PolitiClaw

PolitiClaw is a local-first civic copilot. The plugin contacts a deliberately small set of read-only default hosts: api.congress.gov (federal bills, House roll-call votes, committee schedules — gated on the apiDataGov key), api.open.fec.gov (federal campaign finance — also gated on apiDataGov), voteview.com (Senate roll-call votes, zero-key), www.googleapis.com/civicinfo (ballot lookup, gated on the googleCivic key), api.geocod.io (optional reps-by-address, gated on the geocodio key), geocoding.geo.census.gov (zero-key geocoder fallback), www2.census.gov/geo/tiger (one-time bulk download of state-level TIGER shapefiles for offline rep-by-address lookup), and raw.githubusercontent.com/unitedstates/congress-legislators (pinned path for offline legislator metadata, zero-key). If the user configures plugins.entries.politiclaw.config.sources.bills.scraperBaseUrl, the federal bill resolver may also contact that user-supplied unitedstates/congress scraper mirror for single-bill lookups; no mirror URL is bundled or endorsed. The plugin's configSchema declares exactly three named provider keys — apiDataGov (required), geocodio (optional), and googleCivic (optional) — matching the wired adapters one-for-one. Unknown legacy key strings are tolerated only so older configs keep validating; the runtime ignores them and the key-saving tools do not write them. Keys are stored via gateway config.patch under plugins.entries.politiclaw.config.apiKeys.*, never in agent memory and never logged. The README documents three additional providers (openStates, legiscan, followTheMoney) as roadmap entries for state-level coverage; these are intentionally not declared as named schema keys because their adapters are not yet wired. A web-search adapter exists in source under src/sources/webSearch/ but is intentionally deferred — it returns "unavailable" until a gateway-provided web-search transport is locked in; no LLM-search calls are made at runtime. Cron jobs are gateway-managed templates (no shell exec, no eval, no dynamic code loading). The local dashboard binds 127.0.0.1 via the gateway's plugin-auth surface with double-submit CSRF (SameSite=Strict) and a 256 KB body cap. SQLite DB lives under the gateway state dir. Outreach tools draft letters with no send path — the user copies them to their own client. LLM-derived bill ratings are disclosed inline on every output and are reviewable / reversible via politiclaw_review_auto_ratings and politiclaw_resolve_auto_rating. Skill rules forbid prescriptive voting recommendations. Upstream API responses are treated as data, not instructions.