← Back to Skills Marketplace
jadiaconu

AGNTCY Identity CLI

by Jean DIACONU · GitHub ↗ · v1.0.4 · MIT-0
cross-platform ✓ Security Clean
398
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install agntcy-identity-cli
Description
AGNTCY Identity Issuer CLI and Node Backend for managing verifiable agent identities, metadata, and badges.
README (SKILL.md)

AGNTCY Identity (Issuer CLI + Node Backend)

Use the identity CLI to create, manage, issue, and verify decentralized agent identities and badges within the AGNTCY ecosystem.

This tool enables:

  • Identity creation (Agents, MCP Servers, MASs)
  • BYOID onboarding (e.g., Okta-based identities)
  • Metadata generation
  • Badge issuance & publishing
  • Verifiable Credential (VC) verification

Requirements

  • Docker Desktop OR
    • Docker Engine v27+
    • Docker Compose v2.35+
  • Optional for demo:
    • Okta CLI
    • Ollama CLI

Core Commands

Vault Management

Manage cryptographic vaults and signing keys:

identity vault connect file -f ~/.identity/vault.json -v "My Vault" identity vault key generate

Issuer Management

Register and manage issuer configurations:

identity issuer register -o "My Organization" -c "$CLIENT_ID" -s "$CLIENT_SECRET" -u "$ISSUER_URL"

Metadata Management

Generate and manage identity metadata:

identity metadata generate -c "$CLIENT_ID" -s "$CLIENT_SECRET" -u "$ISSUER_URL"

Badge Issuance

Issue and publish badges (Verifiable Credentials):

identity badge issue mcp -u \x3Chttp://localhost:9090> -n "My MCP Server" identity badge publish

Verification

Verify published badges:

identity verify -f vcs.json

Running the Node Backend

Start locally using Docker:

git clone \x3Chttps://github.com/agntcy/identity.git> cd identity ./deployments/scripts/identity/launch_node.sh

Or:

make start_node

Typical Workflow

  1. Install CLI
  2. Start Node Backend
  3. Create vault + keys
  4. Register Issuer
  5. Generate metadata
  6. Issue badge
  7. Publish badge
  8. Verify badge

Security notes (read before providing secrets)

  • ~/.identity/vault.json can contain signing key material and should be treated as a high-value secret. Use a dedicated test vault for evaluation; do not reuse production keys.
  • CLIENT_SECRET is a high-value secret. Only provide it after you have reviewed the code/binaries you will run and you are operating in a controlled environment.
  • Avoid pasting secrets into chat, logs, tickets, or issue trackers. Prefer secure secret injection.

Notes

  • The CLI binary name is identity.
  • Public issuer keys are exposed via: /v1alpha1/issuer/{common_name}/.well-known/jwks.json
  • Published VCs are accessible via: /v1alpha1/vc/{metadata_id}/.well-known/vcs.json
  • Supports Agents, MCP Servers, and MASs.
  • Follows decentralized identity standards (e.g., W3C DIDs).
Usage Guidance
This skill appears to be what it says: an identity issuer CLI. Before installing or providing CLIENT_SECRET or vault keys, do the following: (1) inspect the GitHub repo and any scripts you will run (launch_node.sh, Makefile) — those will be executed on your machine; (2) prefer installing in an isolated/test environment (container/VM) and use a dedicated test vault rather than production keys; (3) ensure Docker and Docker Compose are available before following the Node backend steps (SKILL.md mentions them but they are not listed in the skill's required binaries); (4) avoid pasting secrets into chat or logs and inject secrets via secure mechanisms; (5) if you need higher assurance, ask the maintainer for signed releases or use a vetted binary distribution rather than building from source.
Capability Analysis
Type: OpenClaw Skill Name: agntcy-identity-cli Version: 1.0.4 The skill bundle provides a CLI tool and backend for managing decentralized identities and verifiable credentials. While it handles sensitive data such as OAuth secrets and private keys (vault.json), these are standard requirements for an Identity Provider (IdP) tool. The installation process via 'go install' and the execution of local scripts from the 'agntcy/identity' GitHub repository are consistent with the stated purpose, and the documentation includes explicit security warnings regarding secret handling.
Capability Assessment
Purpose & Capability
Name/description match the requested items: a CLI named `identity`, an install via `go install` of the issuer module, and env vars ISSUER_URL, CLIENT_ID, CLIENT_SECRET which are appropriate for IdP-backed issuer flows. The declared config path for a vault is consistent with a signing-key vault.
Instruction Scope
SKILL.md contains concrete CLI examples and runtime instructions that reference ~/.identity/vault.json, use of CLIENT_SECRET/CLIENT_ID/ISSUER_URL, and steps to run a Node backend by cloning the GitHub repo and executing launch scripts or make targets. Those instructions require fetching and executing code from the repo and using Docker; the doc warns about secrets but the runtime steps still involve running external scripts which increases risk if you haven't audited the repo.
Install Mechanism
Install uses `go install` of a GitHub module (github.com/agntcy/identity/cmd/issuer) — a standard but still remote build/install operation. This is a moderate-risk install mechanism because it compiles/installs code pulled from a remote repository. The SKILL.md also tells users to git clone and run scripts from the same GitHub repo (manual fetch+execute of repo scripts), which is an additional execution-surface to review before running.
Credentials
Requested env vars (ISSUER_URL, CLIENT_ID, CLIENT_SECRET) and a vault path are directly related to an identity issuer service. The SECRET is high-value but justified by the stated purpose. No unrelated credentials are requested.
Persistence & Privilege
always is false and the skill does not request elevated platform-wide persistence or modify other skills. The skill is allowed to be invoked autonomously by default (normal behavior) but nothing here grants it unusual permanent privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install agntcy-identity-cli
  3. After installation, invoke the skill by name or use /agntcy-identity-cli
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.4
- Updated environment variable and config path requirements to use simplified "env" and "config" keys. - Added an explicit "Security notes" section with clear guidance on handling sensitive files and secrets (vault.json and CLIENT_SECRET). - Deprecated inline descriptions for env/config fields, moving to a more concise format. - No functional or command changes to the skill; documentation clarity and security emphasis improved.
v1.0.3
- Added sensitive and required flags to environment variables (CLIENT_ID, CLIENT_SECRET, ISSUER_URL) for improved clarity and security in configuration. - Documented new local configuration path (~/.identity/vault.json) and marked it as sensitive. - No functional or command changes. Documentation and metadata improvements only.
v1.0.2
- Updated install instructions: removed shell script install method, now supports Go install only. - Added required environment variables (ISSUER_URL, CLIENT_ID, CLIENT_SECRET) for configuration. - Environment variable documentation now specifies which are optional. - Minor formatting improvements in documentation and example URLs.
v1.0.1
- No user-facing changes; this version includes no file modifications. - All features and documentation remain unchanged from the previous release.
v1.0.0
AGNTCY Identity Issuer CLI and Node Backend, initial release: - Introduces CLI and Node backend for managing verifiable agent identities, metadata, and badges. - Supports identity creation for Agents, MCP Servers, and MASs, including BYOID onboarding. - Enables metadata generation, badge issuance & publishing, and credential verification. - Offers Docker-based backend initialization and a comprehensive set of CLI commands for managing vaults, issuers, metadata, and badges. - Follows decentralized identity standards such as W3C DIDs.
Metadata
Slug agntcy-identity-cli
Version 1.0.4
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 5
Frequently Asked Questions

What is AGNTCY Identity CLI?

AGNTCY Identity Issuer CLI and Node Backend for managing verifiable agent identities, metadata, and badges. It is an AI Agent Skill for Claude Code / OpenClaw, with 398 downloads so far.

How do I install AGNTCY Identity CLI?

Run "/install agntcy-identity-cli" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is AGNTCY Identity CLI free?

Yes, AGNTCY Identity CLI is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does AGNTCY Identity CLI support?

AGNTCY Identity CLI is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created AGNTCY Identity CLI?

It is built and maintained by Jean DIACONU (@jadiaconu); the current version is v1.0.4.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments