ClawHub

consensus-guard-core

Open-source Consensus.Tools skill for governed AI decisions with board-native artifacts, strict JSON contracts, and deterministic policy behavior.

Audits

Pass
ClawScanPass

Agentic behavior and permission review.

Static analysisPass

Pattern checks against bundled files.

VirusTotalPass

Multi-engine malware detections and file reputation.

Install

openclaw skills install consensus-guard-core

consensus-guard-core

consensus-guard-core is the common policy engine behind the Consensus guard ecosystem.

What this skill/package provides

  • unified hard-block taxonomy
  • deterministic aggregateVotes() policy function
  • deterministic reputation update rules with clamping
  • idempotency key generation for retry-safe execution
  • strict-schema unknown-field rejection helpers
  • indexed board read helpers for scalable artifact lookup

Why this matters

Without a shared core, every guard drifts into incompatible policy logic. This package keeps behavior consistent, replayable, and comparable across domains.

Ecosystem role

consensus-guard-core is consumed by publish/support/merge/action guards and should be treated as policy infrastructure, not an end-user workflow skill.

Benefits for LLM orchestration

  • lower integration drift
  • consistent decision semantics across workflows
  • easier auditing and cross-skill analytics

Runtime, credentials, and network behavior

  • runtime binaries: node, tsx
  • network calls: none in this package's core decision/path helpers
  • credentials: none required by this package
  • environment config read by this package: CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT (for board/state path resolution)
  • filesystem writes: board/state artifacts under the configured consensus state path when callers use write helpers (for example writeArtifact)

Dependency trust model

  • consensus-guard-core is a first-party consensus package
  • versions are semver-pinned in package.json for reproducible installs
  • this skill does not request host-wide privileges and does not mutate other skills
  • note: dependency trees should be audited separately by consumers for transitive packages

Install

npm i consensus-guard-core

Quick start

npm test

Import contract

Use the package root import (stable public API):

import { aggregateVotes, writeArtifact, resolveStatePath } from 'consensus-guard-core';

Do not import internal paths like consensus-guard-core/src/index.mjs in dependent skills.

Tool-call integration

This skill is wired to the consensus-interact contract boundary (via shared consensus-guard-core wrappers where applicable):

  • readBoardPolicy
  • getLatestPersonaSet / getPersonaSet
  • writeArtifact / writeDecision
  • idempotent decision lookup

This keeps board orchestration standardized across skills.

Invoke Contract

This skill exposes a canonical entrypoint:

  • invoke(input, opts?) -> Promise<OutputJson | ErrorJson>

invoke() is primitives-only and delegates to a caller-provided handler. It does not perform persona generation or model/provider calls.

See also: SECURITY-ASSURANCE.md for threat model, runtime boundaries, and hardening guidance.