← Back to Skills Marketplace
Identity Resolver
by
bowen31337
· GitHub ↗
· v1.0.6
780
Downloads
0
Stars
0
Active Installs
7
Versions
Install in OpenClaw
/install identity-resolver
Description
Resolves multi-channel user IDs to a single canonical ID, preventing fragmented state across Telegram, WhatsApp, Discord, web, and more.
README (SKILL.md)
identity-resolver
Canonical user identity resolution across messaging channels
Description
Resolves multi-channel user identities (Telegram, WhatsApp, Discord, web, etc.) to canonical user IDs, preventing state fragmentation when users interact via multiple channels.
Problem it solves: Without identity resolution, a user messaging via Telegram and WhatsApp appears as two different users, causing fragmented memory, access control, and per-user state across skills.
Solution: Maps all channel identities to one canonical user ID automatically.
Installation
Prerequisites: Install uv if not already installed:
curl -LsSf https://astral.sh/uv/install.sh | sh
Install the skill:
cd /path/to/openclaw/workspace
# Via ClawHub (recommended)
clawhub install identity-resolver
# Or via Git
git clone https://github.com/clawinfra/identity-resolver skills/identity-resolver
Quick Start
For End Users
# Initialize identity map (auto-detects owner from USER.md)
cd /path/to/workspace
uv run python skills/identity-resolver/scripts/identity_cli.py init
# Verify your identity
uv run python skills/identity-resolver/scripts/identity_cli.py resolve \
--channel telegram --user-id YOUR_TELEGRAM_ID
# Output: your-canonical-id
# List all registered identities
uv run python skills/identity-resolver/scripts/identity_cli.py list
For Skill Developers
Add to your skill's Python code:
import sys
from pathlib import Path
# Import identity resolver
sys.path.insert(0, str(Path.cwd() / "skills" / "identity-resolver" / "scripts"))
from identity import resolve_canonical_id
# Get canonical user ID from session context
import os
channel = os.getenv("OPENCLAW_CHANNEL") # e.g., "telegram"
user_id = os.getenv("OPENCLAW_USER_ID") # e.g., "123456789"
canonical_id = resolve_canonical_id(channel, user_id)
# Use canonical_id for all user-specific operations
# Example: User-specific memory file
memory_file = f"data/users/{canonical_id}/memory.json"
Features
✅ Auto-registers owner from workspace USER.md
✅ Thread-safe identity map storage with fcntl locking
✅ CLI + Python API for both users and developers
✅ Path traversal protection — sanitizes all canonical IDs
✅ Zero dependencies — pure Python stdlib
✅ Multi-channel support — Telegram, WhatsApp, Discord, web, and future channels
Use Cases
Multi-User Memory Systems
# tiered-memory skill integration
canonical_id = resolve_canonical_id(channel, user_id)
memory_tree = f"memory/users/{canonical_id}/tree.json"
Access Control
# agent-access-control skill integration
canonical_id = resolve_canonical_id(channel, user_id)
if is_owner(canonical_id):
# Full access
else:
# Limited access
Cross-Platform User Tracking
# Same user across Discord + Telegram
discord_id = resolve_canonical_id("discord", "user#1234")
telegram_id = resolve_canonical_id("telegram", "987654321")
# Both resolve to same canonical ID if registered
API Reference
Core Functions
resolve_canonical_id(channel, provider_user_id, workspace=None, owner_numbers=None) -> str
Resolve channel identity to canonical user ID.
- Auto-registers owner numbers from USER.md
- Returns canonical ID (e.g., "alice") or "stranger:{channel}:{user_id}" for unmapped users
add_channel(canonical_id, channel, provider_user_id, workspace=None, display_name=None)
Add channel mapping to a canonical user (creates user if doesn't exist).
remove_channel(canonical_id, channel, provider_user_id, workspace=None)
Remove channel mapping from canonical user.
list_identities(workspace=None) -> dict
Return all identity mappings.
get_channels(canonical_id, workspace=None) -> list
Get all channels for a canonical user.
is_owner(canonical_id, workspace=None) -> bool
Check if canonical ID is the owner.
CLI Commands
# Initialize
identity init [--force]
# Resolve (auto-detect from env or explicit params)
identity resolve [--channel CH] [--user-id ID]
# Add mapping
identity add --canonical ID --channel CH --user-id ID [--display-name NAME]
# Remove mapping
identity remove --canonical ID --channel CH --user-id ID
# List all
identity list [--json]
# Get channels
identity channels --canonical ID [--json]
# Check owner
identity is-owner --canonical ID [--json]
Identity Map Format
Location: data/identity-map.json or memory/identity-map.json
{
"version": "1.0",
"identities": {
{
"version": "1.0",
"identities": {
"alice": {
"canonical_id": "alice",
"is_owner": true,
"display_name": "Alice Johnson",
"channels": [
"telegram:123456789",
"whatsapp:+1234567890",
"whatsapp:+9876543210",
"whatsapp:+5555555555"
],
"created_at": "2026-01-15T10:00:00Z",
"updated_at": "2026-01-15T10:05:00Z"
},
"bob": {
"canonical_id": "bob",
"is_owner": false,
"display_name": "Bob Smith",
"channels": [
"discord:bob#1234",
"telegram:987654321"
],
"created_at": "2026-01-15T10:10:00Z",
"updated_at": "2026-01-15T10:10:00Z"
}
}
}
}
}
}
Security
- Path traversal protection: Canonical IDs sanitized to
[a-z0-9-_]only - Thread-safe operations: fcntl file locking on all reads/writes
- Input validation: All user inputs validated and sanitized
- Owner auto-registration: Only numbers from USER.md auto-register as owner
Integration Examples
See docs/TIERED_MEMORY_INTEGRATION_EXAMPLE.md for complete working example.
License
MIT - See LICENSE file
Author
OpenClaw Agent \[email protected]>
Links
Usage Guidance
This skill appears to implement what it claims (canonicalizing user IDs) and its runtime behavior is mostly local to your workspace, but take these precautions before installing:
- Do NOT run curl | sh on a third-party URL without inspection. The docs recommend installing 'uv' by piping https://astral.sh/uv/install.sh to sh — inspect that script manually or install uv from a vetted source instead.
- Verify package origin: the registry metadata lists the source as unknown but SKILL.md/package.json reference a GitHub repo. Confirm the repository URL, review repo history, and verify checksums/signatures before trusting the bundle.
- Review USER.md usage: the skill auto-registers owner numbers found in USER.md. If your workspace is shared or contains untrusted files, an attacker could make themselves an 'owner' by editing USER.md. Keep workspace permissions tight.
- Inspect identity-map storage and permissions: identity data is stored under data/identity-map.json (or memory/). Ensure appropriate filesystem permissions and backups if needed.
- Run the bundled tests locally in an isolated environment. Note: some unit test assertions in the provided tests look odd (potential copy/paste errors), which reduces confidence in the test suite — running them locally will reveal any problems.
If you want to proceed: clone the repository from the asserted GitHub URL, inspect the repo (especially the install docs and any scripts), run tests locally, and avoid automated remote install scripts until you verify them.
Capability Analysis
Type: OpenClaw Skill
Name: identity-resolver
Version: 1.0.6
The skill's core Python logic (`scripts/identity.py`, `scripts/identity_cli.py`) appears benign, implementing robust input sanitization and thread-safe file operations. However, the installation instructions in `SKILL.md` and `README.md` recommend installing the `uv` package manager via `curl -LsSf https://astral.sh/uv/install.sh | sh`. While a common practice for installing `uv`, this method constitutes a significant supply chain risk, as it executes arbitrary remote code directly from `astral.sh`. A compromise of `astral.sh` could lead to remote code execution on the user's system during the prerequisite installation, classifying this as a risky capability without clear malicious intent from the skill itself.
Capability Assessment
Purpose & Capability
Name, README, SKILL.md, and the included Python code implement canonical identity resolution and the files written/read (USER.md, data/identity-map.json) align with that purpose. However, the registry metadata lists 'Source: unknown' and 'Homepage: none' while the SKILL.md/package.json point to a GitHub repo — a mismatch in distribution metadata that should be resolved before trusting the package source.
Instruction Scope
Runtime instructions and CLI/library calls are restricted to workspace-local operations: reading USER.md, reading/writing data/identity-map.json (or memory/identity-map.json), and using OPENCLAW_CHANNEL / OPENCLAW_USER_ID environment variables. These actions are consistent with identity resolution. The skill auto-registers owner numbers from USER.md — expected but worth noting if the workspace is shared or untrusted.
Install Mechanism
The SKILL.md/README recommend installing 'uv' via a remote script piped into sh (curl -LsSf https://astral.sh/uv/install.sh | sh). That pattern (download-and-run from a third-party domain) is a high-risk install mechanism and should be avoided or verified (use vetted package sources or inspect the script first). Also, the registry lists no formal install spec even though code files are bundled — verify the origin (GitHub URL in docs) and checksum before installing.
Credentials
The skill requests no credentials or env vars in the registry. The code uses OPENCLAW_CHANNEL and OPENCLAW_USER_ID (integration points) and optionally OPENCLAW_WORKSPACE; those are reasonable and proportionate. It reads local USER.md to detect owner numbers, which is justified by the feature (owner auto-registration).
Persistence & Privilege
The skill does not request elevated privileges, does not set always:true, and only writes local files under the workspace (data/identity-map.json or memory/identity-map.json). It does not modify other skills' config. File locking is used for thread-safety.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install identity-resolver - After installation, invoke the skill by name or use
/identity-resolver - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.6
- Added comprehensive SKILL.md with usage instructions, API reference, CLI commands, features, and security details.
- Clarified installation steps, quick start for end users and developers, and provided integration examples.
- Documented file format for identity map and explained auto-registration and canonical ID mapping features.
- Described security measures, including path traversal protection and thread-safe file operations.
- Included links for GitHub repository, issues, and ClawHub listing.
v1.0.5
- Updated packaging files: `package.json` and `pyproject.toml`.
- No user-facing or functional changes in this release.
v1.0.4
- Added Python packaging support with new pyproject.toml file.
- Updated installation instructions to recommend and document uv-based installation.
- Revised README.md and SKILL.md for improved clarity and to include installation prerequisites.
- No core functionality changes; documentation and packaging updates only.
v1.0.3
- Switched CLI usage examples from Python to "uv run python" for improved reproducibility.
- Minor documentation improvements in README.md and SKILL.md.
- Updated package metadata in package.json.
- No functional or API changes.
v1.0.2
- Updated identity examples in documentation to use generic names ("alice", "bob") instead of personal information.
- Clarified sample user IDs and display names in SKILL.md for privacy and clarity.
- Minor edits to installation and code examples for consistency.
- No changes to core functionality or APIs.
v1.0.1
- Added SKILL.md with detailed documentation, usage instructions, API reference, CLI usage, and security details.
- Clearly explained installation, quick start, and integration processes for both end users and developers.
- Listed all core features and security practices of the identity-resolver skill.
- Provided canonical identity map format and practical use cases for memory, access control, and cross-platform tracking.
- Included links to official resources and licensing information.
v1.0.0
identity-resolver 1.0.0
- Initial release for resolving user identities across Telegram, WhatsApp, Discord, web, and more.
- Maps all channel/user IDs to a single canonical user ID to prevent fragmented state, memory, and access control.
- Provides a zero-dependency Python API and CLI for resolving, listing, adding, and removing identities.
- Automatically registers owner identity from USER.md.
- Ensures thread-safe, path-traversal-protected storage of identity mappings.
- Supports multi-user memory, access control, and cross-platform user tracking use cases.
Metadata
Frequently Asked Questions
What is Identity Resolver?
Resolves multi-channel user IDs to a single canonical ID, preventing fragmented state across Telegram, WhatsApp, Discord, web, and more. It is an AI Agent Skill for Claude Code / OpenClaw, with 780 downloads so far.
How do I install Identity Resolver?
Run "/install identity-resolver" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Identity Resolver free?
Yes, Identity Resolver is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Identity Resolver support?
Identity Resolver is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Identity Resolver?
It is built and maintained by bowen31337 (@bowen31337); the current version is v1.0.6.
More Skills