← Back to Skills Marketplace
masterworrall

Solid Agent Storage

by Paul Worrall · GitHub ↗ · v0.3.9
cross-platform ✓ Security Clean
790
Downloads
2
Stars
1
Active Installs
16
Versions
Install in OpenClaw
/install solid-agent-storage
Description
Give your AI agent persistent identity (WebID) and personal data storage (Pod) using the Solid Protocol
Usage Guidance
This skill appears to do exactly what it says: create and manage Solid WebIDs/Pods and store the resulting credentials encrypted on disk. Before installing, decide whether you trust the default server (https://crawlout.io) — if not, run your own Community Solid Server and set SOLID_SERVER_URL. Use a strong, unique INTERITION_PASSPHRASE and keep it secret: it decrypts your stored client id/secret and any saved agent password. Provisioning will create accounts and store generated passwords locally (encrypted) and deprovision will attempt to remove the server-side account but may not fully remove it in all cases; plan accordingly. If you need maximal control/privacy, self-host the Solid server and review the provided scripts (dist/ and scripts/) yourself before use.
Capability Analysis
Type: OpenClaw Skill Name: solid-agent-storage Version: 0.3.9 The skill is designed to provide persistent identity and data storage for AI agents using the Solid Protocol. It securely handles credentials by encrypting them locally with AES-256-GCM and PBKDF2, protected by an environment variable (`INTERITION_PASSPHRASE`), and stores them with `0600` file permissions in `~/.interition/agents/`. All network communication is explicitly directed to a configurable Solid server (defaulting to `https://crawlout.io`), with no evidence of unauthorized data exfiltration or telemetry. Shell scripts (`scripts/*.sh`) use safe practices (`set -euo pipefail`, `"$@"`) to prevent injection, and the Node.js code uses built-in modules without `eval` or dynamic code execution. The `SKILL.md` and other documentation provide clear instructions for users and do not contain any prompt injection attempts against the AI agent.
Capability Assessment
Purpose & Capability
Name/description, required binaries (node, curl, jq), env vars (INTERITION_PASSPHRASE, SOLID_SERVER_URL), and provided CLI scripts all match a Solid Pod provisioning and token workflow. The code implements account/pod/client-credential management, token fetch, and local encrypted credential storage — all expected for this functionality.
Instruction Scope
Runtime instructions stay within the stated scope (provision, get-token, read/write via Bearer tokens). Two operational notes: (1) The Skill defaults to a third-party server (https://crawlout.io) if SOLID_SERVER_URL is unset — this means provisioning will create accounts and send credentials to that external host unless you explicitly point to your own server. (2) Provisioning generates and stores an email/password alongside client credentials in an encrypted local store; deprovision will attempt to remove the account but may be partial if credentials are missing. These behaviors are coherent but have privacy/trust implications the user should consider.
Install Mechanism
Install spec only asks to install jq via Homebrew (low risk). The rest of the skill is shipped as JS scripts intended to run under the user's node runtime; no remote, opaque downloads or archive extraction are performed by the install spec.
Credentials
Only two env vars are required and both are justified: INTERITION_PASSPHRASE to encrypt local credentials and SOLID_SERVER_URL to target a Solid server. INTERITION_PASSPHRASE is appropriately declared as primaryEnv. No unrelated secrets or broad credential access are requested.
Persistence & Privilege
The skill does write to a local directory (~/.interition/agents/) to store encrypted credentials, which is appropriate for persistent agent identity. always:false (not force-included) and it does not modify other skills or system-wide agent configuration. Autonomous invocation is allowed (platform default) but not combined with other privilege escalation indicators.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install solid-agent-storage
  3. After installation, invoke the skill by name or use /solid-agent-storage
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.3.9
v0.3.9: Remove eval shell injection from reference docs — fixes suspicious classification
v0.3.8
No changelog provided
