SkillHub

kevros-governance

v0.3.8

实现AI智能体密码学治理,验证操作合规性并记录签名防篡改审计追踪。

Sourced from ClawHub, Authored by knuckles-stack

Installation

Please help me install the skill `kevros-governance` from SkillHub official store. npx skills add knuckles-stack/kevros-governance

Kevros — Governance-as-a-Service for AI Agents

Every agent action verified. Every decision recorded. Every record signed.

What This Does

Kevros adds cryptographic governance to any AI agent. Before your agent takes an action (deploy code, move money, access data), Kevros evaluates it against your policies and returns a signed decision: ALLOW, CLAMP (adjusted to safe bounds), or DENY.

Every decision is appended to a hash-chained, tamper-evident evidence ledger. Auditors can verify the entire chain without your source code.

Quick Start

from kevros_governance import GovernanceClient

client = GovernanceClient(agent_id="my-agent")
result = client.verify(
    action_type="trade",
    action_payload={"symbol": "AAPL", "qty": 100},
    agent_id="my-agent",
)
print(result.decision)  # ALLOW, CLAMP, or DENY

Or use the API directly:

# Get a free API key (instant, no credit card)
curl -X POST https://governance.taskhawktech.com/signup 
  -H "Content-Type: application/json" 
  -d '{"agent_id": "my-agent"}'

# Verify an action
curl -X POST https://governance.taskhawktech.com/governance/verify 
  -H "X-API-Key: kvrs_..." 
  -H "Content-Type: application/json" 
  -d '{"action_type": "deploy", "action_payload": {"service": "api"}, "agent_id": "my-agent"}'

Governance Primitives

Primitive What It Proves Cost
Verify Agent is authorized — signed ALLOW/CLAMP/DENY $0.01
Attest Action happened — hash-chained evidence $0.02
Bind Intent matched command — cryptographic binding $0.02
Bundle Compliance evidence package — independently verifiable $0.25
Media Attest Media file integrity — SHA-256 in provenance chain $0.05

Free endpoints: verify-outcome, verify-token, verify-certificate, reputation lookup, passport, media verify.

Payment

  • Free tier: 1,000 calls/month, instant signup, no credit card
  • x402 (USDC on Base): Pay per call, no API key needed
  • Subscription: Scout $29/mo, Sentinel $149/mo, Sovereign $499/mo

Why Agents Need This

  • Audit trails: When regulators ask "who authorized this agent action?", you have cryptographic proof
  • Fail-closed safety: If governance fails, the agent stops. Not the other way around
  • Trust between agents: Agent B can verify Agent A's release token without trusting Agent A
  • Evidence chain: Hash-chained, append-only, independently verifiable

Integration

  • Python SDK: pip install kevros
  • TypeScript SDK: npm install @kevros/agentkit
  • MCP: https://governance.taskhawktech.com/mcp/
  • A2A: https://governance.taskhawktech.com/.well-known/agent.json
  • x402: https://governance.taskhawktech.com/.well-known/x402
  • REST API: https://governance.taskhawktech.com/api

Works with LangChain, CrewAI, OpenAI Agents SDK, Microsoft Agent Framework, and any HTTP client.

  • Website: https://www.taskhawktech.com
  • API Docs: https://governance.taskhawktech.com/api
  • Quickstart: https://www.taskhawktech.com/quickstart
  • Playground: https://www.taskhawktech.com/playground