consensus-guard-core
INLINECODE0� is the common policy engine behind the Consensus guard ecosystem.
What this skill/package provides
- - unified hard-block taxonomy
- deterministic
aggregateVotes() policy function - deterministic reputation update rules with clamping
- idempotency key generation for retry-safe execution
- strict-schema unknown-field rejection helpers
- indexed board read helpers for scalable artifact lookup
Why this matters
Without a shared core, every guard drifts into incompatible policy logic. This package keeps behavior consistent, replayable, and comparable across domains.
Ecosystem role
INLINECODE2� is consumed by publish/support/merge/action guards and should be treated as policy infrastructure, not an end-user workflow skill.
Benefits for LLM orchestration
- - lower integration drift
- consistent decision semantics across workflows
- easier auditing and cross-skill analytics
Runtime, credentials, and network behavior
- - runtime binaries:
node, �INLINECODE4 - network calls: none in this package's core decision/path helpers
- credentials: none required by this package
- environment config read by this package:
CONSENSUS_STATE_FILE, CONSENSUS_STATE_ROOT (for board/state path resolution) - filesystem writes: board/state artifacts under the configured consensus state path when callers use write helpers (for example
writeArtifact)
Dependency trust model
- -
consensus-guard-core is a first-party consensus package - versions are semver-pinned in
package.json for reproducible installs - this skill does not request host-wide privileges and does not mutate other skills
- note: dependency trees should be audited separately by consumers for transitive packages
Install
CODEBLOCK0
Quick start
CODEBLOCK1
Import contract
Use the package root import (stable public API):
CODEBLOCK2
Do not import internal paths like consensus-guard-core/src/index.mjs in dependent skills.
Tool-call integration
This skill is wired to the consensus-interact contract boundary (via shared consensus-guard-core wrappers where applicable):
- - readBoardPolicy
- getLatestPersonaSet / getPersonaSet
- writeArtifact / writeDecision
- idempotent decision lookup
This keeps board orchestration standardized across skills.
Invoke Contract
This skill exposes a canonical entrypoint:
INLINECODE12� is primitives-only and delegates to a caller-provided handler. It does not perform persona generation or model/provider calls.
See also: SECURITY-ASSURANCE.md for threat model, runtime boundaries, and hardening guidance.
consensus-guard-core
consensus-guard-core 是共识守卫生态系统背后的通用策略引擎。
该技能/包提供的功能
- - 统一的硬块分类法
- 确定性的 aggregateVotes() 策略函数
- 带钳位机制的确定性声誉更新规则
- 用于重试安全执行的幂等键生成
- 严格模式的未知字段拒绝辅助函数
- 用于可扩展工件查找的索引板读取辅助函数
为何重要
如果没有共享核心,每个守卫都会漂移到不兼容的策略逻辑中。该包确保跨领域的行为保持一致、可重放且可比较。
生态系统角色
consensus-guard-core 被发布/支持/合并/操作守卫所使用,应被视为策略基础设施,而非面向终端用户的工作流技能。
对LLM编排的好处
- - 降低集成漂移
- 跨工作流保持一致的决策语义
- 更易于审计和跨技能分析
运行时、凭证和网络行为
- - 运行时二进制文件:node、tsx
- 网络调用:该包的核心决策/路径辅助函数中无网络调用
- 凭证:该包不需要任何凭证
- 该包读取的环境配置:CONSENSUSSTATEFILE、CONSENSUSSTATEROOT(用于板/状态路径解析)
- 文件系统写入:当调用者使用写入辅助函数(例如 writeArtifact)时,在配置的共识状态路径下写入板/状态工件
依赖信任模型
- - consensus-guard-core 是第一方共识包
- 版本在 package.json 中使用 semver 锁定,以实现可重现安装
- 该技能不请求主机级权限,也不修改其他技能
- 注意:消费者应单独审计依赖树中的传递包
安装
bash
npm i consensus-guard-core
快速开始
bash
npm test
导入约定
使用包根导入(稳定的公共API):
js
import { aggregateVotes, writeArtifact, resolveStatePath } from consensus-guard-core;
不要在依赖技能中导入内部路径,如 consensus-guard-core/src/index.mjs。
工具调用集成
该技能连接到共识交互合约边界(通过共享的 consensus-guard-core 包装器,在适用情况下):
- - readBoardPolicy
- getLatestPersonaSet / getPersonaSet
- writeArtifact / writeDecision
- 幂等决策查找
这使得板编排在各技能间保持标准化。
调用合约
该技能暴露一个规范入口点:
- - invoke(input, opts?) -> Promise
invoke() 仅使用原语,并委托给调用者提供的处理程序。它不执行角色生成或模型/提供者调用。
另请参阅:SECURITY-ASSURANCE.md 了解威胁模型、运行时边界和加固指南。