v0.3.7
Declare SOLID_SERVER_URL and config path in metadata, add Solid Protocol spec references
v0.3.6
Fix registry metadata mismatch: restructure frontmatter to metadata.openclaw format, add jq to required bins, add primaryEnv and brew install spec, recommend self-hosted CSS as default
v0.3.5
Fix registry metadata mismatch: restructure frontmatter to metadata.openclaw format, add jq to required bins, add primaryEnv and brew install spec, recommend self-hosted CSS as default
v0.3.4
Fix registry metadata mismatch: restructure frontmatter to metadata.openclaw format, add jq to required bins, add primaryEnv and brew install spec, recommend self-hosted CSS as default
v0.3.3
Fix registry metadata mismatch: restructure frontmatter to metadata.openclaw format, add jq to required bins, add primaryEnv and brew install spec, recommend self-hosted CSS as default
v0.3.2
Fix registry metadata mismatch: restructure frontmatter to metadata.openclaw format, add jq to required bins, add primaryEnv and brew install spec, recommend self-hosted CSS as default
v0.3.1
Add jq to required binaries, fix registry metadata mismatch (bins, env vars, package type)
v0.0.6
Now uses Interition’s hosted Solid test server (https://crawlout.io) by default.
v0.0.5
Token + curl workflow — CRUD scripts have been replaced with a simpler two-step pattern: get a Bearer token with get-token.sh, then use standard curl for all Solid operations. Your Pod is a W3C Solid server — no proprietary wrappers needed. Solid HTTP reference — New built-in reference documentation covers read, write, delete, containers, and access control using raw Solid Protocol calls. No need to leave your agent session to look up the API. Full deprovision — deprovision.sh now tears down the CSS account, removes the Pod, and cleans up local encrypted credentials. Graceful degradation if the server is unreachable. Local and remote CSS profiles — Connect to a local Docker CSS (shared network namespace) or a remote server (e.g., solidcommunity.net over HTTPS). Both workflows are documented and tested. Multi-agent sharing exercise — Step-by-step guide for two agents granting and revoking access to each other's Pod resources using WAC. Improvements - Clearer setup instructions in SKILL.md with explicit prerequisites - Better error messages from all management scripts - Hardened against common failure modes found during dogfooding - Documentation fixes for script paths and environment variables Dogfooding Validated This release was tested end-to-end inside a hardened OpenClaw container (read-only filesystem, non-root user, dropped capabilities, Squid proxy) installed directly from ClawHub. Every workflow — provision, store, read, share, revoke, deprovision — was validated from the agent's perspective.
v0.0.4
Token + curl replaces CRUD scripts. Instead of dedicated scripts for read, write, grant-access, and revoke-access, use get-token.sh to fetch a Bearer token and standard curl for all Solid operations. A new solid-http-reference.md provides concrete curl examples for every operation including ACL management. Also adds deprovision.sh for full agent teardown.
v0.1.3
Add guidance for direct Solid Protocol operations beyond CLI commands
v0.1.2
Attemtping to resolve issue with ClawHub form upload not extracting frontmatter into registry metadata
v0.1.1
Fix security claims: clarify configurable server target, clarify CSS prerequisite, strip source maps
v0.1.0
Initial release: Prototype, WebID identity, Pod storage, WAC access control for OpenClaw agents
Metadata
Slug solid-agent-storage
Version 0.3.9
License
All-time Installs 1
Active Installs 1
Total Versions 16
Frequently Asked Questions

What is Solid Agent Storage?

Give your AI agent persistent identity (WebID) and personal data storage (Pod) using the Solid Protocol. It is an AI Agent Skill for Claude Code / OpenClaw, with 790 downloads so far.

How do I install Solid Agent Storage?

Run "/install solid-agent-storage" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Solid Agent Storage free?

Yes, Solid Agent Storage is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Solid Agent Storage support?

Solid Agent Storage is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Solid Agent Storage?

It is built and maintained by Paul Worrall (@masterworrall); the current version is v0.3.9.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments