identity, avoid @latest in production if you need reproducibility, and review any proposed OpenClaw configuration, migration, Brain Docs, or governance changes before approving them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing an unpinned latest plugin can introduce code or behavior that changes over time, even though this is central to the skill's installer purpose.
The skill directs the user to install the latest version of an external plugin and restart the OpenClaw gateway; the plugin code itself is not included in the provided artifact set.
openclaw plugins install @adamchanadam/openclaw-workspace-governance@latest openclaw gateway restart
Verify the package and repository before installing, and consider pinning a reviewed plugin version instead of using @latest for production workspaces.
These commands may alter how a workspace is governed or configured, which can affect future OpenClaw behavior.
The documented commands can change workspace governance and platform configuration, but the skill presents them as explicit user-invoked commands with backup, validation, and rollback.
`gov_setup quick|check|install|upgrade` — deploy, upgrade, or verify governance in one step. ... `gov_openclaw_json` — safely edit platform config (`openclaw.json`) with backup, validation, and rollback.
Run setup, migration, uninstall, and openclaw.json edits deliberately, confirm backups are created, and review audit output before relying on the changed workspace.
Persistent workspace knowledge or guidance may be modified, which could affect later tasks.
Brain Docs appear to be persistent workspace context; changing them can influence future agent behavior, though the artifact says changes are preview-first and reversible.
`gov_brain_audit` — review and harden Brain Docs quality with preview-first approval and rollback.
Preview Brain Docs changes carefully, keep rollback evidence, and avoid approving edits you do not understand.