← Back to Skills Marketplace
Verified Agent Identity
by
ferdiannsy33-pixel
· GitHub ↗
· v0.1.0
393
Downloads
1
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install verified-agent-identity-2
Description
Billions/Iden3 authentication and identity management tools for agents. Link, proof, sign, and verify.
Usage Guidance
Do not install or run this skill yet. The SKILL.md references Node scripts and the openclaw CLI but the published package contains only SKILL.md (no scripts), and the registry metadata omits required binaries and the config path where private keys are stored — this mismatch could be benign (incomplete packaging) or malicious (instructions cause runtime fetching of code and handling of private keys). Before proceeding: 1) Ask the publisher for the full source repository or packaged scripts and verify the exact scripts referenced. 2) Inspect every script to see how private keys are generated, stored, and used (search for network endpoints, telemetry, and remote uploads). 3) Never run 'npm install' or node scripts on your primary machine before auditing; run in an isolated sandbox. 4) Confirm where keys are stored and consider using an external/HSM wallet or ephemeral keys you can revoke. 5) If you need this functionality but cannot review the code, prefer a well-known, reviewed implementation or request a signed release from the project homepage. If you proceed without code review, treat the skill as high-risk and be prepared to rotate/revoke any keys created.
Capability Analysis
Type: OpenClaw Skill
Name: verified-agent-identity-2
Version: 0.1.0
The skill manages sensitive decentralized identities (DIDs) and explicitly stores unencrypted private keys in `$HOME/.openclaw/billions/kms.json`, which is a critical security vulnerability. The scripts `signChallenge.js` and `linkHumanToAgent.js` are designed to transmit signed JWS tokens to external identifiers via the `openclaw` messaging system, creating a risk of identity misuse if the agent is prompted to interact with malicious actors. While these behaviors align with the stated purpose of identity management for the Billions Network (billions.network), the handling of raw cryptographic material and the potential for unauthorized signing warrant a suspicious classification.
Capability Assessment
Purpose & Capability
The description says 'identity/authentication' which fits the actions described (create DIDs, sign/verify). However the registry metadata lists no required binaries or config paths while the SKILL.md explicitly requires node and the openclaw CLI and stores keys under $HOME/.openclaw/billions — that inconsistency is unexplained and concerning.
Instruction Scope
Runtime instructions tell the agent to run scripts that create private keys, sign challenges, and send JWS tokens via openclaw. Those are high-sensitivity actions (private key creation, storage, and signing). The SKILL.md also forbids manual crypto tooling and file edits, but the skill package contains only the SKILL.md and no scripts, meaning the agent would attempt to run non‑existent code or fetch dependencies at runtime.
Install Mechanism
There is no install spec, but the SKILL.md instructs the user/agent to run 'cd scripts && npm install' which would pull remote packages at runtime. Since no scripts/JS files are bundled with the skill, this implies runtime network fetches and execution of third-party code — a higher-risk install pattern not declared in the registry.
Credentials
The skill does not declare any required environment variables or credentials, but it writes and reads sensitive material (private keys, challenges) to $HOME/.openclaw/billions. Storing private keys locally is expected for an identity tool, but the skill failing to declare that config path in metadata is an inconsistency and increases the chance of unexpected key exposure.
Persistence & Privilege
The skill is not forced-always, and autonomous invocation is allowed (platform default). It persists identity data and private keys under the user's home directory. Combined with the ability to sign challenges, autonomous invocation could allow the agent to sign/supply attestations without explicit human approval — this is normal for identity tooling but deserves explicit user controls.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install verified-agent-identity-2 - After installation, invoke the skill by name or use
/verified-agent-identity-2 - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of verified-agent-identity skill for agent identity management on the Billions Network.
- Enables agents to create, manage, and link decentralized identities using Iden3/Billions.
- Provides scripts for identity creation, challenge generation, signature verification, and owner linking.
- Strict guardrails ensure identity is properly created before linking and prohibit manual cryptographic workarounds.
- Sensitive data stored in `$HOME/.openclaw/billions` for OpenClaw compatibility.
- Includes comprehensive usage examples and security precautions.
Metadata
Frequently Asked Questions
What is Verified Agent Identity?
Billions/Iden3 authentication and identity management tools for agents. Link, proof, sign, and verify. It is an AI Agent Skill for Claude Code / OpenClaw, with 393 downloads so far.
How do I install Verified Agent Identity?
Run "/install verified-agent-identity-2" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Verified Agent Identity free?
Yes, Verified Agent Identity is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Verified Agent Identity support?
Verified Agent Identity is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Verified Agent Identity?
It is built and maintained by ferdiannsy33-pixel (@ferdiannsy33-pixel); the current version is v0.1.0.
More Skills