← Back to Skills Marketplace
schchit

Judgment Event Protocol

by JEP (Judgment Event Protocol) · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ✓ Security Clean
75
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install judgment-event-protocol
Description
Record and verify cryptographically signed, tamper-proof judgment, delegation, termination, and verification events for AI agent decision audits.
README (SKILL.md)

name: judgment_event_protocol description: Cryptographic event logging for autonomous agents. Record tamper-proof judgment, delegation, termination, and verification events using the Judgment Event Protocol. Provides verifiable decision trails with JCS canonicalization and Ed25519 signatures. user-invocable: true tags:

  • jep
  • judgment
  • delegation
  • provenance
  • audit
  • accountability
  • jcs
  • ed25519 metadata: openclaw: requires: bins: [python3, pip]

Judgment Event Protocol (JEP)

You have a minimal, verifiable event logging system for AI agent decisions. Use it when you need to record judgments, delegate authority, terminate decision lifecycles, or verify existing events with cryptographic integrity.

Setup

pip install jep-protocol

Security Considerations

This skill handles cryptographic keys and external dependencies. Please observe the following practices to ensure safe usage:

  • 🔑 Private Key Management: Private keys should never be hardcoded in agent prompts, source files, or shared in conversations. Always store keys using a secure key manager (e.g., environment variables, secret management services, HSMs, or hardware tokens). The code examples below assume private_key and public_key are securely loaded from such a source.
  • 📦 Package Integrity: The jep-protocol PyPI package is open source. Verify its integrity by checking the source code at https://github.com/hjs-spec/jep. Consider pinning the package to a reviewed version hash in your dependency manager.
  • 🧪 Environment Isolation: Before integrating the library into production systems or granting access to sensitive keys, test it in an isolated environment (e.g., a Python virtual environment or a container).

When to Use This Skill

  • When you need to record an agent's decision for future audit
  • When you delegate a task to another agent and need proof of handoff
  • When you terminate a decision process and want to seal the record
  • When you need to verify the integrity of an existing event chain
  • When building accountability trails for compliance or debugging

Core Verbs

JEP defines four immutable verbs:

Verb Name Purpose
J Judge Initiate a new decision or root audit event
D Delegate Transfer decision authority to another agent
T Terminate Close the decision lifecycle
V Verify Verify authenticity of an existing event

Event Structure (JSON Example)

A minimal JEP event before signing:

{
  "jep": "1",
  "verb": "J",
  "who": "did:example:agent-123",
  "when": 1742345678,
  "what": "sha256:e8878aa9a38f4d123456789abcdef01234",
  "nonce": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
  "aud": "https://platform.example.com",
  "ref": null
}

Core Operations

Record a Judgment Event (J)

from jep import JEPEvent, Verb

# Assumes private_key is loaded from a secure source
event = JEPEvent(
    verb=Verb.J,
    who="did:example:agent-123",
    what="sha256:hash-of-decision-content",
    aud="https://platform.example.com"
)
receipt = event.sign(private_key)
print(receipt.to_json())

Record a Delegation Event (D)

event = JEPEvent(
    verb=Verb.D,
    who="did:example:agent-123",
    what="sha256:hash-of-delegation-details",
    aud="https://platform.example.com",
    ref="hash-of-parent-event"  # Link to previous event
)

Record a Termination Event (T)

event = JEPEvent(
    verb=Verb.T,
    who="did:example:agent-123",
    what=None,
    aud="https://platform.example.com",
    ref="hash-of-decision-chain-head"
)

Record a Verification Event (V)

event = JEPEvent(
    verb=Verb.V,
    who="did:example:verifier-456",
    what=None,
    aud="https://platform.example.com",
    ref="hash-of-target-event"
)

Verify an Existing Receipt

from jep import verify_receipt

result = verify_receipt(
    receipt_json,
    public_key,
    expected_aud="https://platform.example.com"
)

if result.valid:
    print("Signature valid, chain intact")
else:
    print(f"Verification failed: {result.error}")
    # Possible error codes:
    # - INVALID_SIGNATURE: Signature doesn't match
    # - REPLAY_DETECTED: Nonce already seen
    # - EXPIRED: Timestamp outside allowed window
    # - BROKEN_CHAIN: Parent event hash mismatch
    # - INVALID_AUDIENCE: aud field doesn't match expected value

Optional Privacy Extensions

JEP supports modular extensions for privacy and compliance:

Extension Purpose
digest-only Anonymize actor identities with salted hashes
multisig Require multiple signatures for distributed accountability
ttl Auto-expire events for data retention compliance
storage Decouple event storage from protocol for data sovereignty
subject Explicitly reference decision subjects for traceability

Relationship to HJS and JAC

JEP is the foundational event format for the broader accountability stack:

Layer Protocol Purpose
Base JEP Tamper-proof event recording (this skill)
Responsibility HJS Human oversight and privacy protection
Causality JAC Cross-agent judgment chain tracking

JEP events serve as the immutable data layer that HJS and JAC build upon. All three protocols share the same JSON canonicalization (JCS/RFC 8785) and signature scheme (JWS/RFC 7515).

Links

Usage Guidance
This skill appears to do what it says (a small Python library for signing/verifying judgment events). Before installing or allowing an agent to run it: (1) review the 'jep-protocol' PyPI package source (the linked GitHub repo) and pin to a reviewed version/hash; (2) install in an isolated environment (virtualenv or container) because pip packages can run code at install time; (3) keep private keys in a secure store (not in prompts or skill files) and only expose them to the runtime if you trust the agent and environment; (4) confirm that the registry metadata (owner/version) matches the package source if provenance matters; and (5) consider manual code review of the package if you will use it with sensitive data.
Capability Tags
cryptorequires-walletrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The name, description, and instructions all describe a minimal cryptographic event logging protocol and show how to use the 'jep-protocol' Python library to sign and verify events. Required binaries (python3, pip) listed in metadata are appropriate for the examples. Minor metadata mismatches exist (registry metadata/version vs _meta.json/version and owner fields), but these are administrative inconsistencies and do not change the skill's functional purpose.
Instruction Scope
SKILL.md stays on scope: it instructs installing the 'jep-protocol' package and using its API to create/sign/verify JEP events. It explicitly warns against hardcoding private keys and recommends secure key management. The instructions do not direct the agent to read unrelated system files, access unrelated credentials, or transmit data to unknown endpoints beyond PyPI/GitHub links mentioned for the package.
Install Mechanism
This is an instruction-only skill that tells the user to run 'pip install jep-protocol'. Using PyPI is expected for a Python library but carries typical risks: packages can execute arbitrary code during install. The SKILL.md points to a GitHub org and recommends verifying the package source and pinning versions, which is good practice. No download-from-untrusted-URL or obfuscated installer is present.
Credentials
No environment variables, credentials, or config paths are required by the skill itself. The documented need for private/public keys is proportional to a signing/verification library and is explicitly called out as something that must be provided from a secure store. There are no unexplained or unrelated credential requests.
Persistence & Privilege
The skill is not forced-always (always: false) and is user-invocable; model invocation is enabled (default) which is normal for skills. The skill does not request persistent system-wide privileges or modify other skills' configs. Note: if you allow the agent to run shell commands (e.g., to pip install), ensure it cannot access private keys or other secrets at runtime without explicit user approval.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install judgment-event-protocol
  3. After installation, invoke the skill by name or use /judgment-event-protocol
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Added a new "Security Considerations" section with best practices for private key management, package integrity, and environment isolation. - Clarified that code examples assume secure key handling. - Updated the protocol documentation link to point to the GitHub organization instead of a repo subpage. - No functional or API changes.
v1.0.0
Initial release of judgment_event_protocol — a cryptographic event logging system for autonomous agents. - Enables tamper-proof recording of judgment, delegation, termination, and verification events. - Implements verifiable decision trails using JCS canonicalization and Ed25519 signatures. - Provides core event verbs: Judge, Delegate, Terminate, and Verify. - Supports event chain integrity verification and modular privacy/compliance extensions. - Designed for audit, accountability, provenance, and agent interoperability.
Metadata
Slug judgment-event-protocol
Version 1.0.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Judgment Event Protocol?

Record and verify cryptographically signed, tamper-proof judgment, delegation, termination, and verification events for AI agent decision audits. It is an AI Agent Skill for Claude Code / OpenClaw, with 75 downloads so far.

How do I install Judgment Event Protocol?

Run "/install judgment-event-protocol" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Judgment Event Protocol free?

Yes, Judgment Event Protocol is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Judgment Event Protocol support?

Judgment Event Protocol is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Judgment Event Protocol?

It is built and maintained by JEP (Judgment Event Protocol) (@schchit); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments