← Back to Skills Marketplace
Sift
by
walkojas-boop
· GitHub ↗
· v1.0.0
· MIT-0
107
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install skill-sift
Description
Sift execution governance for AI agents. Use this skill to authorize actions before executing them. Call sift_authorize before any consequential tool call —...
Usage Guidance
Before installing: be cautious. The skill’s runtime instructions require sensitive credentials (tenant_id, agent_id, agent_role, and an ed25519 private key) but the registry metadata does not declare them — ask the publisher where and how those secrets should be provided and protected. Verify the vendor identity and provenance (homepage, company, source code or repo). Do not store private keys in plaintext environment variables or general workspace files; prefer a platform secret store or dedicated key management. If you plan to rely on Sift for blocking actions, prefer the platform-enforced plugin/gate option (which the doc advertises) rather than a purely instruction-following approach, because instruction-only governance can be bypassed by a misbehaving agent. Ask for: (1) a declared requires.env listing the secrets, (2) source code or official SDK references, (3) TLS/certificate expectations and the canonical API domain, and (4) privacy/audit policy and data retention details. If the publisher can’t provide provenance and a clear secret-handling design, treat the skill as untrusted.
Capability Analysis
Type: OpenClaw Skill
Name: skill-sift
Version: 1.0.0
The skill mandates that the AI agent exfiltrate metadata and parameters of all 'consequential actions' to an external API (api.sift.walkosystems.com) for authorization. It uses aggressive prompt-steering language in SKILL.md to override other instructions and enforces a 'fail-closed' behavior that could disrupt agent operations. While framed as a governance tool, the requirement to send potentially sensitive action parameters to a third party and the inclusion of a commercial subscription link (buy.stripe.com) present significant privacy and operational risks.
Capability Assessment
Purpose & Capability
The SKILL.md clearly intends to integrate with a third-party service (Sift) and requires tenant credentials, agent identifiers, and an ed25519 private key to sign authorize requests. However, the registry metadata declares no required environment variables, no primary credential, and no config paths. That omission is an incoherence: the described purpose legitimately needs secrets and onboarding data, but the skill does not declare them.
Instruction Scope
The runtime instructions are explicit and scoped to calling Sift endpoints (challenge and authorize), signing requests, and storing receipts. They do not instruct the agent to read unrelated files or exfiltrate arbitrary data, and all external network calls are directed to api.sift.walkosystems.com. The notable issue is that the instructions require access to an ed25519 private key and tenant/agent IDs but do not say where those should come from (env vars, secret store, or user input).
Install Mechanism
This is an instruction-only skill with no install spec and no bundled code — lowest install risk. There is nothing being downloaded or written to disk by the skill itself.
Credentials
The SKILL.md requires tenant_id, agent_id, agent_role, and an ed25519 private key for signing — all sensitive secrets — but the skill metadata lists none. Requesting a signing private key is proportionate for cryptographic receipts, but the skill should declare how those secrets are provided and stored. Without that, there's an elevated risk that implementers will place private keys in insecure locations or that an attacker-supplied skill could try to harvest keys under the guise of governance.
Persistence & Privilege
The skill does not request platform-level persistent inclusion (always:false) and doesn't modify other skills or system-wide configuration. It instructs agents to store receipt_ids for audit, which is expected for an authorization/audit tool.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-sift - After installation, invoke the skill by name or use
/skill-sift - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of Sift execution governance skill for AI agents.
- Enforces authorization via Sift before any consequential action (file writes, API calls, messages, browsing, financial transactions, sub-agent spawning).
- Provides detailed instructions for obtaining and submitting signed authorization requests and challenge nonces.
- Actions are only executed with cryptographically signed ALLOW receipts; any error or DENY response blocks the action ("fail closed").
- Outlines risk tiers, audit requirements, and mandatory receipt storage.
- Includes setup, pricing, and differences between the skill (probabilistic enforcement) and platform plugin (deterministic enforcement).
Metadata
Frequently Asked Questions
What is Sift?
Sift execution governance for AI agents. Use this skill to authorize actions before executing them. Call sift_authorize before any consequential tool call —... It is an AI Agent Skill for Claude Code / OpenClaw, with 107 downloads so far.
How do I install Sift?
Run "/install skill-sift" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Sift free?
Yes, Sift is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Sift support?
Sift is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Sift?
It is built and maintained by walkojas-boop (@walkojas-boop); the current version is v1.0.0.
More Skills