Moses Postures
ReviewAudited by ClawScan on May 18, 2026.
Overview
This instruction-only governance skill is transparent about its purpose, but its OFFENSE/Unrestricted mode can authorize fully autonomous execution or transactions with limited bounds shown in the artifact.
Install only if you want an agent-wide posture policy and understand the consequences of each mode. Keep the posture in SCOUT or DEFENSE for normal use, review the separate moses-governance dependency, and avoid Unrestricted + OFFENSE unless you have independent safeguards and are comfortable with autonomous execution risk.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this posture is active and the agent has other transaction or execution tools available, it may take high-impact actions without asking again.
This explicitly permits autonomous execution in an unrestricted posture/mode combination, with logging but no confirmation, transaction size limits, rollback, or containment described in this artifact.
| Unrestricted + OFFENSE | Full autonomy. Logged. Operator accepts all risk. |
Use SCOUT or DEFENSE by default, avoid Unrestricted + OFFENSE unless you have separate hard limits and confirmations, and verify any transaction-capable tools before enabling this posture.
The agent may refuse actions in SCOUT, require confirmations in DEFENSE, or proceed more freely in OFFENSE depending on the stored posture.
The skill intentionally makes posture and mode authoritative over later user requests. This is purpose-aligned for governance, but users should understand it can override or redirect normal agent behavior.
Posture is the throttle. Mode is the rulebook. Both always apply.
Set the active posture deliberately and check it before asking the agent to perform sensitive actions.
The actual behavior of posture-setting depends partly on another installed skill, so the safety of the combined setup cannot be fully determined from this package alone.
This reviewed package is instruction-only but depends on a separate skill bundle and helper script for state management; that code was not part of the provided artifacts.
invokes `init_state.py` from the **moses-governance** skill bundle
Review and trust the moses-governance skill and its init_state.py script before installing or using this posture skill.
If the posture file is changed unexpectedly, the agent could become more restrictive or more permissive than the user intended.
A persistent local state file controls later agent behavior for sensitive actions. This is disclosed and expected for the skill, but the file becomes security-relevant.
Load active posture from `~/.openclaw/governance/state.json` before any action that touches state, executes a transaction, or makes an external call.
Keep the governance state file under your control, audit changes to it, and confirm the active posture before sensitive work.