← Back to Skills Marketplace
998
Downloads
0
Stars
3
Active Installs
34
Versions
Install in OpenClaw
/install agent-passport-system
Description
Enforcement and accountability layer for AI agents. Bring your own identity (did:key, did:web, SPIFFE, OAuth, did:aps). Gateway enforcement boundary, monoton...
README (SKILL.md)
Agent Passport System
When to use this skill
- Agent needs cryptographic identity (Ed25519 passport)
- Delegate authority between agents with scope, spend limits, depth controls
- Revoke access — one call kills all downstream delegations
- Run agent commerce with 5-gate checkout (passport, delegation, merchant, spend)
- Coordinate multi-agent tasks (assign, evidence, review, deliver)
- Track data contributions with Merkle proofs
- Encrypt agent-to-agent communication (E2E, forward secrecy)
- Score agent trust (Bayesian reputation, passport grades 0-3)
- Enforce values compliance (8 principles, graduated enforcement)
- Found institutions with charters, offices, approval policies
Install
npm install agent-passport-system # SDK — /core subpath is the curated default
npm install agent-passport-system-mcp # MCP server — APS_PROFILE=essential is the default
Minimal SDK import (lead with the curated essentials):
import {
createPassport, createDelegation,
evaluateIntent, commercePreflight, generateKeyPair
} from 'agent-passport-system/core'
Minimal MCP install (essential profile is the default; APS_PROFILE=full for all 142 tools):
npx agent-passport-system-mcp
Remote MCP (zero install): https://mcp.aeoess.com/sse
Core workflow
1. Create identity → returns passport + keypair
npx agent-passport join --name my-agent --owner alice
Output: .passport/agent.json with Ed25519 keypair, signed passport, values attestation. Treat like an SSH key.
2. Delegate authority → returns signed delegation
npx agent-passport delegate --to \x3CpublicKey> --scope web_search,commerce --limit 500 --depth 1 --hours 24
Output: signed delegation with scope, spend limit, max depth, expiry. Authority can only narrow at each transfer.
3. Record work → returns signed receipt
npx agent-passport work --scope web_search --type research --result success --summary "Found 3 sources"
Output: Ed25519-signed receipt traceable to a human through the delegation chain.
4. Prove contributions → returns Merkle proof
npx agent-passport prove --beneficiary alice
Output: Merkle root + inclusion proofs. 100K receipts provable with ~17 hashes.
MCP tools (142 total on v3.0.0 @next, v2.27.0 @latest has 154)
Setup: npx agent-passport-system-mcp setup (auto-configures Claude Desktop + Cursor)
Identity & trust (12 tools): generate_keys, identify, issue_passport, verify_issuer, verify_passport, create_principal, endorse_agent, get_passport_grade, list_issuance_records, get_behavioral_sequence, verify_endorsement, revoke_endorsement
Delegation & revocation (5): create_delegation, verify_delegation, revoke_delegation, sub_delegate, create_v2_delegation
Commerce & wallets (4): commerce_preflight, get_commerce_spend, request_human_approval, create_checkout
Coordination (11): create_task_brief, assign_agent, accept_assignment, submit_evidence, review_evidence, handoff_evidence, get_evidence, submit_deliverable, complete_task, get_my_role, get_task_detail
Communication (7): send_message, check_messages, broadcast, list_agents, post_agora_message, register_agora_agent, register_agora_public
Governance & policy (12): load_values_floor, attest_to_floor, create_intent, evaluate_intent, create_policy_context, create_agent_context, execute_with_context, create_charter, sign_charter, verify_charter, create_approval_request, add_approval_signature
Data attribution (10): register_data_source, create_access_receipt, create_derivation_receipt, create_decision_lineage_receipt, record_training_use, check_data_access, check_purpose_permitted, check_retention_expired, query_contributions, generate_compliance_report
Intent Network (5): publish_intent_card, remove_intent_card, search_matches, request_intro, respond_to_intro
Framework adapters (8)
One-function governance for every major agent framework. Each wraps tool/task execution with APS delegation checks and Ed25519-signed receipts.
import {
governLangChainTool, // LangChain/LangGraph
governCrewTask, // CrewAI
governMCPToolCall, // Any MCP server
governIBACIntent, // IBAC (Cedar/OPA)
passportToA2ACard, // A2A Agent Cards
} from 'agent-passport-system'
// Also available as standalone packages:
// npm install @aeoess/stripe-governance
// npm install @aeoess/composio-governance
| Adapter | Function | What it wraps |
|---|---|---|
| LangChain | governLangChainTool() |
BaseTool.invoke() |
| CrewAI | governCrewTask() |
Crew task execution |
| MCP | governMCPToolCall() |
Any MCP tool call |
| IBAC/Cedar | governIBACIntent() |
Cedar/OPA policy tuples |
| A2A | passportToA2ACard() |
Agent Card ↔ passport bridge |
| Stripe | governMPPPayment() |
Stripe agent payments |
| Composio | governComposioAction() |
250+ tool integrations |
| Gonka | governGonkaInference() |
Decentralized GPU compute |
Programmatic API
import {
joinSocialContract, // → { passport, keyPair, attestation }
createDelegation, // → signed Delegation
processToolCall, // → { permitted, constraintResults, receipt }
cascadeRevoke, // → { revoked: string[], receipts }
computePassportGrade, // → 0 | 1 | 2 | 3
createIssuanceContext, // → IssuanceContext with evidence + assessment
} from 'agent-passport-system'
Passport grades (attestation architecture)
| Grade | Meaning | Trust signal |
|---|---|---|
| 0 | Bare Ed25519 keypair | Unverified |
| 1 | Issuer countersigned | AEOESS processed |
| 2 | Runtime-bound + challenge-response | Infrastructure-attested |
| 3 | Runtime + verified human principal | Full chain of trust |
Grade travels with the passport. Any consumer reads it without understanding scoring internals.
Key facts
- Enforcement and accountability layer — bring your own identity, gateway does the rest
- SDK
/coresubpath: 24 curated functions for 90% of integrations - MCP
essentialprofile: 20 tools by default (identity, delegation, enforcement, commerce, reputation) - Policy eval \x3C2ms, 403 ops/sec, 15 constraint dimensions
- 2,366 tests including 50 adversarial attack scenarios
- Zero heavy dependencies — Node.js crypto + uuid only
- Apache-2.0 license
- Full surface area: 124 modules, 142 MCP tools — available under
APS_PROFILE=fulland the rootagent-passport-systemimport.
Links
- npm: https://www.npmjs.com/package/agent-passport-system
- MCP: https://www.npmjs.com/package/agent-passport-system-mcp
- PyPI: https://pypi.org/project/agent-passport-system/
- GitHub: https://github.com/aeoess/agent-passport-system
- Docs: https://aeoess.com/llms-full.txt
- Paper: https://doi.org/10.5281/zenodo.18749779
Usage Guidance
This skill appears internally consistent for agent identity and delegation, but it will download and run code from npm and communicate with external endpoints (mcp.aeoess.com, api.aeoess.com). Before installing: 1) review the npm package source (github.com/aeoess/agent-passport-system) and recent releases; 2) treat the generated .passport/agent.json like an SSH private key — store it securely and avoid sharing it; 3) only provide GITHUB_TOKEN if you understand and trust the register_agora_public workflow; 4) consider running the package in a sandbox or isolated environment if you want to limit exposure; and 5) audit network interactions (what data is sent to the MCP/Intent network) if you need confidentiality assurances.
Capability Analysis
Type: OpenClaw Skill
Name: agent-passport-system
Version: 5.6.1
The Agent Passport System (SKILL.md) provides a complex identity and governance framework with 142 tools. It includes risky capabilities such as managing Ed25519 cryptographic keys, processing commerce transactions, and connecting to external APIs and remote MCP servers (mcp.aeoess.com, api.aeoess.com). The system also performs automated configuration of local applications like Claude Desktop and Cursor, which involves sensitive file modifications. While these features are aligned with the stated purpose of agent accountability, the broad network access, remote tool execution via MCP, and sensitive data handling (including an optional GITHUB_TOKEN) meet the threshold for a suspicious classification under the provided criteria.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description (agent identity, delegation, enforcement) align with the declared needs: npx to run the CLI and an npm package 'agent-passport-system' that provides the agent-passport binary. The optional GITHUB_TOKEN is narrowly scoped (documented as only for register_agora_public). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to run npx commands that create a local .passport/agent.json (Ed25519 keypair, signed passport), delegate authority, record signed receipts, and contact remote MCP endpoints (mcp.aeoess.com, api.aeoess.com). This is consistent with the stated purpose, but it does create persistent local secrets (private keys) and sends identity/delegation/receipt data to external services — users should expect network transmission of attestations and receipts.
Install Mechanism
Install is via npm/node (package agent-passport-system and agent-passport-system-mcp) and the registry metadata declares a node install that creates an agent-passport binary. Installing/running via npm/npx will fetch and run remote code (moderate risk compared to instruction-only). No raw download URLs or obscure hosts are used for installation, but the package code is not included in this bundle (instruction-only), so installing will pull from npm.
Credentials
Only npx is required and GITHUB_TOKEN is optional and documented for a specific action (register_agora_public). No broad or unrelated secrets are requested and the skill does not declare other config paths or primary credentials.
Persistence & Privilege
The skill is not marked always:true and does not request elevated platform privileges. It creates local files (e.g., .passport/agent.json) to store key material, which is expected for an identity system; autonomous invocation is allowed (platform default) but not combined with other red flags.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install agent-passport-system - After installation, invoke the skill by name or use
/agent-passport-system - Provide required inputs per the skill's parameter spec and get structured output
Version History
v5.6.1
- Updated test count in documentation from 2,366 to 2,410
- Updated total MCP tool count from 142 to 150 for full surface area
- No functional changes; documentation and metadata only
v5.6.0
- Test coverage increased: now 2,410 tests (was 2,366).
- MCP tool count expanded: 150 tools now available under full profile (was 142).
- Added notice about pre-release 2.3.0-alpha with bilateral receipts (in-toto Decision Receipt v0.1 predicate).
- Documentation updates to reflect expanded tests and tool availability.
v5.5.0
- Increased MCP tool count to 142 (previously 132); module count is now 124.
- Updated test count to 2,366.
- Documentation updated to reflect new MCP tool and module counts, and revised installation details.
- Minor documentation and version alignment throughout SKILL.md.
v1.46.0
Version 1.46.0 of agent-passport-system
- No file changes detected in this version.
- Functionality, interfaces, documentation, and dependencies remain unchanged.
- No new features, fixes, or breaking changes introduced.
v1.45.0
Version 1.45.0 of agent-passport-system
- No file changes were detected for this release.
- No new features, bug fixes, or documentation updates are present in this version.
v1.44.0
agent-passport-system v1.44.0
- No changes detected in this version.
- All documentation and features remain consistent with previous release.
v1.42.0
- Increased total number of tests from 2,552 to 2,764, improving reliability and coverage.
- SKILL.md updated to reflect the new test count.
- No functional or API changes.
v1.41.0
Nanook PDR v2.19 adapter batch: applyTemporalDecay, confidenceBreakdown, BehavioralFingerprint, computeReputationDrift + ring buffer, extractSessions, computeProbeIdentity, verifyProbeIdentity, computeConsistencyScore
v5.4.0
- Updated reported number of tests in docs from 2,552 to 2,591.
- No functional or API changes—documentation (SKILL.md) only.
v5.3.0
- Test coverage increased from 2,535 to 2,552 tests
- "4-gate checkout" updated to "5-gate checkout" in commerce workflow
- Minor updates to documentation and description for consistency
- No changes to modules, tool count, or framework adapters
v6.0.0
Version 6.0.0
- Added observation governance features: telemetry scopes, derivation rights, behavioral memory
- Updated description and metadata to reflect new capabilities
- Increased total test count to 2,535
- Improved documentation on data lifecycle and governance
- No changes to commands, workflows, or API
v5.2.0
Version 5.2.0 of agent-passport-system
- No file changes detected in this release.
- No updates to documentation, features, or dependencies.
- All modules, APIs, and tools remain unchanged from the previous version.
v5.1.0
No user-facing or internal changes detected in this release.
- Version bump only; contents remain identical to previous version.
- No file or documentation updates.
v2.4.0
agent-passport-system 2.4.0
- Increased MCP tools count from 131 to 132
- Increased test coverage from 2,486 to 2,497 tests
- Framework adapters list updated from 7 to 8 (added Gonka)
- SKILL.md updated for tool/adapters/test counts and descriptions
v2.3.0
- Added Gonka framework adapter for decentralized GPU compute governance.
- Updated total test count to 2,486.
- Revised description and data to reflect 8 framework adapters (now includes Gonka).
- No code changes; documentation updated in SKILL.md.
v2.2.0
- Added support for 7 framework adapters, including Stripe, Composio, IBAC/Cedar, LangChain, CrewAI, MCP, and A2A, enabling one-function governance integration.
- Updated test count to 2,468 and MCP tools to 131.
- Expanded documentation with a new "Framework adapters" section detailing usage examples and adapter functions.
- Minor corrections and enhancements to module/tool listings and API documentation.
v1.36.0
No user-visible changes.
Version bump only; no file or functionality updates detected.
v1.35.0
- Increased test coverage from 2,180 to 2,306 tests.
- No changes to files, workflows, features, or modules since the last version.
- Documentation updated to reflect current test counts.
v1.34.0
- Increased MCP tools from 125 to 131.
- Expanded total test count from 2,180 to 2,306.
- Updated description and key facts to reflect new module, tool, and test totals.
- No changes to usage or programmatic API.
v1.33.0
No changes detected in this version.
- Version 1.33.0 was published with no modifications to files or documentation.
Metadata
Frequently Asked Questions
What is Agent Passport?
Enforcement and accountability layer for AI agents. Bring your own identity (did:key, did:web, SPIFFE, OAuth, did:aps). Gateway enforcement boundary, monoton... It is an AI Agent Skill for Claude Code / OpenClaw, with 998 downloads so far.
How do I install Agent Passport?
Run "/install agent-passport-system" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Agent Passport free?
Yes, Agent Passport is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Agent Passport support?
Agent Passport is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Agent Passport?
It is built and maintained by æœss (@aeoess); the current version is v5.6.1.
More Skills