AI SummaryThis skill enables developers to create cryptographically signed, immutable constitutions for AI tool-use governance in OpenClaw, with Ed25519 signing, GitTruth attestation, and policy evaluation artifacts. It's designed for teams implementing constitutional governance frameworks for AI agents.
Install
Copy this and paste it into Claude Code, Cursor, or any AI assistant:
I want to install the "aos-constitutional-governance" skill in my project. Please run this command in my terminal: # Install skill into the correct directory mkdir -p .claude/skills/aos-openclaw-constitutional && curl --retry 3 --retry-delay 2 --retry-all-errors -o .claude/skills/aos-openclaw-constitutional/SKILL.md "https://raw.githubusercontent.com/genesalvatore/aos-openclaw-constitutional/main/SKILL.md" Then restart Claude Code (or reload the window in Cursor) so the skill is picked up.
Description
Create, sign (Ed25519), verify, and audit an AOS-style immutable constitution for OpenClaw. Use when implementing constitutional governance beneath SOUL.md, designing deny/confirm/allow policy evaluation, generating constitution.yaml + constitution.sig, validating GitTruth attestations, building tamper-evident tool-call logs, or preparing a reference implementation skill/plugin for OpenClaw.
AOS Constitutional Governance (OpenClaw)
Implement AOS-style two-layer governance for tool-using assistants: • Immutable Constitution (locked): signed + GitTruth-attested policy enforced at runtime. • Mutable Identity (flexible): persona/workflow guidance (e.g., SOUL.md). • User Task Intent (ephemeral): per-request justification, confirmations, and overrides. This Skill focuses on Phase 1 deliverables (spec + signing + verification + audit artifacts) and provides the evaluation algorithm needed for Phase 2 (Gateway enforcement). Clarification: This repository demonstrates a reference integration between agent frameworks and constitutional governance concepts. It does not grant patent rights or disclose enforcement mechanisms beyond illustrative examples.
Files produced
• constitution.yaml — human-readable policy • constitution.c14n.json — canonical JSON used for hashing/signing • constitution.sig.json — detached Ed25519 signature metadata • constitution.attestation.json — GitTruth attestation metadata (pointer)
Canonicalization + signing
• Convert constitution.yaml → canonical JSON (sorted keys, normalized scalars). • Compute doc_hash = sha256(c14n_json_bytes). • Sign doc_hash with Ed25519 → signature. • Commit constitution.yaml + constitution.sig.json to git. • GitTruth attests the commit. • Gateway verifies (a) Ed25519 signature over doc_hash, and (b) GitTruth attestation for the commit. Use scripts: • scripts/c14n.py — canonicalize YAML→JSON • scripts/sign.py — Ed25519 sign • scripts/verify.py — verify Ed25519 + (optionally) GitTruth attestation
Decision model
The policy engine returns one of: • DENY: tool call is blocked (constitutional). • CONFIRM: tool call is paused pending explicit user approval (scoped override token). • ALLOW: tool call may execute. If multiple rules match, select the most restrictive decision: DENY > CONFIRM > ALLOW and merge obligations (logging, disclosure, reflection) from all matched rules.
Discussion
Health Signals
My Fox Den
Community Rating
Sign in to rate this booster