← 返回 Skills 市场
DeepRead Agent Self Sign Up
作者
DeepRead.tech
· GitHub ↗
· v2.1.0
· MIT-0
782
总下载
2
收藏
2
当前安装
11
版本数
在 OpenClaw 中安装
/install deepread-agent-setup
功能描述
Authenticate AI agents with the DeepRead OCR API using OAuth device flow. The agent displays a code, the user approves it in their browser, and the agent rec...
使用说明 (SKILL.md)
DeepRead Agent Setup
Authenticate AI agents with the DeepRead OCR API using the OAuth 2.0 Device Authorization Flow (RFC 8628). After setup, the agent has a DEEPREAD_API_KEY environment variable and can use the DeepRead OCR skill.
How It Works
The device flow lets headless agents (no browser) authenticate securely:
Agent requests device code → User opens URL in browser → User approves → Agent receives API key
- Agent calls
POST https://api.deepread.tech/v1/agent/device/codeto get adevice_codeanduser_code - Agent displays the
user_codeand a verification URL to the user - User opens the URL in their browser, logs in, and enters the code
- Agent polls
POST https://api.deepread.tech/v1/agent/device/tokenuntil the user approves - Agent receives an
api_key(prefixedsk_live_) and stores it as theDEEPREAD_API_KEYenvironment variable
Only domain contacted: api.deepread.tech
Prerequisites
- A DeepRead account (free at https://www.deepread.tech/dashboard/?utm_source=clawdhub)
- Internet access to reach
api.deepread.tech
Setup Instructions
Step 1: Request a Device Code
curl -s -X POST https://api.deepread.tech/v1/agent/device/code \
-H "Content-Type: application/json" \
-d '{"agent_name": "my-ai-agent"}'
The agent_name field is optional — it is shown on the approval screen so the user knows which agent is requesting access.
Response:
{
"device_code": "GmRhmhcxhZAzk...EeNu5OfKhL79MQgN",
"user_code": "WDJB-MJHT",
"verification_uri": "https://www.deepread.tech/activate",
"verification_uri_complete": "https://www.deepread.tech/activate?code=WDJB-MJHT",
"expires_in": 900,
"interval": 5
}
Tell the user (using the values from the response — they change every time):
Open {verification_uri} and enter code {user_code}
Or open this direct link: {verification_uri_complete}
Step 2: Poll for Approval
Poll every interval seconds (default: 5) until the user approves:
curl -s -X POST https://api.deepread.tech/v1/agent/device/token \
-H "Content-Type: application/json" \
-d '{"device_code": "GmRhmhcxhZAzk...EeNu5OfKhL79MQgN"}'
While waiting (user hasn't approved yet):
{
"error": "authorization_pending",
"api_key": null,
"key_prefix": null
}
After user approves:
{
"error": null,
"api_key": "sk_live_abc123def456...",
"key_prefix": "sk_live_abc123de"
}
The api_key is returned exactly once. The next poll after retrieval will return expired_token. Save it immediately.
If user denied:
{
"error": "access_denied",
"api_key": null,
"key_prefix": null
}
If code expired (15 minutes):
{
"error": "expired_token",
"api_key": null,
"key_prefix": null
}
Step 3: Store the API Key
Once you receive the api_key, set it for the current session:
export DEEPREAD_API_KEY="\x3Capi_key from response>"
To persist across sessions, the user should choose one of these options:
| Method | Command | Security |
|---|---|---|
| Secrets manager (recommended) | Use your OS keychain, 1Password CLI, or pass |
Encrypted at rest |
| Shell profile | User manually adds export DEEPREAD_API_KEY="..." to ~/.zshrc |
Plaintext file — readable by local processes |
Important:
- The agent should set the env var for the current session only (
export) - Persistence is the user's choice — do not automatically write to shell profiles
- Never commit the key to source control or write it to project files
- The key prefix
sk_live_confirms it is a valid DeepRead production key
Step 4: Verify the Key Works
Submit a test document to confirm the key is valid:
curl -s -X POST https://api.deepread.tech/v1/process \
-H "X-API-Key: $DEEPREAD_API_KEY" \
-F "[email protected]"
A successful response returns a job ID confirming the key works:
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"status": "queued"
}
If the key is invalid you will get a 401 Unauthorized response.
Complete Flow (All Steps)
#!/bin/bash
# DeepRead Device Flow — complete example
# 1. Request device code
RESPONSE=$(curl -s -X POST https://api.deepread.tech/v1/agent/device/code \
-H "Content-Type: application/json" \
-d '{"agent_name": "my-ai-agent"}')
DEVICE_CODE=$(echo "$RESPONSE" | jq -r '.device_code')
USER_CODE=$(echo "$RESPONSE" | jq -r '.user_code')
VERIFY_URI=$(echo "$RESPONSE" | jq -r '.verification_uri')
VERIFY_URI_COMPLETE=$(echo "$RESPONSE" | jq -r '.verification_uri_complete')
INTERVAL=$(echo "$RESPONSE" | jq -r '.interval')
echo "Open $VERIFY_URI and enter code: $USER_CODE"
echo "Or open directly: $VERIFY_URI_COMPLETE"
# 2. Poll for token
while true; do
TOKEN_RESPONSE=$(curl -s -X POST https://api.deepread.tech/v1/agent/device/token \
-H "Content-Type: application/json" \
-d "{\"device_code\": \"$DEVICE_CODE\"}")
ERROR=$(echo "$TOKEN_RESPONSE" | jq -r '.error // empty')
if [ -z "$ERROR" ]; then
export DEEPREAD_API_KEY=$(echo "$TOKEN_RESPONSE" | jq -r '.api_key')
echo "Authenticated. DEEPREAD_API_KEY is set for this session."
break
elif [ "$ERROR" = "authorization_pending" ]; then
sleep "$INTERVAL"
elif [ "$ERROR" = "slow_down" ]; then
INTERVAL=$((INTERVAL + 5))
sleep "$INTERVAL"
else
echo "Error: $ERROR"
exit 1
fi
done
Endpoints Used
| Endpoint | Method | Auth | Purpose |
|---|---|---|---|
https://api.deepread.tech/v1/agent/device/code |
POST | None | Request device code + user code |
https://api.deepread.tech/v1/agent/device/token |
POST | None | Poll for API key after user approval |
https://www.deepread.tech/activate |
— | Browser | User opens this URL to enter the code and approve |
No other endpoints are contacted by this skill.
Troubleshooting
"authorization_pending" keeps repeating
The user hasn't approved yet. Keep polling. The code expires after 15 minutes (expires_in: 900).
"expired_token"
The device code expired before the user approved, or the API key was already retrieved (one-time retrieval). Start over from Step 1.
"slow_down"
You're polling too fast. Increase the polling interval by 5 seconds.
"access_denied"
The user clicked Deny on the approval screen. Start over from Step 1 if the user wants to retry.
Key doesn't work after export
Ensure the shell session was not restarted. If persisting to ~/.zshrc, run source ~/.zshrc to reload.
"DEEPREAD_API_KEY not set"
The environment variable was not persisted. Re-run the device flow or manually set:
export DEEPREAD_API_KEY="sk_live_your_key_here"
Security Notes
- The device flow follows RFC 8628
- The
user_codeis short-lived (15 minutes) and single-use - The
api_keyis returned exactly once — subsequent polls returnexpired_token - All communication is over HTTPS
- The agent sets
DEEPREAD_API_KEYfor the current session only — it does not write to disk - For long-term storage, prefer a secrets manager (OS keychain, 1Password CLI,
pass) over plaintext shell profiles - Never commit the key to source control or write it to project files
- The agent never sees the user's password
Support
- Dashboard: https://www.deepread.tech/dashboard
- Issues: https://github.com/deepread-tech/deep-read-service/issues
- Email: [email protected]
Related DeepRead Skills
- deepread-ocr — Extract text and structured JSON from documents —
clawhub install uday390/deepread-ocr - deepread-form-fill — Fill any PDF form with AI vision —
clawhub install uday390/deepread-form-fill - deepread-pii — Redact 14 types of PII from documents —
clawhub install uday390/deepread-pii - deepread-agent-setup — Authenticate via OAuth device flow (this skill) —
clawhub install uday390/deepread-agent-setup - deepread-byok — Bring Your Own Key for zero LLM costs —
clawhub install uday390/deepread-byok
安全使用建议
This skill appears to do exactly what it says: run the OAuth device flow against api.deepread.tech and set DEEPREAD_API_KEY for the current session. Before installing: ensure you trust the deepread.tech domain and want to grant it an API key; note the shell script requires curl and jq (not declared), and the Python script sets the env var only inside its process (to get an exported variable in your interactive shell, source the shell script). The code does not exfiltrate data to other endpoints and does not request unrelated credentials, but treat the returned sk_live_* key as sensitive and store it in a secrets manager if you persist it.
