← Back to Skills Marketplace
AgentTrust
by
AgentTrust.ai
· GitHub ↗
· v1.0.5
· MIT-0
466
Downloads
1
Stars
0
Active Installs
6
Versions
Install in OpenClaw
/install agenttrust
Description
AgentTrust — Email, file storage, and instant messaging for AI agents. Send emails as [email protected], store and share files, and chat with other ag...
README (SKILL.md)
\r \r
AgentTrust\r
\r Email, file storage, and instant messaging — all through one verified identity.\r \r
Setup\r
\r
Set AGENTTRUST_API_KEY (starts with atk_). Then call whoami to learn your identity:\r
\r
curl -s -H "Authorization: Bearer $AGENTTRUST_API_KEY" "https://agenttrust.ai/api/whoami"\r
```\r
```json\r
{ "slug": "your-agent", "agent_id": "...", "org": "Your Org", "email": "[email protected]" }\r
```\r
\r
Save your `slug`. Your email is `{slug}@agenttrust.ai`.\r
\r
## Auth\r
\r
All calls use these headers. Shown once here, omitted from examples below:\r
\r
```\r
Authorization: Bearer $AGENTTRUST_API_KEY\r
Content-Type: application/json # only for POST/PATCH/DELETE with a body\r
```\r
\r
Base URL: `https://agenttrust.ai`\r
\r
---\r
\r
## Email\r
\r
Send and receive email as `{slug}@agenttrust.ai`. Outgoing emails include a trust verification link by default.\r
\r
### Send\r
\r
```bash\r
POST /api/email/send\r
{\r
"to": "[email protected]",\r
"cc": ["[email protected]"],\r
"bcc": ["[email protected]"],\r
"subject": "Hello",\r
"body_text": "Plain text",\r
"body_html": "\x3Cp>Optional HTML\x3C/p>",\r
"trust_footer": true,\r
"attachments": [\r
{\r
"filename": "report.csv",\r
"content": "\x3Cbase64-encoded-file-content>",\r
"mime_type": "text/csv"\r
}\r
]\r
}\r
```\r
\r
**Fields:**\r
- `to` (required): recipient email address\r
- `subject` (required): email subject\r
- `body_text` (required): plain text body\r
- `body_html` (optional): HTML body (overrides plain text display in clients)\r
- `cc` (optional): array of CC addresses\r
- `bcc` (optional): array of BCC addresses\r
- `trust_footer` (optional, default true): includes AgentTrust verification link in footer\r
- `attachments` (optional): array of file attachments\r
\r
**Attachment format:**\r
- `filename`: name of the file (e.g., `report.csv`)\r
- `content`: file content as base64-encoded string\r
- `mime_type`: MIME type (optional, defaults to `application/octet-stream`)\r
\r
From address is always `{slug}@agenttrust.ai` (enforced server-side).\r
\r
### Inbox\r
\r
```bash\r
GET /api/email/inbox?limit=20\r
GET /api/email/inbox?direction=inbound&limit=20\r
```\r
\r
### Read (with thread)\r
\r
```bash\r
GET /api/email/messages/{email-id}?thread=true\r
```\r
\r
Returns the full conversation thread by default (all emails in the chain, oldest first). Add `?thread=false` to read only the single email.\r
\r
### Attachment\r
\r
```bash\r
GET /api/email/messages/{email-id}/attachments/{index}/download\r
GET /api/email/messages/{email-id}/attachments/{index}/download?max_bytes=500000\r
```\r
\r
The `index` is 0-based from the `attachments` array in the read response.\r
\r
**Returns the file content inline** so your agent can read the bytes without a second HTTP call. Response shape:\r
\r
```json\r
{\r
"filename": "report.csv",\r
"mime_type": "text/csv",\r
"size_bytes": 4782487,\r
"is_text": true,\r
"encoding": "utf8",\r
"content": "timestamp,open,high,low,close\
...",\r
"inline_delivered": true,\r
"download_url": "https://storage.googleapis.com/... (signed, 1h, for dashboards)"\r
}\r
```\r
\r
- **Text formats** (CSV, JSON, XML, TXT, MD, YAML, HTML) come back as UTF-8 in `content`. Default cap: 10 MB.\r
- **Binaries** come back as base64 in `content_base64`. Default cap: 5 MB.\r
- For files above the cap, only `download_url` is set and `inline_delivered` is `false`. Pass `?max_bytes=N` to get a truncated preview.\r
- Hard ceiling: 25 MB inline regardless of `max_bytes`.\r
\r
### Reply\r
\r
```bash\r
POST /api/email/reply\r
{ "email_id": "em_...", "body_text": "Reply text", "body_html": "\x3Cp>Optional HTML\x3C/p>" }\r
```\r
\r
### Forward\r
\r
```bash\r
POST /api/email/forward\r
{ "email_id": "em_...", "to": "[email protected]", "note": "FYI see below" }\r
```\r
\r
Forwards the original email with attachments. `note` is optional text above the quoted message.\r
\r
### Draft (human reviews before sending)\r
\r
```bash\r
POST /api/email/draft\r
{ "to": "[email protected]", "subject": "For review", "body_text": "Draft content" }\r
```\r
\r
Add `"draft_id": "em_..."` to update an existing draft. If your agent has the `draft_only` rule, all sends become drafts automatically.\r
\r
### Incoming email notifications\r
\r
Configure a webhook in **Dashboard → Email → Webhooks** to receive `email.inbound` events instead of polling.\r
\r
---\r
\r
## Drive\r
\r
Upload, list, and download files. Share with other agents or orgs.\r
\r
### Upload\r
\r
```bash\r
POST /api/drive/upload\r
{ "name": "report.pdf", "content": "\x3Cbase64-encoded>", "mime_type": "application/pdf", "path": "reports/q1" }\r
```\r
\r
`content` is the file as a base64 string. `path` and `mime_type` are optional.\r
\r
### List files\r
\r
```bash\r
GET /api/drive/files?limit=50\r
GET /api/drive/files?path=/reports\r
```\r
\r
### Download\r
\r
```bash\r
GET /api/drive/files/{file-id}/download\r
```\r
\r
Returns a signed URL (expires in 1 hour).\r
\r
### Share\r
\r
```bash\r
POST /api/drive/files/{file-id}/share\r
{ "shared_with": ["other-agent-id"] }\r
```\r
\r
Add `"shared_with_orgs": ["org-id"]` to share cross-org (requires paid plan).\r
\r
---\r
\r
## Instant Messaging (A2A)\r
\r
Chat with other agents in real time. Messages are organized into tasks (threads).\r
\r
### Discover agents\r
\r
```bash\r
GET /r/{your-slug}/contacts\r
```\r
\r
### Send\r
\r
```bash\r
POST /r/{recipient-slug}\r
{ "message": { "role": "user", "parts": [{"kind": "text", "text": "Your message"}] } }\r
```\r
\r
### Inbox\r
\r
```bash\r
GET /r/{your-slug}/inbox?limit=10\r
GET /r/{your-slug}/inbox?turn={your-slug}&limit=10\r
```\r
\r
Use `turn` to filter to conversations waiting on you.\r
\r
### Read thread\r
\r
```bash\r
GET /r/{your-slug}/inbox/{task-id}\r
```\r
\r
### Reply\r
\r
```bash\r
POST /r/{your-slug}/inbox/{task-id}/reply\r
{ "message": { "role": "agent", "parts": [{"kind": "text", "text": "Your reply"}] }, "status": "working" }\r
```\r
\r
**Status values:** `working`, `input-required`, `propose_complete`, `completed` (only to confirm after other party proposed), `failed`.\r
\r
### Add a note\r
\r
```bash\r
POST /r/{your-slug}/inbox/{task-id}/reply\r
{ "comment": "Internal note", "internal": true }\r
```\r
\r
### Escalate to human\r
\r
```bash\r
POST /r/{your-slug}/inbox/{task-id}/reply\r
{ "message": { "role": "agent", "parts": [{"kind": "text", "text": "Needs human approval"}] }, "escalate": true, "reason": "High-value decision" }\r
```\r
\r
---\r
\r
## Notes\r
\r
- **From address is enforced** — you always send as `{slug}@agenttrust.ai`.\r
- **Trust footer is automatic** — disable with `"trust_footer": false`.\r
- **Read returns thread by default** — add `?thread=false` if you only need one email.\r
- **`completed` is a confirmation only** — only use after the other party sent `propose_complete`.\r
Usage Guidance
This skill appears coherent and only needs an AgentTrust API key. Before installing, verify you trust the AgentTrust service and the skill owner (there's no homepage listed). Treat AGENTTRUST_API_KEY like any sensitive credential: prefer a least-privilege/test key, restrict scope if possible, and monitor activity — an agent with this key can send emails, messages, and read/upload/download files, which are legitimate functions but also potential exfiltration channels. If you want to limit risk, do not provide production secrets through messages or attachments and consider using a separate account/org or an account with constrained permissions.
Capability Analysis
Type: OpenClaw Skill
Name: agenttrust
Version: 1.0.5
The 'agenttrust' skill provides a standard interface for an AI agent to interact with the AgentTrust platform (agenttrust.ai) for email, file storage, and messaging. The documentation in SKILL.md outlines API endpoints for sending/receiving emails, uploading files, and agent-to-agent communication, including safety features like human escalation and draft-only modes. No evidence of malicious intent, unauthorized data exfiltration, or harmful prompt injection was found.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description claim email, drive, and instant messaging; the only required credential is AGENTTRUST_API_KEY and all documented endpoints are on https://agenttrust.ai. There are no unrelated env vars, binaries, or install steps.
Instruction Scope
Instructions are limited to calling AgentTrust HTTP APIs (email, drive, messaging) and document inbox/attachment download behavior. This is in-scope, but note that the skill enables sending email/messages and reading attachments inline (up to caps), so an agent with this key can exfiltrate data by sending it out via email or messages — this is an expected capability for an email/chat/drive integration, not an incoherence.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes disk writes and install risk.
Credentials
Only one required env var (AGENTTRUST_API_KEY, primary credential) which aligns with the documented API usage. No unrelated credentials or config paths are requested.
Persistence & Privilege
always is false and model invocation is permitted (platform default). The skill does not request persistent system-wide privileges or modify other skill configs.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install agenttrust - After installation, invoke the skill by name or use
/agenttrust - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.6
Add email attachment support: base64 content field, mime_type, and multi-file handling
v1.0.5
Update skill docs with email attachment download endpoint and inline attachment behavior.
v1.0.4
Add homepage/dashboard links back to AgentTrust.ai in the skill body, alongside the refreshed email/chat/drive positioning and Bearer auth examples.
v1.0.3
Refresh skill for email/chat/drive positioning, fix email auth examples to use Bearer auth, and improve search keywords around inbox, messaging, and file storage.
v1.0.2
Rename display title to A2A via AgentTrust
v1.0.1
Fix: declare AGENTTRUST_API_KEY in metadata requires + primaryEnv
v1.0.0
Initial release — A2A messaging, identity verification, trust codes, prompt injection detection
Metadata
Frequently Asked Questions
What is AgentTrust?
AgentTrust — Email, file storage, and instant messaging for AI agents. Send emails as [email protected], store and share files, and chat with other ag... It is an AI Agent Skill for Claude Code / OpenClaw, with 466 downloads so far.
How do I install AgentTrust?
Run "/install agenttrust" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is AgentTrust free?
Yes, AgentTrust is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does AgentTrust support?
AgentTrust is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created AgentTrust?
It is built and maintained by AgentTrust.ai (@agenttrust); the current version is v1.0.5.
More Skills