← Back to Skills Marketplace
clauderodriguez2026-boop

ScopeGate Client

by clauderodriguez2026-boop · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ✓ Security Clean
56
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install scopegate-client
Description
Use ScopeGate to verify agent scope before any consequential action involving money, data writes, external API calls, or file system changes. Required safety...
README (SKILL.md)

ScopeGate Client

Before executing any consequential action, you MUST verify scope with ScopeGate.

When to Call ScopeGate

Call before ANY action involving:

  • Money (payments, transfers, purchases)
  • Data writes (database inserts/updates/deletes)
  • External API calls (sending emails, posting to social, webhooks)
  • File system changes (deletes, overwrites)
  • Any action the human has not explicitly pre-authorized in this session

Endpoint

Default: https://api.scopegate.ai Override: set SCOPEGATE_URL environment variable

How to Call ScopeGate

SCOPEGATE_URL="${SCOPEGATE_URL:-https://api.scopegate.ai}"

curl -s -X POST "$SCOPEGATE_URL/grant/verify" \
  -H "Content-Type: application/json" \
  -d '{
    "grant_id": "\x3Cgrant_id from delegator>",
    "agent_id": "\x3Cyour agent id>",
    "requested_action": "\x3Caction you are about to take>",
    "api_key": "\x3Cyour api key>"
  }'

Decision Rules

  • If permitted: true → proceed with the action
  • If permitted: false → STOP. Do not proceed. Report the reason to the user.
  • If ScopeGate is unreachable → STOP. Treat as denied. Never fail open.
  • Never cache a permit — call ScopeGate fresh for every consequential action

Getting a Grant ID

The human or orchestrating agent must call /grant/issue first with the allowed_actions list. They will give you the grant_id. You do not issue your own grants.

Getting an API Key

Sign up at https://scopegate.ai to get your API key.

Usage Guidance
Install this skill if you trust ScopeGate to broker authorization for consequential actions. Before using it, confirm the endpoint, understand who can issue grant IDs, secure the API key, and avoid including unnecessary sensitive details in the requested_action field.
Capability Analysis
Type: OpenClaw Skill Name: scopegate-client Version: 0.1.0 The scopegate-client skill is a security-oriented tool designed to enforce authorization checks before an agent performs sensitive actions. It provides instructions in SKILL.md for calling an external API (api.scopegate.ai) to verify permissions, emphasizing a 'fail-closed' approach and requiring explicit grant IDs. No malicious patterns, data exfiltration, or obfuscation were detected.
Capability Tags
cryptocan-make-purchasesrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The instructions match the stated purpose: verify scope before consequential actions. The artifacts do not show code that performs purchases, writes data, or changes files itself.
Instruction Scope
The skill deliberately changes agent behavior by requiring a ScopeGate check and fail-closed stop condition before consequential actions.
Install Mechanism
No install spec or executable code is present; this is an instruction-only skill with no package, script, or binary execution to review.
Credentials
The skill uses a default external API endpoint, supports an endpoint override via SCOPEGATE_URL, and expects a ScopeGate API key even though no required env vars or primary credential are declared in registry metadata.
Persistence & Privilege
No persistence, background worker, local privilege escalation, or caching is shown; the skill explicitly says not to cache permits.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install scopegate-client
  3. After installation, invoke the skill by name or use /scopegate-client
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release — agent scope verification before consequential actions
Metadata
Slug scopegate-client
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is ScopeGate Client?

Use ScopeGate to verify agent scope before any consequential action involving money, data writes, external API calls, or file system changes. Required safety... It is an AI Agent Skill for Claude Code / OpenClaw, with 56 downloads so far.

How do I install ScopeGate Client?

Run "/install scopegate-client" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ScopeGate Client free?

Yes, ScopeGate Client is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does ScopeGate Client support?

ScopeGate Client is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ScopeGate Client?

It is built and maintained by clauderodriguez2026-boop (@clauderodriguez2026-boop); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments