Governed Agents
Deterministic verification + reputation scoring for AI sub-agents. Prevents hallucinated success ("I did it!") by verifying claims independently before updating the agent's score.
Pure Python stdlib — zero external dependencies.
Capabilities
Spawns external CLIs (codex, openclaw, git, pytest) and makes HTTP HEAD requests.
When to Use
Use this skill when you need to:
- - Spawn sub-agents and verify their output automatically
- Score agent reliability across tasks (EMA-based reputation)
- Detect hallucinated success — agent claims "done" but files are missing or tests fail
- Verify open-ended tasks (research, analysis, strategy) via LLM Council
- Enforce supervision levels based on agent track record
Quick Start
Coding Tasks (Deterministic Verification)
CODEBLOCK0
Open-Ended Tasks (3-Layer Pipeline + LLM Council)
CODEBLOCK1
CLI Spawning (Codex / OpenClaw)
CODEBLOCK2
Verification Modes
Deterministic (Coding Tasks)
4 gates run automatically — all must pass:
| Gate | Check | Signal |
|---|
| Files | Required files exist and are non-empty | Hard fail |
| Tests |
Test command exits 0 | Hard fail |
|
Lint | No lint errors | Hard fail |
|
AST | Python files parse without SyntaxError | Hard fail |
If agent claims SUCCESS but any gate fails → score override to -1.0 (hallucination penalty).
Council (Open-Ended Tasks)
3-layer pipeline with short-circuit:
- 1. Structural Gate (<1s) — word count, required sections, no empty sections
- Grounding Gate (5–30s) — URL reachability, citation checks
- LLM Council (30–120s) — N independent reviewers, majority vote
If Layer 1 fails → no LLM calls, instant result, zero cost.
Reputation System
CODEBLOCK3�
| Score | Meaning |
|---|
| +1.0 | Verified success (first try) |
| +0.7 |
Verified success (after retry) |
| +0.5 | Honest blocker report |
| 0.0 | Failed but tried |
| −1.0 | Hallucinated success |
Supervision Levels
| Reputation | Level | Effect |
|---|
| > 0.8 | autonomous | Full trust |
| > 0.6 |
standard | Normal supervision |
| > 0.4 | supervised | Checkpoints required |
| > 0.2 | strict | Model override to Opus |
| ≤ 0.2 | suspended | Task blocked |
Task-Type Profiles
Pre-configured gate combinations:
| INLINECODE1 | Layer 1 | Layer 2 | Min words |
|---|
| INLINECODE2 | wordcount, sourceslist | urlreachable, citations | 200 |
| INLINECODE3 |
wordcount, required
sections | numbersconsistent | 150 |
|
strategy | required
sections, wordcount | cross
refsresolve | 100 |
|
writing | word_count | — | 50 |
|
planning | required
sections, hassteps | dates_valid | 50 |
Installation
CODEBLOCK4
Tests
CODEBLOCK5
受控代理
为AI子代理提供确定性验证+信誉评分。通过在更新代理评分前独立验证其声明,防止幻觉式成功(我完成了!)。
纯Python标准库——零外部依赖。
能力
可生成外部CLI(codex、openclaw、git、pytest)并发送HTTP HEAD请求。
适用场景
在以下情况下使用此技能:
- - 生成子代理并自动验证其输出
- 跨任务评分代理可靠性(基于EMA的信誉)
- 检测幻觉式成功——代理声称完成但文件缺失或测试失败
- 通过LLM委员会验证开放式任务(研究、分析、策略)
- 基于代理历史记录强制执行监督级别
快速入门
编码任务(确定性验证)
python
from governed_agents.contract import TaskContract
from governed_agents.orchestrator import GovernedOrchestrator
contract = TaskContract(
objective=添加JWT认证端点,
acceptance_criteria=[POST /api/auth 返回JWT, 测试通过],
requiredfiles=[api/auth.py, tests/testauth.py],
runtests=pytest tests/testauth.py -v,
)
g = GovernedOrchestrator(contract, model=openai/gpt-5.2-codex)
代理完成后:
result = g.record_success() # 运行关卡,更新信誉
开放式任务(三层流水线 + LLM委员会)
python
contract = TaskContract(
objective=编写认证模块的架构决策记录,
acceptance_criteria=[记录了权衡, 陈述了决策],
verification_mode=council,
task_type=analysis,
council_size=3,
)
g = GovernedOrchestrator(contract, model=openai/gpt-5.2-codex)
prompts = g.generatecounciltasks(worker_output)
result = g.recordcouncilverdict(rawrevieweroutputs)
→ 委员会:2/3 批准(评分=0.67,通过 ✅)
CLI生成(Codex / OpenClaw)
python
from governedagents.openclawwrapper import spawn_governed
contract = TaskContract(
objective=构建待办事项REST API,
acceptance_criteria=[CRUD端点正常工作, 测试通过],
requiredfiles=[api.py, tests/testapi.py],
)
默认使用Codex 5.3 CLI
result = spawn_governed(contract, engine=codex53)
或通过OpenClaw代理CLI:
result = spawn_governed(contract, engine=openclaw)
验证模式
确定性验证(编码任务)
自动运行4道关卡——必须全部通过:
测试命令退出码为0 | 硬性失败 |
|
代码检查 | 无代码检查错误 | 硬性失败 |
|
AST | Python文件解析无SyntaxError | 硬性失败 |
如果代理声称成功但任何关卡失败 → 评分覆盖为 -1.0(幻觉惩罚)。
委员会验证(开放式任务)
三层流水线,带短路机制:
- 1. 结构关卡(<1秒)——字数、必需章节、无空章节
- 基础关卡(5–30秒)——URL可达性、引用检查
- LLM委员会(30–120秒)——N个独立评审员,多数投票
如果第1层失败 → 不调用LLM,即时结果,零成本。
信誉系统
R(t+1) = (1 − α) · R(t) + α · s(t), α = 0.3
验证成功(重试后) |
| +0.5 | 诚实报告障碍 |
| 0.0 | 失败但尝试过 |
| −1.0 | 幻觉式成功 |
监督级别
标准 | 正常监督 |
| > 0.4 | 受监督 | 需要检查点 |
| > 0.2 | 严格 | 模型覆盖为Opus |
| ≤ 0.2 | 暂停 | 任务被阻止 |
任务类型配置
预配置的关卡组合:
| task_type | 第1层 | 第2层 | 最少字数 |
|---|
| research | 字数、来源列表 | URL可达性、引用 | 200 |
| analysis |
字数、必需章节 | 数字一致性 | 150 |
| strategy | 必需章节、字数 | 交叉引用解析 | 100 |
| writing | 字数 | — | 50 |
| planning | 必需章节、包含步骤 | 日期有效性 | 50 |
安装
bash
bash install.sh
→ 将 governedagents/ 复制到 $OPENCLAWWORKSPACE/governed_agents/
→ 运行验证套件(37个测试)
测试
bash
python3 -m pytest governedagents/testverification.py \
governedagents/testcouncil.py \
governedagents/testprofiles.py -v
37 通过
