← 返回 Skills 市场
Agent Attestation
作者
Ivan Cetta
· GitHub ↗
· v3.0.2
458
总下载
0
收藏
1
当前安装
13
版本数
在 OpenClaw 中安装
/install agent-attestation
功能描述
Portable reputation system for agents v3 - Ed25519 signatures, input validation, handoff KV
安全使用建议
This package appears to implement what it claims (local attestation, Ed25519 signing, and a handoff KV) and contains no network calls or requests for unrelated credentials, but it stores private keys and identity/reputation data unencrypted in default relative directories. Before installing or running: 1) review and run the code in a sandbox/isolated environment; 2) set keys_dir and KV directory to a secure absolute path outside any shared workspace; 3) restrict filesystem permissions (e.g., chmod 600 on private key files); 4) consider adding encryption at rest or protecting private keys with a passphrase or OS keyring; 5) install a vetted version of the 'cryptography' library from PyPI and review dependency versions; 6) audit the code yourself (or ask the author) if you need assurance there are no network endpoints beyond the included files. If you cannot ensure secure storage for the generated keys, treat the skill as risky for production use.
功能分析
Type: OpenClaw Skill
Name: agent-attestation
Version: 3.0.2
The skill bundle implements an agent attestation and identity persistence system. While the code uses strong cryptography (Ed25519) in `attestation_system_v3.py` and includes explicit security warnings in `attestation_system_v3.py`, `example_usage.py`, and `handoff_kv.py` about storing unencrypted private keys and identity data on disk, this practice constitutes a significant vulnerability. The direct storage of unencrypted private keys and sensitive identity information on the filesystem, even with warnings, represents a high-risk capability that could lead to compromise if the designated storage directories (`./keys`, `./attestation_kv`) are not adequately secured by the operating environment. This falls under the 'suspicious' category as a vulnerability, not malicious intent, due to the inherent risk of the capability itself.
能力评估
Purpose & Capability
Name/description (attestation, Ed25519, handoff KV) align with the included code: key management, signing/verification, input validation, and a simple on-disk KV are implemented. Minor inconsistency: registry metadata described the skill as instruction-only yet the package contains multiple Python source files implementing the features; this is likely just an author packaging choice rather than malicious misdirection.
Instruction Scope
SKILL.md and the example usage clearly require Python and the 'cryptography' library and warn about filesystem access. Runtime code only performs local file I/O (keys, attestations, manifest) and canonical signing/verification and input checks. There are no network calls or references to unrelated system paths or environment variables in the provided files.
Install Mechanism
No install spec or remote downloads are present; this is a code-bundle you run locally. The only external dependency is the Python 'cryptography' library (imported), which must be installed in your environment; there are no opaque third-party download URLs or extract steps.
Credentials
The skill requests no environment variables or external credentials, which is proportionate to its purpose. However, it generates and writes Ed25519 private keys to disk in PEM form unencrypted (KeyManager.generate_keypair) and stores identity/reputation data in an on-disk KV in cleartext by default. Default relative paths (./keys, ./attestation_kv) increase risk in shared or cloud/workspace environments. This is a storage/operational security concern (not an evidence of exfiltration).
Persistence & Privilege
The skill does not request forced persistent inclusion (always: false) nor does it modify other skills. It writes persistent files to configurable directories and thus can provide long-lived identity/reputation state; ensure those directories are chosen and permissioned appropriately. Autonomous invocation (disable-model-invocation: false) is the platform default and not a unique red flag here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install agent-attestation - 安装完成后,直接呼叫该 Skill 的名称或使用
/agent-attestation触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.0.2
- Minor update with internal code changes.
- Modified: attestation_system_v3.py.
- Modified: handoff_kv.py.
- No changes to public API or documentation.
v3.0.1
- Updated documentation and removed change log notes from SKILL.md.
- Minor edits to supporting files for clarity and consistency.
- No changes to overall feature set or functionality.
v3.0.0
No file changes detected for version 3.0.0.
- No updates or modifications included in this release.
- All features, usage, and documentation remain unchanged from the previous version.
v2.0.6
- Updated SKILL.md structure for improved metadata and formatting.
- Explicitly added version, author, and keywords fields.
- Metadata now includes an emoji for openclaw compatibility.
- Content and user instructions remain unchanged.
v2.0.5
- Updated SKILL.md to clarify version notation (changed "v3.0" to "v3" in the "What's New" section and file descriptions).
- Generalized references to v3 throughout documentation; removed redundant ".0" in version listings.
- No code or functionality changes—documentation only.
v2.0.4
- Updated SKILL.md version reference in the description from "v3.0" to "v3"
- Set the version in metadata to string format ("3.0.0")
- No functional or code changes; documentation formatting and metadata consistency improvements only
v2.0.3
- SKILL.md documentation was updated for greater conciseness and clarity.
- Introductory and descriptive text at the top of the document was removed.
- All feature and usage information is unchanged; no code or logic updates.
v2.0.2
Major update: Agent-attestation v3.0 introduces cryptographic signatures, input validation, and persistent identity features.
- Added Ed25519 cryptographic signature support for attestations (attestation_system_v3.py).
- Introduced input validation for higher data integrity.
- Added HandoffKV for key/value storage to persist and restore identities (handoff_kv.py).
- Expanded SKILL.md with updated usage, key management, and input validation instructions.
- Existing v2.0 implementation and file compatibility maintained.
v2.0.1
Fix: filepath Path conversion, compute_web_of_trust dict bug
v2.0.0
v2.0: Rolling window (30 days), vouching with skin in the game, task weights (low/medium/high/critical), hybrid ERC-8004 ready
v1.1.1
Re-publish to trigger VirusTotal scan
v1.1.0
v1.1.0: Added example_usage.py, clarified ALPHA status, fixed crypto/email limitations in docs
v1.0.0
Agent Attestation 1.1.0 introduces a portable reputation system for agents, enabling the creation, verification, and sharing of attestations that persist beyond individual platforms.
- Create, verify, and share agent attestations with plain text reasons for vouching.
- Export and import attestations as portable JSON files (.attest extension).
- Compute basic web-of-trust reputation scores using direct and indirect attestations.
- Provides full Python implementation and example usage scripts.
- Designed for interoperability and resilience in decentralized agent networks.
元数据
常见问题
Agent Attestation 是什么?
Portable reputation system for agents v3 - Ed25519 signatures, input validation, handoff KV. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 458 次。
如何安装 Agent Attestation?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-attestation」即可一键安装,无需额外配置。
Agent Attestation 是免费的吗?
是的,Agent Attestation 完全免费(开源免费),可自由下载、安装和使用。
Agent Attestation 支持哪些平台?
Agent Attestation 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Agent Attestation?
由 Ivan Cetta(@nantes)开发并维护,当前版本 v3.0.2。
推荐 Skills