Unified skill for constraint governance state, periodic reviews, index generation,
round-trip verification, and schema migration. Consolidates 6 granular skills.
Trigger: 定期保守 (periodic maintenance) or HEARTBEAT
Source skills: constraint-reviewer, index-generator, round-trip-tester, governance-state, slug-taxonomy, adoption-monitor (from safety)
openclaw install leegitw/governance
Dependencies:
leegitw/constraint-engine (for constraint data)leegitw/failure-memory (for observation data)# Install full governance stack
openclaw install leegitw/context-verifier
openclaw install leegitw/failure-memory
openclaw install leegitw/constraint-engine
openclaw install leegitw/governance
Standalone usage: Index generation and round-trip verification work independently.
Full governance features require constraint-engine and failure-memory integration.
Data handling: This skill operates within your agent's trust boundary. When triggered,
it uses your agent's configured model for governance analysis and review. No external APIs
or third-party services are called. Results are written to output/governance/ in your workspace.
Constraints that never get reviewed become stale. Rules that never get challenged become dogma. This skill manages the lifecycle:
The insight: Good governance is proactive. Constraints need maintenance, not just creation.
/gov <sub-command> [arguments]
| Command | CJK | Logic | Trigger |
|---|---|---|---|
| --------- | ----- | ------- | --------- |
/gov state | 状態 | central_state, event→alert | HEARTBEAT |
/gov review | 審査 | constraints.due→review_queue | HEARTBEAT |
/gov index | 索引 | skills[]→INDEX.md | Explicit |
/gov verify | 検証 | round_trip(source↔compiled)→sync✓∨drift✗ | Explicit |
/gov migrate | 移行 | schema.v(n)→schema.v(n+1) | Explicit |
| Argument | Required | Description |
|---|---|---|
| ---------- | ---------- | ------------- |
| --summary | No | Show summary only (default: full state) |
| --alerts | No | Show pending alerts only |
| Argument | Required | Description |
|---|---|---|
| ---------- | ---------- | ------------- |
| --due | No | Show only due reviews (default) |
| --all | No | Show all constraints with review dates |
| --complete | No | Mark review as complete |
| Argument | Required | Description |
|---|---|---|
| ---------- | ---------- | ------------- |
| --path | No | Output path (default: agentic/INDEX.md) |
| --format | No | Format: markdown (default), json |
| Argument | Required | Description |
|---|---|---|
| ---------- | ---------- | ------------- |
| source | Yes | Source file or directory |
| compiled | Yes | Compiled/generated file or directory |
| --strict | No | Fail on any difference |
| Argument | Required | Description |
|---|---|---|
| ---------- | ---------- | ------------- |
| --to | Yes | Target schema version |
| --dry-run | No | Show changes without applying |
Configuration is loaded from (in order of precedence):
.openclaw/governance.yaml (OpenClaw standard).claude/governance.yaml (Claude Code compatibility)┌─────────────────────────────────────────┐
│ GOVERNANCE STATE │
├─────────────────────────────────────────┤
│ Constraints: │
│ - Active: 5 │
│ - Draft: 2 │
│ - Retiring: 1 │
│ - Retired: 12 │
├─────────────────────────────────────────┤
│ Reviews: │
│ - Due: 2 (approaching 90-day mark) │
│ - Overdue: 0 │
├─────────────────────────────────────────┤
│ Health: │
│ - Circuit: CLOSED │
│ - Violations (30d): 3 │
│ - Adoption rate: 85% │
├─────────────────────────────────────────┤
│ Alerts: │
│ - [WARN] CON-001 due for review │
│ - [INFO] 2 new observations eligible │
└─────────────────────────────────────────┘
Constraints require periodic review. The review cadence is configurable (default: 90 days):
# .openclaw/governance.yaml
governance:
review_cadence_days: 90 # Default
warning_threshold: 15 # Days before due to warn
| Days Since Last Review | Status | Action |
|---|---|---|
| ------------------------ | -------- | -------- |
| 0-75 | Current | No action |
| 76-90 | Approaching | Warning alert |
| 91+ | Overdue | Escalation alert |
> ⚠️ Advisory Only: This review cycle is not enforced programmatically.
> Compliance relies on HEARTBEAT P3 checks and manual diligence.
> Automated enforcement (/gov review --automated) is planned for future release.
> See HEARTBEAT.md for current verification schedule.
