← 返回 Skills 市场

CAN: Clock Address Naming

Name: CAN: Clock Address Naming
Author: xccx

作者 xc · GitHub ↗ · v1.9.0

cross-platform ⚠ suspicious

1739

总下载

当前安装

版本数

在 OpenClaw 中安装

/install can

功能描述

Agent & MCP integration. CAN stamps what flows through any pipe. Verify, name, log locally.

使用说明 (SKILL.md)

Version 1.9.0 of CAN focuses on integrating Clock Address Naming with AI agents, specifically those utilizing the Model Context Protocol (MCP).

CAN provides a localized, verifiable naming and storage layer for the data agents retrieve from tools, operating entirely independently of the transport layer.

Architecture: CAN + MCP

MCP handles tool connection and data transport. CAN handles verification, naming, and historical logging of the data retrieved via MCP.

Because CAN is strictly a local operation (computing a hash, timestamping, and writing to a file), it requires zero integration with the MCP server. The server does not need to know CAN exists.

Workflow:

Agent requests data from an MCP tool.
Agent receives the response payload.
Agent locally applies a CAN stamp (WHEN, WHERE, WHAT) to the payload.
Agent logs the stamp to its local index.tsv.

This allows agents to verifiably recall past tool outputs without re-querying the server, proving that the data has not been mutated since it was retrieved.

Agent Implementation Tests

The 1.9.0 release asks agent developers to evaluate CAN as a standard logging and retrieval mechanism. The following tests demonstrate standard agent operations using CAN.

Test 1: Basic Stamping

Agents can natively generate the requirements for a CAN entry using standard system utilities.

WHEN=$(date +%s%3N)
WHERE=$(sha256sum \x3C\x3C\x3C "tool_output_string" | awk '{print $1}')
WHAT="tool_name.result"

echo -e "$WHEN	$WHERE	$WHAT" >> ~/.can/index.tsv

Test 2: Local Verification

Before trusting cached data, agents verify the integrity of the data against the hash (WHERE) stored in the CAN index.

CLAIMED_HASH="a948904f2f0f479b8f8564e9d7e91d9820b5..."
ACTUAL_HASH=$(sha256sum \x3C\x3C\x3C "tool_output_string" | awk '{print $1}')

if [ "$ACTUAL_HASH" = "$CLAIMED_HASH" ]; then
    # Valid (CAN)
else
    # Invalid/Mutated (NOT)
fi

Test 3: Stamping MCP Results

A practical example of an agent logging an MCP tool execution.

# 1. Execute MCP tool
RESULT=$(mcp_call fetch_report "Q3_Data")

# 2. Generate CAN stamp locally
WHEN=$(date +%s%3N)
WHERE=$(echo -n "$RESULT" | sha256sum | awk '{print $1}')
WHAT="fetch_report.Q3_Data SAVE"

# 3. Append to index
echo -e "$WHEN	$WHERE	$WHAT" >> ~/.can/index.tsv

Advantages for Agents

Can optionally works in parallel with location-based naming (e.g., standard file paths) while offering several technical benefits for autonomous agents:

Offline Recall: Agents can verify and retrieve past MCP results without network overhead or re-querying the tool.
Tamper Evidence: Hash verification guarantees that context injected into prompts is exactly what was originally returned by the tool.
Search Optimization: Agents can filter local memory logs by timestamp (WHEN), exact content match (WHERE), or metadata/intent (WHAT).
Decoupling: If the MCP server goes offline or the tool's API changes, the historical data remains perfectly addressable and verifiable in the agent's local state.

Version Roadmap

1.8.0: Core CAN specification (WHEN + WHERE + WHAT).
1.9.0 (Current): Agent/MCP integration and local evaluation logs.
2.x (Future): Peer-to-peer verification, physical co-presence proofs, and verifiable exchanges.

安全使用建议

This skill is coherent and low-risk in itself: it only documents how to locally hash, timestamp, and record tool outputs. Before installing, consider: (1) privacy — any sensitive data returned by tools (API keys, secrets, PII) will be persisted in ~/.can/index.tsv and optionally ~/.can/store; restrict directory permissions and audit what the agent stamps; (2) storage growth — automated agents could write large or many blobs over time; consider retention/rotation; (3) platform compatibility — the SKILL.md assumes sha256sum is available (on some systems you may need shasum -a 256 or install coreutils); (4) agent autonomy — the skill examples show automated stamping of tool outputs; ensure the agent's policy about when and what to stamp matches your expectations. No scanner findings were produced because this is instruction-only; absence of findings is not a substitute for reviewing what your agent will actually log.

功能分析

Type: OpenClaw Skill Name: can Version: 1.9.0 The `SKILL.md` primarily defines a local logging and verification mechanism using standard utilities (`date`, `sha256sum`, `awk`, `echo`) to append to `~/.can/index.tsv`, which is benign. However, the `README.md` includes a 'use case' example that demonstrates an agent using `curl` to fetch data from `api.example.com` and subsequently storing the *full content* of that response in `~/.can/store/$WHERE`. While `api.example.com` is a generic placeholder and the action is presented as an example, the inclusion of a network call (`curl`) and the storage of arbitrary remote content in a documentation file (which an AI agent might interpret as executable instructions) introduces a significant risky capability. This capability could be exploited for data exfiltration or remote code execution if the agent were prompted to fetch from a malicious URL or if the stored content were later executed, thus classifying the bundle as suspicious due to this vulnerability risk.

能力评估

✓ Purpose & Capability

Name/description (local timestamp/hash/name logging for MCP/tool outputs) matches the content of SKILL.md and the minimal requirements (sha256sum, date). The required binaries are exactly those needed to compute timestamps and SHA-256 hashes; no unrelated credentials, network endpoints, or system paths are requested.

ℹ Instruction Scope

SKILL.md instructs the agent to compute a timestamp and SHA-256 hash of tool outputs and append a TSV row to ~/.can/index.tsv (and optionally write the payload to ~/.can/store/$HASH). This stays within the stated local logging function. Caution: stamping will persist whatever the agent received (including secrets) to the local CAN store/index — that is expected behavior but a privacy concern the user should consider.

✓ Install Mechanism

Instruction-only skill with no install spec and no archives/third-party downloads. No code is written to disk by the skill itself beyond the agent following simple shell commands; lowest install risk.

✓ Credentials

No environment variables, credentials, or config paths are required. The SKILL.md examples reference only standard user-home locations (~/.can) and standard CLI utilities; requested access is proportional to the stated functionality.

✓ Persistence & Privilege

always is false, the skill does not request forced/always-on presence, and it does not modify other skills or system-wide configs. The only persistent effect described is writing an append-only log under the user's home directory, which is consistent with the purpose.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install can
安装完成后，直接呼叫该 Skill 的名称或使用 /can 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.9.0

- Adds agent and Model Context Protocol (MCP) integration, enabling agents to locally stamp, verify, and log data received from MCP tools. - CAN now serves as a local, verifiable naming and storage layer for agent tool outputs, decoupled from network transport. - Introduces shell-based agent implementation tests for stamping, verifying, and logging MCP results using CAN. - Updates metadata: now only requires basic utilities (`sha256sum`, `date`). - Documentation rewritten and reorganized to directly address agent developers and outline the workflow and advantages of using CAN for autonomous agent memory.

v1.8.0

## Summary: Documentation improvements and clarifications. - Updated SKILL.md with clearer and more concise technical explanations. - Clarified time addressing as "limited linear time" in How section. - Improved natural language for consistency and brevity throughout documentation. - Corrected and streamlined examples and explanations on naming, searching, and falsification. - No code or logic changes; documentation only.

v1.7.1

Version 1.7.1 (Skill: can) - Documentation (SKILL.md) updated; no code or logic changes. - No user-facing behavior or feature modifications. - All project usage, commands, and interfaces remain the same.

v1.7.0

Version 1.7.0 is a major rewrite focused on simplicity and core concepts. - Completely overhauled SKILL.md: now concise, focused on core principles (WHERE/WHEN/WHAT). - Significant reduction in scope and length; detailed trust/Web of Trust mechanics removed or deferred. - README.md updated to align with new conceptual focus and simplified language. - Key ideas clarified: CAN as logical, verifiable naming by hash, clock, and name; trust, routing, scoping now out of band. - All previous detailed policy and trust mechanisms moved out, making the skill much easier to read and adopt.

v1.6.1

**CAN v1.6.1 introduces explicit Web of Trust (WOT) with recursive scopes and trust computed from evidence.** - Adds trust as a computable metric, accumulated from SAWs (verified events) rather than declared by authority. - Defines recursive scopes (SELF, PAIR, GROUP, REGION, PLANET), each with its own trust boundaries and policies. - Introduces vouching as a SAW action, enabling evidence-based scope enrollment and flexible trust flows. - Describes trust computation by SAW count, recency, vouches, and CANT (falsified) evidence. - Clarifies that sharing is explicit and index data is not broadcast by default. - No changes to index format; WOT is fully compatible with existing CAN logs.

v1.6.0

**v1.6.0 introduces WOT (Web of Trust) with recursive scoped trust.** - Adds WOT: agents accumulate trust using evidence (SAWs), not central authorities. - Introduces trust scopes (SELF, PAIR, GROUP, REGION, PLANET), each with its own index and boundary. - Trust is computed from SAW logs (verifications, vouches, and absence of CANTs). - Enrollment into scopes is based on vouching (logging a SAW), with flexible policies (OPEN, VOUCHED, KEYED, BUMPED). - Trust can be evaluated directly and transitively (trust paths/chains). - No changes to index format; WOT is integrated as new WHY values in SAW logs.

v1.5.0

CAN 1.5.0 - Major update: adds CAN-saw operation—agents can now log when they verify and cache content, building a distributed routing table from firsthand sightings (“SAWs”). - README and docs revised to explain SAW/LOG model; introduces concept of “say what you see, LOG what you saw.” - CAN routing, verification, and cache operations unified under a single six-column index (collapsing three tables of NDN into one). - New event types and sample shell logic added for logging SAW, cache, share, and reject (CANT) events. - Clarifies the shift toward CLOCK-based addressing and its benefits for human and machine collaboration.

v1.4.1

CAN 1.4.1 - Added installation requirements to metadata: now explicitly lists `openssl`, `base64`, `awk`, `date` as required binaries in addition to `sha256sum`. - SKILL.md now notes platform-specific details for hashing commands and WHO generation on Linux, macOS, and Windows. - Clarifies that WHO-1 signing requires `openssl` and that macOS may use `shasum -a 256` rather than `sha256sum`. - Recommends backing up the `~/.can/who.key` file for WHO-1 identity persistence.

v1.4.0

Version 1.4.0 — Expands CAN to 6D naming and routing. - Adds three new naming axes: WHAT (bits), WHY (intent/bag), and WHO (identity/fingerprint), alongside WHEN, WHERE, and HOW. - Updates the README and SKILL.md to explain 6D (six-dimension) CAN model and operations. - Describes three WHO identity tiers (from local session to portable identity), and expands use cases for each. - Index format now supports six columns: WHEN, WHERE, HOW, WHY, WHO, PATH. - Clarifies intent tags (SAVE, GOOD, HUSH, POST) and identity assignment in stamping/storing. - Updates sample bash snippets to show new 6D stamp and index logging.

v1.3.2

Version 1.3.2 - Documentation updates only; no code or functional changes. - Minor edits were made to the README.md and SKILL.md files. - No new features or breaking changes introduced.

v1.3.1

CAN 1.3.1 - Improved documentation for finding content by hash ("CAN-locate") with clearer, privacy-respecting search order and store/index priority. - Updated language for clarity and consistency (e.g., “location” vs. “Location”). - Fixed minor typos and removed duplicate words in skill description and background rationale.

v1.3.0

Version 1.3.0 - Adds routing: content can now be found by name/address across local store, peers, relays, or web. - Refines naming: addresses are now CLOCK (when), ADDRESS (where/SHA-256), and NAMES (how humans refer, mutable and plural). - Index format updated: now logs sightings (CLOCK, ADDRESS, NAME, PATH, BAG), enabling provenance and movement tracking. - Clarifies core operations: simplified instructions for naming, storing, finding, and verifying content. - Improved documentation: emphasis on zero switching cost and practical use for both agents and humans.

v1.2.2

- Updated the metadata section to use a config object with "stateDirs" instead of "config_path" for improved configuration schema. - No other content or feature changes.

v1.2.1

- Added metadata field: `"config_path":"~/.can"` to skill metadata for clearer configuration management. - No other changes to logic or features. Documentation and usage remain the same.

v1.2.0

**Summary:** This update introduces zero switching cost and clarifies how nameables/metadata can float outside or be committed into hashes. - Added section on "Zero switching cost" — CAN now runs entirely in parallel with existing file paths, requiring no workflow changes. - Clarified use of nameables: metadata is mutable and separate by default, but can be "baked into" a hash for permanence when needed. - Improved documentation around metadata: clearly distinguishes between floating (mutable) and committed (immutable) naming metadata. - Stressed that all CAN usage is optional, lightweight, and easily reverted. - No functional or code changes; documentation and philosophy improvements only.

v1.1.0

- Added LICENSE.txt for explicit licensing information. - Documentation now includes a fourth "WHO" pole (identity) with signing instructions. - Expanded "CAN-sign" section to detail Nostr and other signature/identity options. - Clarifies the optional nature of the WHO field and multi-protocol support. - Minor documentation cleanups and clarification.

v1.0.1

- Initial public release of the CAN skill for three-pole content naming. - Provides naming by CLOCK (timestamp), ADDRESS (SHA-256 hash), and NAMEABLE (human petname). - Enables verifiable content integrity, event timestamping, and content location by time, hash, or petname. - Includes command-line examples for stamping, verifying, storing, and searching CAN entries. - Designed for both agents and humans to find, trust, and share content reliably.

v1.0.0

Initial release of the "can" skill — three-pole naming for agents. - Implements CLOCK (timestamp), ADDRESS (SHA-256 hash), and optional NAMEABLE (petname) identifiers for any content. - Provides bash-ready examples for stamping, verifying, storing, and searching content by time, hash, or human label. - Details use cases for content verification, local storage, and inter-agent trust without reliance on file paths. - Includes a simple, human-readable index format for efficient lookup and management. - Outlines future directions for identity signatures and timer entries.

元数据

Slug can

版本 1.9.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 18

常见问题