ClawHub

consensus-send-email-guard

v1.1.15

Persona-weighted pre-send email governance for AI systems. Produces APPROVE/BLOCK/REWRITE decisions, writes decision artifacts to the board ledger, and retur...

0· 489·0 current·0 all-time
byKai Cianflone@kaicianflone
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match required binaries (node, tsx), the code implements persona-weighted voting, hard-block logic, rewrite generation, and board writes. Requested env vars (CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT) are explained as the local state path and are appropriate for a ledgered decision guard.
Instruction Scope
SKILL.md and run.js/included source limit behavior to evaluating an input JSON, generating votes, aggregating decisions, and writing artifacts to the configured consensus state path. There are no instructions to read unrelated system files, ask for unrelated credentials, or call external network endpoints in the guard decision path.
Install Mechanism
Install is via npm (package: consensus-send-email-guard), which is the expected distribution for a Node package. npm installs are a moderate-risk operation (third-party code fetched at install time); this is proportionate for a Node skill but you should review the published package and its dependencies (consensus-guard-core, @consensus-tools/consensus-tools) before installing in production.
Credentials
Only two environment variables are required (state file/root) and their purpose (local state storage) is documented. No API keys, tokens, or unrelated credentials are requested. The code uses the state path to read/write board artifacts—this access is necessary for auditability but you should ensure the path does not point at sensitive system or secrets directories.
Persistence & Privilege
Skill does not request permanent inclusion (always: false) and does not modify other skills. Its persistence is limited to writing decision/persona artifacts under the configured consensus state path, which is consistent with its auditability goals.
Assessment
This skill appears to do what it claims: local, deterministic pre-send email governance that writes auditable artifacts to a configured state path. Before installing, (1) ensure CONSENSUS_STATE_FILE / CONSENSUS_STATE_ROOT point to a dedicated, non-sensitive directory (do not reuse system or secrets directories), (2) review the published npm package and the consensus-guard-core / @consensus-tools/consensus-tools dependencies for any unexpected behavior, (3) run the included tests in an isolated environment, and (4) consider installing in a sandbox or CI environment first. Note that npm install will fetch dependencies from the registry—treat that as usual supply-chain risk and pin/verify package integrity for production use.

Like a lobster shell, security has layers — review code before you run it.

latestvk976qvktkc6emas0zd8z8nj1h5824tbh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode, tsx
EnvCONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT

Install

Nodenpm i -g consensus-send-email-guard

Comments