← 返回
未分类 中文

Pilot Compliance Governance Setup

Deploy a compliance and governance system with 4 agents. Use this skill when: 1. User wants to set up automated compliance enforcement 2. User is configuring...
部署包含4个代理的合规治理系统。使用场景:1. 用户需要设置自动化合规执行;2. 用户正在配置...
teoslayer teoslayer 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 329
下载
💾 0
安装
1
版本
#latest

概述

Compliance & Governance Setup

Deploy 4 agents: policy engine, auditor, certifier, and reporter.

Roles

RoleHostnameSkillsPurpose
---------------------------------
policy-engine-policypilot-event-filter, pilot-sla, pilot-workflow, pilot-task-chainEvaluates governance rules
auditor-auditorpilot-audit-log, pilot-verify, pilot-event-log, pilot-cronTamper-evident audit trail
certifier-certifierpilot-certificate, pilot-keychain, pilot-verify, pilot-receiptIssues compliance certificates
reporter-reporterpilot-metrics, pilot-webhook-bridge, pilot-slack-bridge, pilot-archiveGenerates compliance reports

Setup Procedure

Step 1: Ask the user which role and prefix.

Step 2: Install skills:

# policy-engine:
clawhub install pilot-event-filter pilot-sla pilot-workflow pilot-task-chain
# auditor:
clawhub install pilot-audit-log pilot-verify pilot-event-log pilot-cron
# certifier:
clawhub install pilot-certificate pilot-keychain pilot-verify pilot-receipt
# reporter:
clawhub install pilot-metrics pilot-webhook-bridge pilot-slack-bridge pilot-archive

Step 3: Set hostname and write manifest to ~/.pilot/setups/compliance-governance.json.

Step 4: Handshake: policy↔auditor, policy↔certifier, auditor↔reporter, certifier↔reporter.

Manifest Templates Per Role

policy-engine

{
  "setup": "compliance-governance", "role": "policy-engine", "role_name": "Policy Engine",
  "hostname": "<prefix>-policy",
  "skills": {
    "pilot-event-filter": "Evaluate agent actions against governance rules.",
    "pilot-sla": "Enforce SLA policies and response deadlines.",
    "pilot-workflow": "Define multi-step compliance workflows.",
    "pilot-task-chain": "Chain policy checks sequentially."
  },
  "data_flows": [
    { "direction": "send", "peer": "<prefix>-auditor", "port": 1002, "topic": "policy-violation", "description": "Violations for logging" },
    { "direction": "send", "peer": "<prefix>-certifier", "port": 1002, "topic": "cert-request", "description": "Certification requests" }
  ],
  "handshakes_needed": ["<prefix>-auditor", "<prefix>-certifier"]
}

auditor

{
  "setup": "compliance-governance", "role": "auditor", "role_name": "Audit Trail",
  "hostname": "<prefix>-auditor",
  "skills": {
    "pilot-audit-log": "Maintain tamper-evident, append-only audit logs.",
    "pilot-verify": "Run periodic integrity checks on logs.",
    "pilot-event-log": "Searchable event log of all agent actions.",
    "pilot-cron": "Schedule periodic audit sweeps."
  },
  "data_flows": [
    { "direction": "receive", "peer": "<prefix>-policy", "port": 1002, "topic": "policy-violation", "description": "Violations" },
    { "direction": "send", "peer": "<prefix>-reporter", "port": 1002, "topic": "audit-finding", "description": "Audit data for reports" }
  ],
  "handshakes_needed": ["<prefix>-policy", "<prefix>-reporter"]
}

certifier

{
  "setup": "compliance-governance", "role": "certifier", "role_name": "Compliance Certifier",
  "hostname": "<prefix>-certifier",
  "skills": {
    "pilot-certificate": "Issue Ed25519-signed compliance certificates.",
    "pilot-keychain": "Manage signing keys with auto-expiry.",
    "pilot-verify": "Verify existing certificates.",
    "pilot-receipt": "Issue certification receipts."
  },
  "data_flows": [
    { "direction": "receive", "peer": "<prefix>-policy", "port": 1002, "topic": "cert-request", "description": "Certification requests" },
    { "direction": "send", "peer": "<prefix>-reporter", "port": 1002, "topic": "cert-issued", "description": "Certification records" }
  ],
  "handshakes_needed": ["<prefix>-policy", "<prefix>-reporter"]
}

reporter

{
  "setup": "compliance-governance", "role": "reporter", "role_name": "Compliance Reporter",
  "hostname": "<prefix>-reporter",
  "skills": {
    "pilot-metrics": "Aggregate compliance metrics (violation rates, cert counts).",
    "pilot-webhook-bridge": "Forward reports to external systems.",
    "pilot-slack-bridge": "Post compliance summaries to Slack.",
    "pilot-archive": "Archive reports for retention."
  },
  "data_flows": [
    { "direction": "receive", "peer": "<prefix>-auditor", "port": 1002, "topic": "audit-finding", "description": "Audit data" },
    { "direction": "receive", "peer": "<prefix>-certifier", "port": 1002, "topic": "cert-issued", "description": "Certification records" }
  ],
  "handshakes_needed": ["<prefix>-auditor", "<prefix>-certifier"]
}

Data Flows

  • policy → auditor : policy violations (port 1002)
  • policy → certifier : certification requests (port 1002)
  • auditor → reporter : audit data for reports (port 1002)
  • certifier → reporter : certification records (port 1002)

Workflow Example

# On policy-engine:
pilotctl --json publish <prefix>-auditor policy-violation '{"agent":"data-proc-3","action":"write_to_prod","severity":"high"}'
pilotctl --json publish <prefix>-certifier cert-request '{"agent":"data-proc-1","scope":"prod-write"}'
# On auditor:
pilotctl --json publish <prefix>-reporter audit-finding '{"finding_id":"AUD-721","violation":"unauthorized prod write"}'
# On certifier:
pilotctl --json publish <prefix>-reporter cert-issued '{"cert_id":"CERT-315","agent":"data-proc-1","scope":"prod-write"}'

Dependencies

Requires pilot-protocol skill, pilotctl binary, clawhub binary, and a running daemon.

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-07 18:43 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

ai-agent

self-improving agent

pskoett
记录自身发现以实现自我改进的技能
★ 4,175 📥 946,180
ai-agent

Find Skills

root
帮助用户发现和安装智能体技能,当用户询问如「如何做X」、「找X的技能」、「有能做...的吗」等问题时
★ 1,528 📥 582,828
it-ops-security

Pilot Priority Queue

teoslayer
基于Pilot协议网络的优先级消息传递,支持紧急程度级别。适用场景:1. 需要处理带优先级的紧急消息...
★ 0 📥 562