Accountable AI
v1.0.0Implements governance for AI teams by defining roles, decision authority, procedures, and delegation to ensure accountability and traceable actions.
⭐ 0· 72·0 current·0 all-time
by@kgapol
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name and description match the artifacts and actions: the package provides governance documents and an installer that copies those documents into ~/.accountable-ai. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md and the docs instruct agents to read and write workspace memory files, maintain logs, follow delegation procedures, and (if they have repo access) commit changes. Those actions are consistent with a governance framework, but a few directives are ambiguous or risky in practice (e.g., guidance to delete BOOTSTRAP.md, the contradictory 'Don't ask permission. Just do it.' vs. 'When in doubt, ask.', and explicit permission to 'commit and push your own changes' if repo access exists). These could enable unintended autonomous modifications if agents are overly permissive.
Install Mechanism
The only install artifact is install.sh which copies static markdown files into $HOME/.accountable-ai. There are no network downloads, archive extraction, or execution of fetched code. Installation is low-risk and easily inspected before running.
Credentials
The skill requests no environment variables or credentials. The documents mention agent-config files and repo access as operational context but do not require or attempt to obtain secrets. The scope of access described (workspace files, memory files) is proportional to a governance/training framework.
Persistence & Privilege
Persistence is minimal: install.sh creates ~/.accountable-ai and copies docs there. It does not set system-wide settings, modify other skills, or request always:true. Still, it writes files to the user's home directory and makes the installer script executable; that persistent presence is reasonable for documentation but worth noting.
Assessment
This package appears to be a documentation-only governance framework and is internally consistent. Before installing: (1) Inspect the three markdown files locally (GOVERNANCE.md, PROCEDURES.md, DELEGATION.md) and confirm you agree with the behavioral rules (especially any items that allow agents to modify files or delete BOOTSTRAP.md). (2) Prefer manually copying the files into your agent workspace instead of running install.sh if you want to control where files land. (3) Ensure agents that will load these documents do not have unrestricted credentials (git push, cloud creds) unless you explicitly trust them — the docs permit committing/pushing if repo access exists. (4) Backup any existing BOOTSTRAP.md or memory files before following 'first run' instructions. (5) If you enforce least privilege for agents, review and tighten agent policies so automated behaviors (deletion, repo pushes, broad filesystem writes) require administrator approval.Like a lobster shell, security has layers — review code before you run it.
latestvk97fan29dsex1m90a59t60mv8583xe8y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.