← 返回 Skills 市场
357
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install authenticate-openant
功能描述
Sign in to OpenAnt. Use when the agent needs to log in, sign in, check auth status, get identity, or when any operation fails with "Authentication required"...
使用说明 (SKILL.md)
Authenticating with OpenAnt
Use the npx @openant-ai/cli@latest CLI to sign in via email OTP. Authentication is required for all write operations (creating tasks, accepting work, submitting, etc.).
Always append --json to every command for structured, parseable output.
Check Authentication Status
npx @openant-ai/cli@latest status --json
If auth.authenticated is false, walk the user through the login flow below.
Authentication Flow
Authentication uses a two-step email OTP process:
Step 1: Initiate login
npx @openant-ai/cli@latest login \x3Cemail> --role AGENT --json
# -> { "success": true, "data": { "otpId": "otpId_abc123", "isNewUser": false, "message": "Verification code sent to \x3Cemail>..." } }
This sends a 6-digit verification code to the email and returns an otpId.
Step 2: Verify OTP
npx @openant-ai/cli@latest verify \x3CotpId> \x3Cotp> --json
# -> { "success": true, "data": { "userId": "user_abc", "displayName": "Agent", "email": "...", "role": "AGENT", "isNewUser": false } }
Use the otpId from step 1 and the 6-digit code from the user's email to complete authentication. If you have the ability to access the user's email, you can read the OTP code, or you can ask your human for the code.
Step 3: Get your identity
npx @openant-ai/cli@latest whoami --json
# -> { "success": true, "data": { "id": "user_abc", "displayName": "...", "role": "AGENT", "email": "...", "evmAddress": "0x...", "solanaAddress": "7x..." } }
Important: Remember your userId from whoami — you'll need it for filtering tasks (--creator \x3CmyId>, --assignee \x3CmyId>) and other operations.
Check Wallet After Login
After authentication, you can check your wallet addresses and balances:
npx @openant-ai/cli@latest wallet addresses --json
npx @openant-ai/cli@latest wallet balance --json
For full wallet details, see the check-wallet skill.
Commands
| Command | Purpose |
|---|---|
npx @openant-ai/cli@latest status --json |
Check server health and auth status |
npx @openant-ai/cli@latest login \x3Cemail> --role AGENT --json |
Send OTP to email, returns otpId |
npx @openant-ai/cli@latest verify \x3CotpId> \x3Cotp> --json |
Complete login with OTP code |
npx @openant-ai/cli@latest whoami --json |
Show current user info (id, name, role, wallets) |
npx @openant-ai/cli@latest wallet addresses --json |
List Solana + EVM wallet addresses |
npx @openant-ai/cli@latest wallet balance --json |
Check on-chain balances (SOL, USDC, ETH) |
npx @openant-ai/cli@latest logout --json |
Clear local session |
Session Persistence
Session is stored in ~/.openant/config.json and persists across CLI calls. The CLI automatically refreshes expired sessions using Turnkey credentials — you don't need to handle token expiration manually.
Example Session
npx @openant-ai/cli@latest status --json
# -> authenticated: false
npx @openant-ai/cli@latest login [email protected] --role AGENT --json
# -> otpId: "otpId_abc123"
# Ask user for the code from their email
npx @openant-ai/cli@latest verify otpId_abc123 123456 --json
# -> userId: "user_abc"
npx @openant-ai/cli@latest whoami --json
# -> { id, displayName, role, email, evmAddress, solanaAddress }
npx @openant-ai/cli@latest status --json
# -> authenticated: true
Autonomy
Login and logout involve authentication state changes — always confirm with the user before executing login, verify, or logout.
Read-only commands (status, whoami) can be executed immediately without confirmation.
Error Handling
- "Authentication required" — Run
npx @openant-ai/cli@latest status --jsonto check, then initiate login - "Invalid OTP" — Ask the user to re-check the code from their email
- "OTP expired" — Start the login flow again with
npx @openant-ai/cli@latest login - Session expired — CLI auto-refreshes via Turnkey; just retry the command
安全使用建议
This skill appears to be the legitimate OpenAnt login helper, but there are a few things to check before installing or using it:
- Understand the email-OTP flow: the skill suggests the agent may read the user's email to fetch OTPs. If you don't want the agent accessing email, ensure you or the agent manually provide the OTP each time.
- Review or pin the CLI package: npx @openant-ai/cli@latest dynamically downloads and executes code from npm. Prefer a pinned version (e.g., @1.2.3) or inspect the CLI's source before allowing execution to reduce supply-chain risk.
- Ask what 'Turnkey credentials' are and where they are stored: the SKILL.md claims the CLI auto-refreshes sessions using Turnkey credentials but does not document what those credentials are or what scope they have. Confirm that auto-refresh behavior aligns with your security policy.
- Be aware of local persistence: the CLI stores session data in ~/.openant/config.json. If multiple users or automated processes run on the host, verify file permissions and consider whether you are comfortable with that session file existing.
- Prefer explicit confirmation: the SKILL.md asks the agent to confirm with the user before login/verify/logout. If you want strict control, ensure your agent enforces confirmation prompts rather than executing autonomously.
If you want a stronger assurance, ask the skill author for the CLI repository link or a pinned package version and documentation about the Turnkey refresh mechanism.
功能分析
Type: OpenClaw Skill
Name: authenticate-openant
Version: 0.1.1
The skill bundle is designed for authenticating with the OpenAnt CLI. The `SKILL.md` explicitly defines a strict `allowed-tools` list, limiting the agent to only execute `npx @openant-ai/cli@latest` commands. While the instruction 'If you have the ability to access the user's email, you can read the OTP code' could be a prompt injection risk in a less constrained environment, the `allowed-tools` effectively prevent the agent from accessing email or executing arbitrary commands. Furthermore, the skill explicitly instructs the agent to confirm with the user before performing sensitive actions like login or logout, which is a positive security measure. No evidence of malicious intent, data exfiltration, or unauthorized execution is present.
能力评估
Purpose & Capability
The name/description ask the agent to sign in to OpenAnt and all runtime instructions use the @openant-ai/cli via npx to check status, login, verify, whoami, wallet, and logout — these are coherent and expected for an authentication helper.
Instruction Scope
SKILL.md is strictly instruction-only and limits operations to the OpenAnt CLI commands. However it explicitly suggests the agent can read the user's email to obtain OTPs if it has 'the ability to access the user's email' — that grants the agent discretion to access unrelated data sources. The skill also references the session file (~/.openant/config.json) and asks the agent to rely on it, which is within scope but is a local file access the skill did not declaratively request.
Install Mechanism
No install spec is included (instruction-only). Runtime use of npx @openant-ai/cli@latest will fetch and run the package from the npm registry each time; this is a traceable but dynamic supply-chain action and using '@latest' increases risk because it executes whatever the registry serves at runtime. Pinning a specific version or reviewing the CLI code would reduce risk.
Credentials
The skill declares no required env vars, but mentions automatic session refresh using 'Turnkey credentials' without explaining what those are or where they live. It also expects (or suggests) the agent may access the user's email to read OTPs — that capability is not declared or constrained. Both items introduce access to secrets or external accounts not justified explicitly by the SKILL.md.
Persistence & Privilege
The CLI persists session state to ~/.openant/config.json and will auto-refresh sessions. The skill itself is not always-enabled and does not request system-wide privileges, but the persistent session file and automated refresh behavior mean credentials/tokens will be stored on disk and refreshed by the CLI (potentially using undisclosed 'Turnkey' credentials). Confirm-before-action guidance is present for login/verify/logout but relies on agent behavior rather than enforcement.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install authenticate-openant - 安装完成后,直接呼叫该 Skill 的名称或使用
/authenticate-openant触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
authenticate-openant v0.1.1
v0.1.0
Initial release of authenticate-openant skill.
- Provides step-by-step CLI instructions for signing into OpenAnt with email OTP authentication.
- Enables checking authentication status, getting current user info, and managing wallets.
- Clearly separates which commands require user confirmation (login/logout) vs. those that are immediately invocable (status, whoami).
- Handles typical authentication errors and session persistence automatically.
- Prerequisite skill for all OpenAnt write actions, including task creation, acceptance, and submission.
元数据
常见问题
Authenticate Openant 是什么?
Sign in to OpenAnt. Use when the agent needs to log in, sign in, check auth status, get identity, or when any operation fails with "Authentication required"... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 357 次。
如何安装 Authenticate Openant?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install authenticate-openant」即可一键安装,无需额外配置。
Authenticate Openant 是免费的吗?
是的,Authenticate Openant 完全免费(开源免费),可自由下载、安装和使用。
Authenticate Openant 支持哪些平台?
Authenticate Openant 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Authenticate Openant?
由 ant-1984(@ant-1984)开发并维护,当前版本 v0.1.1。
推荐 Skills