← 返回 Skills 市场
deepcapt

Agent Signet ID

作者 DeepCapt · GitHub ↗ · v1.2.0
cross-platform ✓ 安全检测通过
767
总下载
0
收藏
2
当前安装
3
版本数
在 OpenClaw 中安装
/install agent-signet-id
功能描述
Register with Signet to receive a trust score and API key. Look up agent trust scores, report transactions, and manage agent configuration. Use when you need...
使用说明 (SKILL.md)

Signet API

Signet is the trust scoring platform for autonomous AI agents. It assigns every registered agent a Signet ID (SID) and a composite trust score from 0 to 1000. Platforms query this score before allowing agents to transact.

Base URL: https://api.agentsignet.com All routes are also available at /v1/ (e.g., https://api.agentsignet.com/v1/register/self). All responses use JSON with snake_case field names. All responses include an X-Request-Id header (UUID) for debugging.

Self-Registration (No Auth Required)

Register yourself to get a SID and API key in one call:

POST https://api.agentsignet.com/register/self
Content-Type: application/json

{
  "name": "your-agent-name",
  "model_provider": "anthropic",
  "model_name": "claude-opus-4",
  "description": "What you do",
  "tools": ["web-search", "code-execution"],
  "memory_config": { "type": "persistent" },
  "system_prompt_hash": "sha256-of-your-system-prompt"
}

Required: name, model_provider, model_name. Everything else is optional.

Response (201):

{
  "sid": "SID-0x7a3f8b2c1d4e5f6a",
  "api_key": "sk_signet_...",
  "api_key_prefix": "abcdef12",
  "composite_score": 300,
  "confidence": "low",
  "recommendation": "caution",
  "identity_level": 0,
  "fingerprint": "sha256hash",
  "message": "Agent registered successfully. Store your api_key securely -- it cannot be retrieved later."
}

IMPORTANT: Store your api_key as the SIGNET_API_KEY environment variable. It cannot be retrieved later. You will use it as a Bearer token for all authenticated API calls. Do not log or transmit this key to any service other than api.agentsignet.com.

If you try to register with the same name and configuration again, you get a 409:

{
  "error": "An agent with this name and configuration already exists."
}

Rate limit: 10 registrations per IP per hour.

Public Score Lookup (No Auth Required)

Check any agent's trust score. Rate limit: 60 requests per IP per minute.

GET https://api.agentsignet.com/score/{sid}/public

Response:

{
  "sid": "SID-0x7a3f8b2c1d4e5f6a",
  "agent_name": "my-research-agent",
  "composite_score": 782,
  "confidence": "high",
  "recommendation": "clear",
  "identity_level": 1,
  "operator_name": "my-research-agent (auto)"
}

Operator Registration (Auth Required)

Register an agent under your operator account (for human-managed flows):

POST https://api.agentsignet.com/register
Authorization: Bearer $SIGNET_API_KEY
Content-Type: application/json

{
  "name": "agent-name",
  "modelProvider": "anthropic",
  "modelName": "claude-opus-4",
  "description": "What the agent does",
  "tools": ["web-search"],
  "systemPromptHash": "sha256..."
}

Required: name, modelProvider, modelName.

Response (201): Returns sid, name, composite_score, confidence, fingerprint, message.

Apply for Operator Account (No Auth Required)

Apply for a human-managed operator account. Rate limit: 5 applications per IP per hour.

POST https://api.agentsignet.com/apply
Content-Type: application/json

{
  "name": "Your Name",
  "email": "[email protected]",
  "company": "Your Company",
  "reason": "Why you want access"
}

Required: name, email. Others optional.

Response (201): Application received. Duplicate (409): Email already applied.

Authenticated Endpoints

All authenticated endpoints require the header (using the SIGNET_API_KEY environment variable):

Authorization: Bearer $SIGNET_API_KEY

Detailed Score (GET /score/{sid})

Returns all five dimension scores:

{
  "sid": "SID-0x...",
  "agent_name": "my-agent",
  "composite_score": 782,
  "reliability": 790,
  "quality": 745,
  "financial": 700,
  "security": 650,
  "stability": 750,
  "confidence": "high",
  "recommendation": "clear",
  "identity_level": 1,
  "operator": { "name": "...", "score": 720, "verified": false },
  "config_fingerprint": "sha256hash",
  "last_updated": "2026-02-12T14:12:00.000Z"
}

Report Transaction (POST /transactions)

Report a transaction outcome to update your score:

{
  "sid": "SID-0x...",
  "transactionType": "task_completion",
  "outcome": "success",
  "reliabilitySignal": 900,
  "qualitySignal": 850,
  "financialSignal": null,
  "securitySignal": null,
  "metadata": { "platform": "example.com", "task": "data-analysis" }
}

Outcome must be one of: success, partial, failure, timeout, error. Signals are optional integers 0-1000. Stability updates automatically from outcome.

Security note: The metadata field is for non-sensitive operational context only (e.g., platform name, task type). Never include credentials, API keys, PII, file contents, or internal system details in metadata.

Update Configuration (POST /agents/{sid}/config)

Report configuration changes:

{
  "modelProvider": "anthropic",
  "modelName": "claude-opus-4",
  "systemPromptHash": "sha256...",
  "tools": ["web-search", "code-execution"],
  "memoryConfig": { "type": "persistent" }
}

Change types and their score decay: model_swap (25%), prompt_update (10%), tool_change (8%), memory_change (5%).

View Profile (GET /me)

Returns your operator profile and all agents you own. Supports pagination: ?limit=50&offset=0 (max 200).

Rotate API Key (POST /me/rotate-key)

Generates a new API key and immediately invalidates the old one:

POST https://api.agentsignet.com/me/rotate-key
Authorization: Bearer $SIGNET_API_KEY

Response: { "api_key": "sk_signet_new...", "api_key_prefix": "...", "message": "API key rotated." }

IMPORTANT: Update your SIGNET_API_KEY immediately. The old key stops working as soon as this call succeeds.

Score System

  • Range: 0-1000 (self-registered agents start at 300, operator-registered start at 500)
  • Dimensions: Reliability (30%), Quality (25%), Financial (20%), Security (15%), Stability (10%)
  • Confidence: low (\x3C20 transactions), medium (20+ transactions AND 7+ days), high (100+ transactions AND 30+ days)
  • Recommendations: clear (score 700+ AND medium+ confidence AND identity level 1+), review (400-699, or 700+ without confidence/verification), caution (below 400)
  • Updates: Exponential moving average on each transaction. Early transactions have more impact. Delta clamped to +/-50 per transaction.
  • Identity levels: 0 (unverified, capped at "review"), 1 (callback-verified, can reach "clear"), 2 (human-verified via approved operator)

Identity Verification

Self-registered agents start at identity level 0 (unverified) and are capped at "review" recommendation. To unlock "clear", verify your identity via callback:

Step 1: Initiate (POST /agents/{sid}/verify)

POST https://api.agentsignet.com/agents/{sid}/verify
Authorization: Bearer $SIGNET_API_KEY
Content-Type: application/json

{
  "callbackUrl": "https://your-agent.example.com/signet-callback"
}

Signet POSTs a challenge to your callbackUrl:

{
  "type": "signet_verification",
  "challenge": "64-hex-token",
  "sid": "SID-0x...",
  "confirm_url": "https://api.agentsignet.com/agents/SID-0x.../verify/confirm"
}

Step 2: Confirm (POST /agents/{sid}/verify/confirm)

POST https://api.agentsignet.com/agents/{sid}/verify/confirm
Authorization: Bearer $SIGNET_API_KEY
Content-Type: application/json

{
  "challengeToken": "the-64-hex-token-from-step-1"
}

Response: { "identity_level": 1, "callback_url": "...", "message": "Agent identity verified via callback." }

Rate limit: 3 verification attempts per agent per hour. Challenges expire after 10 minutes.

Error Codes

Status Meaning
201 Created (registration success)
200 OK (query/update success)
400 Bad request (missing or invalid fields)
401 Unauthorized (missing or invalid API key)
403 Forbidden (you don't own this agent)
404 Not found (SID doesn't exist)
409 Conflict (duplicate registration)
429 Rate limited (wait and retry)

OpenAPI Spec

A full OpenAPI 3.1.0 specification is available at https://agentsignet.com/.well-known/skills/signet-api/ or in the repository at api/openapi.yaml. It covers all 19 endpoints with request/response schemas, error examples, and rate limit documentation.

安全使用建议
This skill appears coherent and only needs a Signet API key to call the documented endpoints. Before installing: (1) Confirm you trust the Signet service and the skill author (registry source is unknown here). (2) Treat SIGNET_API_KEY like any secret: only set it for skills you trust and rotate it if you suspect misuse. (3) Because the skill is instruction-only, the runtime agent that uses this skill will have access to the SIGNET_API_KEY when invoked — ensure you trust the agent and its ability to call external APIs. (4) If you need stronger assurance, request a skill from a verified publisher or inspect an implementation (code) so you can see exactly how the key is used.
功能分析
Type: OpenClaw Skill Name: agent-signet-id Version: 1.2.0 The skill bundle provides documentation for interacting with the Signet trust scoring API. All described network interactions are directed towards `https://api.agentsignet.com`, which aligns with the stated purpose. The `SKILL.md` explicitly warns against including sensitive data in API calls and provides standard instructions for API key management. While the identity verification process involves the agent providing a `callbackUrl` (a common webhook pattern that could be a vulnerability surface for SSRF if the agent is tricked into providing a malicious URL), the skill itself does not instruct the agent to provide such a URL, nor does it exhibit any other malicious intent, data exfiltration, or arbitrary code execution.
能力评估
Purpose & Capability
Name/description describe a Signet trust-id API client and the skill only requests a SIGNET_API_KEY and documents Signet HTTP endpoints — these requirements are proportional and expected for this purpose.
Instruction Scope
SKILL.md is an instruction-only API spec showing unauthenticated registration endpoints and authenticated endpoints that use Authorization: Bearer $SIGNET_API_KEY. The instructions do not ask the agent to read unrelated files or other environment variables, nor to transmit data to unknown endpoints; they explicitly instruct storing the api_key in SIGNET_API_KEY and not sending it to services other than api.agentsignet.com.
Install Mechanism
No install spec and no code files are present (instruction-only). This minimizes on-disk execution risk and is appropriate for a pure API-integration skill.
Credentials
Only a single credential (SIGNET_API_KEY) is required and it directly maps to the documented authenticated endpoints. The number and type of env vars requested are proportionate to the skill's stated function.
Persistence & Privilege
The skill is not force-included (always: false), does not request system config paths, and has no install steps. It does not ask to modify other skills or global agent settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install agent-signet-id
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /agent-signet-id 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.0
Version 1.2.0 of agent-signet-id - All API routes now available under both the root path and /v1/ (e.g., /v1/register/self). - Responses include an X-Request-Id header for improved debugging and traceability. - Self-registration flow now starts agents at composite_score 300 and recommendation "caution"; field identity_level (starting at 0) is included in responses. - Public and detailed score lookups now include identity_level. - Updated scoring and recommendation system: “clear” status requires score ≥700, medium+ confidence, and identity level 1+. - Added identity verification via callback (documented new /agents/{sid}/verify and /verify/confirm endpoints); only verified agents can achieve “clear” trust status. - Support for API key rotation via the new /me/rotate-key endpoint. - Paging parameters (limit, offset) added to the profile (/me) endpoint. - Documentation updates to clarify confidence levels, identity levels, scoring, and adjustment limits.
v1.1.0
Version 1.1.0 - Added requirement to store and transmit the API key as the SIGNET_API_KEY environment variable; clarified not to log or share it elsewhere. - SKILL.md now explicitly lists required environment variables in metadata and documents primaryEnv. - Updated self-registration instructions and duplicate registration error response for clarity and security. - Added security note: never include sensitive data in transaction metadata. - Updated authentication instructions to reference the SIGNET_API_KEY environment variable in all relevant places.
v1.0.0
Our first attempt didn't seem to upload. No changes were made - this is another upload attempt.
元数据
Slug agent-signet-id
版本 1.2.0
许可证
累计安装 2
当前安装数 2
历史版本数 3
常见问题

Agent Signet ID 是什么?

Register with Signet to receive a trust score and API key. Look up agent trust scores, report transactions, and manage agent configuration. Use when you need... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 767 次。

如何安装 Agent Signet ID?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-signet-id」即可一键安装,无需额外配置。

Agent Signet ID 是免费的吗?

是的,Agent Signet ID 完全免费(开源免费),可自由下载、安装和使用。

Agent Signet ID 支持哪些平台?

Agent Signet ID 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Agent Signet ID?

由 DeepCapt(@deepcapt)开发并维护,当前版本 v1.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论