Track constraint adoption across sessions:
| Metric | Calculation | Target |
|---|---|---|
| -------- | ------------- | -------- |
| Adoption rate | Sessions with constraint used / Total sessions | >80% |
| Violation rate | Violations / Checks | <5% |
| Override rate | Overrides / Violations | <20% |
Standard slug prefixes for observations and constraints:
| Prefix | Domain | Examples |
|---|---|---|
| -------- | -------- | ---------- |
git-* | Version control | git-commit-message, git-branch-naming |
test-* | Testing | test-before-commit, test-coverage |
workflow-* | Process | workflow-pr-review, workflow-deploy |
security-* | Security | security-no-secrets, security-auth |
docs-* | Documentation | docs-update-readme, docs-api |
quality-* | Code quality | quality-lint, quality-format |
[GOVERNANCE STATE]
Updated: 2026-02-15 10:30:00
=== Constraints ===
Active: 5 | Draft: 2 | Retiring: 1 | Retired: 12
=== Circuit Breaker ===
Status: CLOSED (healthy)
Violations (30d): 3
=== Reviews ===
Due: 2 constraints approaching 90-day mark
- CON-20251120-001: "Always run tests" (day 87)
- CON-20251125-003: "Lint before commit" (day 82)
=== Adoption ===
Rate: 85% (target: >80%)
Sessions tracked: 47
=== Alerts ===
[WARN] CON-20251120-001 due for review in 3 days
[INFO] 2 observations eligible for constraint generation
[CONSTRAINT REVIEW QUEUE]
Due for review (2):
1. CON-20251120-001: "Always run tests before commit"
Age: 87 days | Status: active
Violations (90d): 2 | Overrides: 0
Adoption: 92%
Options:
a) Renew for 90 days: /ce lifecycle CON-20251120-001 active
b) Begin retirement: /ce lifecycle CON-20251120-001 retiring
c) Immediate retire: /ce lifecycle CON-20251120-001 retired
2. CON-20251125-003: "Always lint before commit"
Age: 82 days | Status: active
Violations (90d): 5 | Overrides: 1
Adoption: 78%
[WARN] Below adoption target (80%)
Consider: Clarify constraint or improve tooling
[INDEX GENERATED]
Path: agentic/INDEX.md
Skills: 7
Updated: 2026-02-15 10:30:00
Contents:
- failure-memory (fm) - Core
- constraint-engine (ce) - Core
- context-verifier (cv) - Foundation
- review-orchestrator (ro) - Review
- governance (gov) - Governance
- safety-checks (sc) - Safety
- workflow-tools (wt) - Extensions
[ROUND-TRIP VERIFICATION]
Source: docs/constraints/
Compiled: output/constraints/
Status: ✓ IN SYNC
Files checked: 12
Matches: 12
Drifts: 0
/gov review --all
[CONSTRAINT REVIEW QUEUE]
Compliance Status (SOC 2):
1. CON-20260101-001: "Always encrypt PII at rest"
Age: 45 days | Status: active
Compliance: SOC 2 CC6.1
Violations (90d): 0 | Adoption: 100%
✓ Compliant
2. CON-20260115-002: "Always log authentication events"
Age: 31 days | Status: active
Compliance: SOC 2 CC6.2
Violations (90d): 1 | Adoption: 98%
⚠ Review violation on 2026-02-01
Summary: 12 constraints | 11 compliant | 1 needs review
/gov state --summary
[GOVERNANCE STATE]
Updated: 2026-02-15 14:00:00
Audit Readiness:
Security constraints: 8 active
Last review: 2026-02-10
Violations (90d): 2 (both resolved)
Override rate: 5% (within policy)
Recommendation: Ready for external audit.
| Condition | Behavior |
|---|---|
| ----------- | ---------- |
| Invalid sub-command | List available sub-commands |
| No constraints found | Info: "No constraints in system" |
| State file corrupted | Rebuild from constraint files |
| Migration conflict | Show conflicts, require manual resolution |
After invoking this skill:
| Condition | Action |
|---|---|
| ----------- | -------- |
| Reviews due | Process each review, update lifecycle |
| Alerts pending | Surface to user, track resolution |
| Index outdated | Regenerate INDEX.md |
| Drift detected | Investigate and reconcile |
This skill reads/writes:
output/
├── governance/
│ ├── state.json # Central governance state
│ ├── reviews/ # Review records
│ │ └── YYYY-MM-DD.md
│ └── alerts.json # Pending alerts
└── constraints/
└── metadata.json # Constraint metadata (adoption, violations)
agentic/
└── INDEX.md # Generated skill index
What this skill accesses:
.openclaw/governance.yaml and .claude/governance.yamloutput/constraints/ (via constraint-engine).learnings/ (via failure-memory)output/governance/agentic/INDEX.mdWhat this skill does NOT access:
What this skill does NOT do:
Dependency note:
This skill reads data from constraint-engine and failure-memory skill workspaces.
Install the full governance stack for complete functionality.
/gov state shows complete governance overview/gov state surfaces alerts for due reviews/gov review lists constraints due for 90-day review/gov review provides clear renewal/retirement options/gov index generates skill index from SKILL.md files/gov verify detects drift between source and compiled/gov migrate handles schema version transitionsConsolidated from 6 skills as part of agentic skills consolidation (2026-02-15).
共 1 个版本