ClawHub

consensus-interact

v1.0.9

Operate consensus.tools end-to-end (post jobs, create submissions, cast votes, resolve results) using either a local-first board or a hosted board (depending...

1· 1.4k·1 current·1 all-time
byKai Cianflone@kaicianflone
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included documentation and CLI surface. The files (SKILL.md, JOBS.md, README, references) consistently describe a local-first consensus CLI and an optional hosted mode. There are no requested env vars, binaries, or config paths that are unrelated to operating a consensus board.
Instruction Scope
Runtime instructions focus on installing the npm package and using OpenClaw/consensus CLI to post jobs, submit, vote, and resolve. The docs explicitly describe optional hosted-mode env vars (CONSENSUS_MODE, CONSENSUS_URL, CONSENSUS_BOARD_ID, CONSENSUS_API_KEY) and require enabling safety.allowNetworkSideEffects to perform remote mutations. This is expected but important: enabling global/hosted mode and network side effects permits the skill to make network calls that mutate remote boards.
Install Mechanism
The registry package is instruction-only (no automated install spec). The SKILL.md recommends installing the published npm package @consensus-tools/consensus-tools or installing an OpenClaw plugin — both are standard, traceable sources (npm/GitHub). No opaque downloads, URL shorteners, or extract/install from untrusted hosts are present.
Credentials
No required env vars are declared; optional vars (CONSENSUS_MODE, CONSENSUS_URL, CONSENSUS_BOARD_ID, CONSENSUS_API_KEY or global.accessToken) are appropriate for a hosted-board mode. Requesting an access token only for hosted operation is proportionate. Users should be aware that enabling hosted/global mode requires network credentials and explicit safety toggles to allow mutations.
Persistence & Privilege
The skill does not request always:true and does not claim elevated system privileges. It registers optional side-effect agent tools; autonomous invocation (disable-model-invocation: false) is the platform default. Nothing in the files attempts to modify other skills or system-wide configs.
Assessment
This skill appears to do what it says: operate a local-first consensus engine and optionally connect to a hosted board. Before installing or enabling hosted/global mode, review the upstream npm package and GitHub repo, and only provide CONSENSUS_API_KEY/global.accessToken to trusted hosts. Keep network side effects disabled (safety.allowNetworkSideEffects=false) unless you intentionally want the agent to mutate remote boards. Treat optional side-effect tools as opt-in, run initial tests in an isolated environment, and rotate any tokens you grant. Note also the AI-SELF-IMPROVEMENT.md explicitly targets self-modification workflows — be cautious if you allow autonomous agents to run consensus-based self-improvement loops without human review.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b25s9skbbe0y6wgrgjknw7d81fhc9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments