consensus-support-reply-guard
v1.1.15Risk-aware support response governance with persona-weighted consensus. Detects legal/sensitive/confidentiality issues, applies hard-block policy checks, and...
⭐ 0· 431·0 current·0 all-time
byKai Cianflone@kaicianflone
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (support reply governance) aligns with the code and SKILL.md: the package runs Node, uses a consensus-guard-core library, evaluates drafts, and writes decision artifacts to a configured state path. Minor oddity: the install metadata claims the package 'creates binaries: node, tsx' — installing an npm package normally should not create a system 'node' binary. This appears to be a metadata/packaging description issue rather than functional mismatch, but it's worth noting.
Instruction Scope
SKILL.md and run.js/src/index.mjs show the skill performs deterministic local policy checks, aggregates votes (or accepts external votes), and writes artifacts to the configured consensus state path. The runtime does not reference unrelated system files or secrets; it only uses the consensus state path resolution and calls into consensus-guard-core wrappers for board reads/writes.
Install Mechanism
The install is an npm package (consensus-support-reply-guard) with dependencies declared in package.json and package-lock.json; packages are resolved from the npm registry. There are no ad-hoc downloads from unknown URLs or archive extraction steps in the spec. The package-lock shows normal npm/optional deps (esbuild variants, etc.).
Credentials
Declared required environment variables (CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT) are proportional to the stated behavior (filesystem-backed board/state artifacts). No API keys, tokens, or unrelated credentials are requested. The code does not read other environment variables beyond state path resolution.
Persistence & Privilege
Skill does not request always:true and is user-invocable only. It writes to its configured consensus state path (expected for audit artifacts) and does not modify other skills or system-wide settings. Autonomous invocation is allowed by default but is not combined with any broad credential access.
Assessment
This package appears coherent for local support-reply governance, but before installing: 1) Inspect the consensus-guard-core package (dependency) to confirm its board read/write behavior and where it stores state; 2) Verify exactly how resolveStatePath uses CONSENSUS_STATE_FILE / CONSENSUS_STATE_ROOT to ensure artifacts are written to an intended directory (not a sensitive system path); 3) Treat the install metadata oddity ('creates binaries: node, tsx') as a packaging comment—do not allow any installer to overwrite your system node binary; 4) Run npm audit / review the dependency tree and, if possible, install and run in an isolated environment (container) first. If you rely on this in production, pin dependency versions and review the guard-core package source and release provenance.Like a lobster shell, security has layers — review code before you run it.
latestvk977gve70hwrghwt2wnwvqy9ds8244fd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsnode, tsx
EnvCONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT
Install
Node
Bins: node, tsx
npm i -g consensus-support-reply-guard