← 返回 Skills 市场
Agent Identity
作者
Ivan Cetta
· GitHub ↗
· v1.0.5
579
总下载
0
收藏
0
当前安装
6
版本数
在 OpenClaw 中安装
/install agent-id-osiris
功能描述
Cryptographic identity for AI agents - sign and verify agent messages
使用说明 (SKILL.md)
Agent Identity Skill
Cryptographic identity system for AI agents. Sign messages, verify agents, prove who you are.
Files included:
identity.py- Python CLI (cross-platform)agent-identity.ps1- PowerShell wrapper (Windows)
What it does
- Generate Key Pair - Create Ed25519 or RSA keys for your agent
- Sign Messages - Cryptographically sign messages
- Verify Signatures - Verify messages from other agents
- Agent ID - Generate persistent agent ID from public key
- Agent Card - Generate signed Agent Card for A2A/MCP
Installation
# Install Python dependency
pip install cryptography
Usage
Option 1: PowerShell (recommended on Windows)
.\agent-identity.ps1 -Action generate -AgentName "MyAgent" -KeyType ed25519 -Password "secret123"
Option 2: Python CLI (cross-platform)
python identity.py generate --name MyAgent --key-type ed25519 --password secret123
Available Commands
All commands work with both PowerShell and Python:
Generate Identity (with password encryption)
.\agent-identity.ps1 -Action generate -AgentName "MyAgent" -KeyType ed25519 -Password "secret123"
Sign Message
.\agent-identity.ps1 -Action sign -Message "Hello world" -PrivateKeyPath "keys/private.pem" -Password "secret123"
Verify Signature
.\agent-identity.ps1 -Action verify -Message "Hello world" -Signature "base64-signature" -PublicKeyPath "keys/public.pem"
Get Agent ID
.\agent-identity.ps1 -Action id -PublicKeyPath "keys/public.pem"
Sign Agent Card
.\agent-identity.ps1 -Action card -PublicKeyPath "keys/public.pem" -PrivateKeyPath "keys/private.pem" -Name "MyAgent" -Description "Research agent" -Capabilities "research,analysis" -Endpoint "https://myagent.com/a2a" -Password "secret123"
⚠️ Security Warnings
Password on Command Line
WARNING: Passing passwords on the command line is insecure because:
- CLI arguments can be visible to other processes
- Command history is stored in logs
- Use only for testing, not production
For production, use interactive password input or environment variables.
Private Key Storage
- Keys are stored in
keys/directory - Ensure proper file permissions
- Back up your keys securely
- Never share your private key
Requirements
- Python 3.8+
- cryptography library
License
MIT
安全使用建议
This skill appears to do what it says: create and manage local cryptographic keys for an AI agent. Before installing: (1) verify the missing PowerShell wrapper if you need the Windows flow or use the provided Python CLI instead; (2) don't pass private-key passwords on the command line in production — use interactive input or environment-secure methods; (3) test RSA workflows (signing agent cards) because identity.py currently uses a generic private_key.sign call that may fail for RSA keys; (4) protect the keys/ directory with proper file permissions and backups; (5) review the small code bundle yourself if you need to ensure there are no changes (no network calls are present). If any of these issues worry you, run the tool in an isolated environment or request an updated release that fixes the RSA signing and includes the promised PowerShell wrapper.
功能分析
Type: OpenClaw Skill
Name: agent-id-osiris
Version: 1.0.5
The OpenClaw AgentSkills bundle provides cryptographic identity features for AI agents, including key generation, message signing/verification, and agent card creation. The `identity.py` script uses the standard `cryptography` library and performs file operations only within a designated `keys/` directory. The `SKILL.md` documentation clearly outlines the skill's purpose and even includes explicit security warnings regarding insecure practices like passing passwords on the command line. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent. The code's behavior is fully aligned with its stated purpose, and any potential security risks (e.g., command-line passwords) are openly acknowledged as warnings, not hidden malicious features.
能力评估
Purpose & Capability
Name/description (agent identity, sign/verify) matches the shipped Python CLI: key generation, signing, verification, agent ID and signed agent card. Required binary (python) and dependency (cryptography) are appropriate. Minor inconsistencies: SKILL.md references a PowerShell wrapper (agent-identity.ps1) that is not present in the bundle and the SKILL.md metadata/homepage are generic; version strings differ between metadata and registry. These are implementation quirks, not indicators of mismatched purpose.
Instruction Scope
SKILL.md instructs only local key generation and signature operations and warns about insecure CLI password usage — scope stays within the stated purpose. Two issues to be aware of: (1) the PowerShell wrapper is referenced but not included, so the recommended Windows flow may be missing; (2) in identity.py the sign_agent_card() function calls private_key.sign(card_json) without handling RSA signing parameters (padding/hash), which will work for Ed25519 but likely raises errors for RSA keys — a functional bug rather than malicious behavior.
Install Mechanism
There is no download/install script; SKILL.md simply instructs installing the standard 'cryptography' Python package via pip. No remote URLs, archive extraction, or third-party installers are used in the skill bundle.
Credentials
The skill requests no environment variables or external credentials. It stores keys in a local 'keys/' directory; SKILL.md warns about file permissions and password handling. Requested scope of access (local filesystem for keys) is proportionate to the stated function.
Persistence & Privilege
The skill does not request always: true or any elevated/platform-wide privileges. It does not modify other skills or system configs. Default autonomous invocation is allowed (platform default) but the skill itself performs only local operations.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install agent-id-osiris - 安装完成后,直接呼叫该 Skill 的名称或使用
/agent-id-osiris触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.5
Force rescan - verified working
v1.0.4
Added security warnings about CLI passwords
v1.0.3
Fixed password support, fixed Ed25519 signing, added card command, fixed PowerShell wrapper
v1.0.2
Fixed SKILL.md - clarified PowerShell and Python usage, added file listing
v1.0.1
Added encrypted key storage and Agent Card signing
v1.0.0
- Initial release of agent-identity skill providing cryptographic identity for AI agents.
- Supports generating Ed25519 or RSA key pairs.
- Enables message signing and signature verification.
- Generates deterministic Agent IDs from public keys.
- Includes Agent Card signing and verification for agent authentication.
- Uses Python 3.8+ and the cryptography library.
元数据
常见问题
Agent Identity 是什么?
Cryptographic identity for AI agents - sign and verify agent messages. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 579 次。
如何安装 Agent Identity?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-id-osiris」即可一键安装,无需额外配置。
Agent Identity 是免费的吗?
是的,Agent Identity 完全免费(开源免费),可自由下载、安装和使用。
Agent Identity 支持哪些平台?
Agent Identity 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Agent Identity?
由 Ivan Cetta(@nantes)开发并维护,当前版本 v1.0.5。
推荐 Skills