← Back to Skills Marketplace
adroidian

chitin-moat

by adroidian · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
312
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install chitin-moat
Description
Enforce contextual permission boundaries for AI agents based on communication surface. Constrains agent capabilities (exec, file I/O, secrets, messaging) by...
README (SKILL.md)

Chitin Moat

Enforce contextual agent permissions based on where a conversation happens.

Trust Levels

Level Name Capabilities
0 sovereign Full autonomy (1:1 with verified owner)
1 trusted Read/write, scoped tools, no secrets (private known group)
2 guarded Respond on @mention only, no tools (semi-public)
3 observer React only (public channels)
4 silent No interaction (blocked surfaces)

Configuration

Create chitin-trust-channels.yaml in the agent workspace root:

version: "0.1"

owner:
  telegram: "\x3Cowner_user_id>"

channels:
  - id: "telegram:\x3Cowner_user_id>"
    level: sovereign

  - id: "discord:\x3Cserver_id>"
    level: guarded
    overrides:
      - channel: "owners-lounge"
        level: trusted
      - channel: "pro-*"
        level: trusted

  - id: "telegram:group:*"
    level: observer

defaults:
  unknown_channel: observer
  unknown_dm: guarded

Setup

  1. Copy the example config: cp references/example-config.yaml chitin-trust-channels.yaml
  2. Edit with your channel IDs and owner identity
  3. Run the validator: python3 scripts/validate_config.py chitin-trust-channels.yaml
  4. Run the audit: python3 scripts/audit_channels.py chitin-trust-channels.yaml

Permission Matrix

See references/permission-matrix.md for the full capability × trust-level matrix.

Scripts

  • scripts/validate_config.py \x3Cconfig> — Validate a trust channels config file
  • scripts/audit_channels.py \x3Cconfig> — Audit current channel bindings against the config and report mismatches
  • scripts/resolve_channel.py \x3Cconfig> \x3Cchannel_id> — Resolve the trust level for a specific channel ID

Integration with AGENTS.md

Add to the agent's workspace instructions:

## Chitin Moat
Before responding in any channel, resolve the trust level using `chitin-trust-channels.yaml`.
Constrain capabilities to the resolved level. Never escalate beyond the channel ceiling.
Usage Guidance
This skill is a coherent, advisory toolkit for mapping channels to trust levels — it does not automatically enforce those limits. Before relying on it: (1) integrate the resolve step into your agent runtime so capability ceilings are actually enforced, (2) review and supply correct channel/owner IDs in chitin-trust-channels.yaml, (3) test the integration thoroughly (the resolve script has minor bugs: when an override matches it returns a field named 'level' containing the override pattern instead of a level, and the DM detection logic may misclassify some channel ID formats), and (4) treat the permission matrix as policy guidance only — the agent or platform must implement the enforcement hooks (e.g., blocking exec, file I/O, or secret access) to make the controls effective.
Capability Analysis
Type: OpenClaw Skill Name: chitin-moat Version: 1.0.0 This skill bundle is designed to enhance AI agent security by enforcing contextual permission boundaries based on communication channels. The `SKILL.md` instructs the agent to self-constrain its capabilities, which is a security-positive prompt injection. All Python scripts (`audit_channels.py`, `resolve_channel.py`, `validate_config.py`) use `yaml.safe_load` and perform only read operations on local configuration files, outputting to stdout. They include security checks and warnings to guide users towards secure configurations. There is no evidence of data exfiltration, malicious execution, persistence, or other harmful behaviors.
Capability Assessment
Purpose & Capability
Name/description match the included artifacts: example config, permission matrix, and three small helper scripts (validate, audit, resolve). The skill requests no env vars, binaries, or installs, which is proportionate for a configuration-and-audit helper.
Instruction Scope
SKILL.md correctly instructs validating and auditing the chitin-trust-channels.yaml and integrating a 'resolve before responding' step into AGENTS.md. Important: the skill only supplies static scripts and guidance — it does not itself enforce runtime capability restrictions inside an agent. Users must integrate the resolve step into their agent runtime to enforce ceilings; otherwise the guidance is advisory only.
Install Mechanism
Instruction-only with small included Python scripts; no install spec, no downloads, no external package pulls. Low friction and low risk from installation.
Credentials
No environment variables, credentials, or config paths are requested. Scripts read only the provided YAML config and produce console output. There is no network or external endpoint usage.
Persistence & Privilege
Skill is not always-enabled and does not modify other skills or system-wide settings. It doesn't persist secrets or change system configuration; it only reads a user-provided config file.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install chitin-moat
  3. After installation, invoke the skill by name or use /chitin-moat
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: contextual permission boundaries for AI agents based on communication surface trust level.
Metadata
Slug chitin-moat
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is chitin-moat?

Enforce contextual permission boundaries for AI agents based on communication surface. Constrains agent capabilities (exec, file I/O, secrets, messaging) by... It is an AI Agent Skill for Claude Code / OpenClaw, with 312 downloads so far.

How do I install chitin-moat?

Run "/install chitin-moat" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is chitin-moat free?

Yes, chitin-moat is completely free (open-source). You can download, install and use it at no cost.

Which platforms does chitin-moat support?

chitin-moat is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created chitin-moat?

It is built and maintained by adroidian (@adroidian); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 Comments