← Back to Skills Marketplace
paparusi

A2A Vault

by Lê Minh Hiếu · GitHub ↗ · v2.0.0
cross-platform ⚠ suspicious
469
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install a2a-vault
Description
Zero-knowledge secrets management via PassBox — store, retrieve, rotate, and inject credentials securely.
README (SKILL.md)

A2A Vault (PassBox)

Zero-knowledge secrets management. Store API keys, tokens, and credentials with client-side encryption. The server never sees plaintext values.

Quick Start

Store a secret:

Use passbox_set_secret with vault "my-project", key "API_KEY", value "sk-abc123"

Retrieve a secret:

Use passbox_get_secret with vault "my-project", key "API_KEY"

Available Tools

Secret Operations

Tool Description
passbox_get_secret Retrieve and decrypt a secret
passbox_set_secret Create or update a secret (encrypted before upload)
passbox_list_secrets List secret names (values not returned)
passbox_delete_secret Delete a secret
passbox_rotate_secret Trigger manual secret rotation

Vault Management

Tool Description
passbox_list_vaults List all available vaults
passbox_list_environments List environments (dev, staging, prod)
passbox_get_environment Get all secrets in an environment

.env Integration

Tool Description
passbox_diff_env Compare local .env with vault secrets
passbox_import_env Import .env file into vault

Workflows

Set up project credentials

  1. passbox_list_vaults — see existing vaults
  2. passbox_set_secret — store each credential
  3. passbox_list_secrets — verify all keys are stored

Sync .env with vault

  1. Read your local .env file
  2. passbox_diff_env — see what's different
  3. passbox_import_env — push local secrets to vault

Environment promotion

  1. passbox_get_environment for "dev"
  2. Review values
  3. passbox_set_secret for each key in "staging"

Credential injection

Use with a2a_secure_execute to automatically inject secrets:

Use a2a_secure_execute with toolId "my-api-tool" and input { "apiKey": "{{API_KEY}}" }, vault "my-project"

The {{API_KEY}} placeholder is resolved from PassBox before execution.

Security Model

  • Client-side encryption: Values are encrypted before leaving your device
  • Zero-knowledge: The server stores only ciphertext
  • Environment isolation: dev/staging/prod secrets are fully separated
  • Audit trail: All access is logged
  • Secret rotation: Built-in rotation support with webhooks
Usage Guidance
Before installing, verify the npm package provenance and vendor: look up @a2a/openclaw-plugin on the registry, inspect its source repository and recent releases, and confirm the publisher identity. Ask the author to declare any required file paths/permissions (reading .env) and to explain how decrypted secrets are handled, logged, or transmitted (especially with passbox_get_environment and a2a_secure_execute). If you plan to use this in sensitive environments, consider restricting the agent's file access or testing in a low-risk environment first, and require explicit confirmation before any bulk export/injection of secrets. If you cannot verify the package source or the team, treat the installation as higher-risk and avoid granting the agent access to production .env files or production secrets until you have more provenance.
Capability Analysis
Type: OpenClaw Skill Name: a2a-vault Version: 2.0.0 The skill bundle defines a 'a2a-vault' for zero-knowledge secrets management. All described tools (`passbox_get_secret`, `passbox_set_secret`, `passbox_import_env`, etc.) align with its stated purpose of securely storing, retrieving, and managing credentials. While the skill handles sensitive data and relies on an external Node.js plugin (`@a2a/openclaw-plugin`) for functionality, the provided files contain no evidence of malicious intent, data exfiltration, unauthorized execution, or prompt injection attempts against the agent. The capabilities, such as reading `.env` files, are explicitly part of its legitimate design.
Capability Assessment
Purpose & Capability
Name/description (zero-knowledge secrets management) align with the listed passbox_* tools (store, retrieve, list, rotate, import .env, inject into executions). The install spec (npm package @a2a/openclaw-plugin) plausibly provides those tools.
Instruction Scope
SKILL.md explicitly instructs the agent to "Read your local .env file" and to perform bulk retrievals (passbox_get_environment) and automated injection (a2a_secure_execute). The skill declares no required config paths or file permissions, and does not constrain how retrieved plaintext secrets may be handled or transmitted. Asking the agent to read local files and resolve placeholders increases the risk of unintended exfiltration and is not declared in the metadata.
Install Mechanism
The install uses an npm package (@a2a/openclaw-plugin). That's a typical mechanism but adds moderate risk compared with instruction-only skills. There is no homepage, source repository, or release provenance in the metadata, which reduces confidence in the package's trustworthiness.
Credentials
No environment variables or credentials are requested, which is reasonable. However, the skill instructs reading local .env files and retrieving entire environment secret sets without declaring file/config access; that implicit request for local file access and bulk secret access is disproportionate to the metadata and should be explicitly declared and justified.
Persistence & Privilege
always is false and the skill is user-invocable. The skill does not request persistent system-wide privileges in the manifest and does not claim to modify other skills or system configs.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install a2a-vault
  3. After installation, invoke the skill by name or use /a2a-vault
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.0
Initial release — PassBox zero-knowledge secrets management with 10 tools
Metadata
Slug a2a-vault
Version 2.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is A2A Vault?

Zero-knowledge secrets management via PassBox — store, retrieve, rotate, and inject credentials securely. It is an AI Agent Skill for Claude Code / OpenClaw, with 469 downloads so far.

How do I install A2A Vault?

Run "/install a2a-vault" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is A2A Vault free?

Yes, A2A Vault is completely free (open-source). You can download, install and use it at no cost.

Which platforms does A2A Vault support?

A2A Vault is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created A2A Vault?

It is built and maintained by Lê Minh Hiếu (@paparusi); the current version is v2.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments