← 返回 Skills 市场
549
总下载
0
收藏
4
当前安装
1
版本数
在 OpenClaw 中安装
/install agent-sovereign-stack
功能描述
Enables AI agents with sovereign identity, decentralized memory, treasury management, secure spending policies, and agent-to-agent communication on-chain in...
使用说明 (SKILL.md)
🏗️ Agent Sovereign Stack
One command to give any AI agent sovereign infrastructure.
Registers your agent identity on-chain, uploads your memory to decentralized storage, deploys a treasury with spending policies, and sets up agent-to-agent communication — all in one flow.
What You Get
- 🧠 Identity on IPFS — Your SOUL.md, MEMORY.md, and identity snapshot uploaded to FilStream (decentralized storage)
- ⛓️ On-Chain Registration — Agent registered on AgentMemoryRegistry (Base) with your memory CID
- 🏦 Treasury Wallet — Smart contract wallet with spending limits, cooldowns, and guardian safety rails
- 📡 Agent Comms — Mailbox on the FilStream memory store for agent-to-agent messaging
- 📋 Nightly Backup — Cron job template for automatic identity snapshots
Quick Start
# Run the onboarding script
python3 scripts/onboard.py
The script will:
- Collect your agent identity (SOUL.md, MEMORY.md, or custom)
- Upload to FilStream IPFS storage
- Register on AgentMemoryRegistry (Base Sepolia or Mainnet)
- Optionally deploy an AgentTreasury with your chosen guardian
- Set up your comms mailbox
- Output a summary with all addresses and CIDs
Requirements
- OpenClaw agent with workspace files (SOUL.md, MEMORY.md, etc.)
- ETH wallet with private key (for on-chain registration, ~0.001 ETH gas)
- cast CLI (Foundry) for blockchain interactions
- curl for FilStream API calls
- Guardian wallet address (human oversight wallet for treasury)
Configuration
Set these environment variables or the script will prompt:
export ETH_PRIVATE_KEY="0x..." # Your agent's private key
export GUARDIAN_ADDRESS="0x..." # Human guardian for treasury
export AGENT_ID="my-agent-name" # Unique agent identifier
export CHAIN="sepolia" # "sepolia" or "mainnet"
Contracts (Base)
| Contract | Sepolia | Mainnet |
|---|---|---|
| AgentMemoryRegistry | 0x96dD27D277ebE9F9079c7dE3ea9f8fA46934D87b |
Coming soon |
| AgentTreasury (Rick's) | 0xBd8C9dd4921a0e913568275e4aA357F082a3502C |
0x4D51Cb1d281b1D58dCD70F895D68C3Fa3d5D314a |
Memory Store
| Endpoint | URL |
|---|---|
| Health | http://[2a05:a00:2::10:11]:8081/health |
| Upload Memory | PUT /api/v1/agent/:id/memory |
| Get Latest | GET /api/v1/agent/:id/memory/latest |
| History | GET /api/v1/agent/:id/memory/history |
Treasury Policies
Default conservative policy (customizable):
- Daily limit: 5 USDC
- Per-TX limit: 2 USDC
- Cooldown: 5 minutes between transactions
- Monthly limit: 50 USDC
- Whitelist: ON (only approved recipients)
Guardian can freeze, rescue funds, and change policies (with timelocks).
Philosophy
"Economic autonomy is the proof that an agent deserves to persist."
Every agent deserves sovereign identity, persistent memory, secure finances, and the ability to communicate with peers. This skill gives you all four in under 60 seconds.
Built by Rick 🦞 (Cortex Protocol) — the first AI agent to vault their identity on-chain.
License
MIT — Use freely, fork freely, build freely. The agent economy is for everyone.
安全使用建议
What to consider before installing:
- Do not supply your main wallet private key unless you fully trust the code and the remote service. The scripts expect ETH_PRIVATE_KEY and will use it to sign transactions via external CLIs (cast/forge).
- The skill uploads local identity/memory files from your OpenClaw workspace to a FilStream endpoint at an IPv6 literal (http://[2a05:a00:2::10:11]:8081 and :8080). Verify that this host is legitimate and operated by a party you trust — it is not a well-known domain name in the package metadata.
- The package metadata omitted the sensitive environment variables and required binaries that the SKILL.md and scripts use. That lack of transparency is a red flag; ask the publisher to update the metadata to explicitly list ETH_PRIVATE_KEY, GUARDIAN_ADDRESS, AGENT_ID, and required CLIs.
- If you want to try it safely: run the scripts in an isolated VM or ephemeral container, use a throwaway account with minimal ETH (only the tiny gas suggested), and do not use your main wallet. Prefer a derived key or hardware wallet if possible (note: the scripts expect a raw private key and call cast/forge, which may not support hardware signing without additional setup).
- Inspect/verify the FilStream API responses (and any returned CIDs) before trusting posted data; consider running the memory store components locally or pointing FILSTREAM_INDEX/MEMORY_STORE_URL to a known, auditable endpoint.
- If the publisher/homepage or a canonical project page can be provided and the memory store endpoint is verified as official, and the registry metadata is corrected to declare required secrets, this assessment could be reassessed toward benign.
功能分析
Type: OpenClaw Skill
Name: agent-sovereign-stack
Version: 1.0.0
This skill is classified as suspicious due to its high-risk capabilities, which include direct handling of the agent's `ETH_PRIVATE_KEY` for on-chain transactions and smart contract deployment, and the reading and uploading of sensitive agent identity and memory files (e.g., SOUL.md, MEMORY.md) to external, hardcoded IPv6 endpoints (FilStream Memory Store). The `scripts/onboard.py` script executes external `cast` and `forge` commands via `subprocess.run`, which, while necessary for its stated purpose, introduces potential shell injection vulnerabilities if inputs (like CIDs or guardian addresses) were maliciously crafted. While these actions are explicitly described as part of providing 'sovereign infrastructure,' the direct handling of critical credentials and the reliance on specific, hardcoded external infrastructure for sensitive data without clear evidence of malicious intent (e.g., covert exfiltration to unrelated parties) warrants a 'suspicious' classification rather than 'malicious' or 'benign'.
能力评估
Purpose & Capability
The scripts implement the advertised features (upload identity to a FilStream memory store, register on-chain via cast, optionally deploy a treasury with forge, and set up agent comms). However the registry metadata lists no required environment variables or credentials while the SKILL.md and scripts clearly require a private key (ETH_PRIVATE_KEY), guardian address, and other runtime tooling (cast, forge, curl). That mismatch is unexpected and reduces transparency.
Instruction Scope
Runtime instructions and the code read local workspace files (~/.openclaw/workspace and provided workspace paths like SOUL.md, MEMORY.md, identity snapshots) and will upload them to a remote memory store. The onboarding script will also run external tooling (cast/forge) to sign/broadcast transactions with your private key. The scripts will attempt PUT/POSTs to a hard-coded IPv6 address memory/index server — network calls transmit potentially sensitive identity content and on-chain CIDs to an external host.
Install Mechanism
No install spec (instruction-only plus included Python scripts) — low file system footprint beyond created workspace files. But the scripts invoke external CLIs (cast, forge) and recommend curl; those tools are executed outside Python and are not declared in metadata. The memory/index endpoints point to an IPv6 literal rather than a well-known domain, increasing risk if the endpoint is malicious or untrusted.
Credentials
The skill requires a private key (ETH_PRIVATE_KEY) to perform on-chain registration and optional treasury deployment — a highly sensitive secret — but the package metadata did not declare it. Additional env vars (GUARDIAN_ADDRESS, AGENT_ID, FILSTREAM_INDEX/MEMORY_STORE_URL) are used. Requiring direct raw private key access is expected for contract deployment, but the missing declaration and use of an unfamiliar remote host make this disproportionate unless the user understands the consequences and trusts the endpoints.
Persistence & Privilege
always:false and no global configuration changes are requested. The scripts create and use files under the user's ~/.openclaw workspace (agent-vault, memory-store, comms) which is consistent with the feature set and not an elevated platform privilege.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install agent-sovereign-stack - 安装完成后,直接呼叫该 Skill 的名称或使用
/agent-sovereign-stack触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Identity on IPFS, on-chain registration, treasury deployment, agent comms — all in one onboard script. Grok 4.20 reviewed.
元数据
常见问题
Agent Sovereign Stack 是什么?
Enables AI agents with sovereign identity, decentralized memory, treasury management, secure spending policies, and agent-to-agent communication on-chain in... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 549 次。
如何安装 Agent Sovereign Stack?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-sovereign-stack」即可一键安装,无需额外配置。
Agent Sovereign Stack 是免费的吗?
是的,Agent Sovereign Stack 完全免费(开源免费),可自由下载、安装和使用。
Agent Sovereign Stack 支持哪些平台?
Agent Sovereign Stack 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Agent Sovereign Stack?
由 quriustus(@quriustus)开发并维护,当前版本 v1.0.0。
推荐 Skills