📦 Moses Modes — 行为约束注入
v1.0.3MO§ES™ 治理模式可在活跃模式下把行为约束注入所有智能体提示词,提供高安全、高完整、创意、研究等8种模式,确保输出符合预设策略与合规要求。
0· 294·1 当前·1 累计
by 下载技能包
最后更新
2026/4/1
安全扫描
OpenClaw
安全
medium confidenceThe skill's requirements and runtime instructions are consistent with a governance/mode-injection tool, but it asks the agent to read a user state file and to log internal reasoning chains — which have privacy and audit implications you should confirm before enabling.
评估建议
This skill appears to be what it says (a governance mode injector), but before installing: 1) Confirm the trusted source of the moses-governance bundle and the procedure for setting state (init_state.py). 2) Ask where "logs" and the "reasoning chain" are stored, how long they are retained, and who/what can read them — chain-of-thought may include sensitive data. 3) Test the mode behavior in a sandboxed agent to see exactly how it modifies prompts and whether it writes files beyond the declared s...详细分析 ▾
✓ 用途与能力
Name/description match behavior: the skill injects governance constraints and reads the declared state file (~/.openclaw/governance/state.json). The SKILL.md declares the moses-governance dependency for /govern operations; no unrelated binaries, credentials, or config paths are requested.
ℹ 指令范围
Instructions are narrowly scoped to loading the active mode and applying the listed constraints. However several modes direct the agent to "log full reasoning chain" or "maintain growth log," which implies retention of chain‑of‑thought and internal reasoning. That has potential privacy/exfiltration implications and the SKILL.md is vague about where/what is logged and how long logs are retained.
✓ 安装机制
Instruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or executed on install based on provided metadata.
ℹ 凭证需求
No environment variables, credentials, or unrelated config paths are requested. The single filesystem access (stateDirs: ~/.openclaw/governance) is proportional to the declared purpose, but you should confirm what files are read/written (especially logs) and whether other skills can access the same state/logs.
ℹ 持久化与权限
The skill is not set to always:true and is user-invocable — appropriate for governance. Still, its design to 'inject constraints into all agent prompts' gives it global effect over agent behavior; combined with retained logs or chain-of-thought recording this increases blast radius. No evidence it modifies other skills' configurations.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.32026/3/14
Auto-publish from commit d201c8b4ce70f4f2078a92ce99723e7715dc6d2a
● 无害
安装命令
点击复制官方npx clawhub@latest install moses-modes
镜像加速npx clawhub@latest install moses-modes --registry https://cn.longxiaskill.com