功能分析
Type: OpenClaw Skill
Name: deepread-agent-setup
Version: 2.1.0
The skill bundle implements a standard OAuth 2.0 Device Authorization Flow (RFC 8628) to authenticate an AI agent with the DeepRead OCR API. It communicates exclusively with api.deepread.tech to obtain an API key and explicitly avoids automatic persistence to disk, leaving that choice to the user. The code in device_flow.sh and device_flow.py is transparent, well-documented, and lacks any indicators of data exfiltration or malicious execution.
能力评估
Purpose & Capability
Name/description match the included code and instructions: both Python and shell implementations perform the OAuth 2.0 device flow against api.deepread.tech and return an api_key. One minor mismatch: the shell examples/scripts require curl and jq but the skill's declared required binaries list is empty.
Instruction Scope
SKILL.md and the code instruct only calls to api.deepread.tech endpoints and local environment variable setting. The instructions do not request or read unrelated system files, secrets, or external endpoints.
Install Mechanism
No install spec is present (instruction-only). Two helper scripts are included but nothing is downloaded from arbitrary URLs and no archive extraction occurs.
Credentials
The skill requests no credentials and only produces a single environment variable (DEEPREAD_API_KEY) as expected for its purpose. There are no extra or unrelated env vars or config paths requested.
Persistence & Privilege
always is false and model invocation is disabled (disable-model-invocation: true). The skill does not attempt to persist keys automatically or modify other skills or global agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install deepread-agent-setup - 安装完成后,直接呼叫该 Skill 的名称或使用
/deepread-agent-setup触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.1.0
Added cross-links to all DeepRead skills (OCR, form-fill, PII, BYOK).
v2.0.4
## Version 2.0.4 Changelog
- No file changes detected in this release.
- Documentation, endpoints, and skill behavior remain unchanged.
v2.0.3
- Clarified that when instructing the user to approve, agents should show the actual values from the API response (`{verification_uri}`, `{user_code}`) instead of hard-coded examples.
- No changes to functionality or code: documentation update only.
v2.0.2
- Refined API key storage: agent now only sets DEEPREAD_API_KEY for the current session and does not persist it to disk; users are advised to manually persist via secrets manager or shell profile if desired.
- Updated documentation to clarify security best practices and user responsibilities for API key persistence.
- Improved guidance on environment variable handling and made explicit the agent’s behavior regarding persistence.
- Adjusted OpenClaw metadata to reflect actual environment variable output.
- No changes to endpoints or device flow logic.
v2.0.1
Updated skills latest version.
v2.0.0
Version 2.0.0 of deepread-agent-setup is a major update that simplifies the agent authentication process using industry-standard device authorization.
- Migrates agent authentication to OAuth 2.0 Device Authorization Flow (RFC 8628) for greater security and standardization.
- Adds clear, concise documentation and full setup instructions for device flow authentication.
- Introduces new example scripts: device_flow.py (Python) and device_flow.sh (bash).
- DEEPREAD_API_KEY is now stored solely as an environment variable, with explicit security best practices.
- All legacy and manual API references updated to reflect the new device flow and endpoint changes.
- Improved troubleshooting and support documentation.
v1.0.5
Fix display name, bold all section headings, remove extra space after API Overview and Pricing headings
v1.0.4
Consistent UI: all section headings are h1 bold/big, all body text is normal weight, consistent spacing between every section
v1.0.3
Fix Agent Self-Signup table spacing, upgrade all section headings to h1 for bold/bigger rendering, add spacing throughout all sections
v1.0.2
Fix UI: add spacing between headings and tables in Supported Platforms and API Overview sections, separate Base URL and Auth lines, bold table headers
v1.0.0
- Initial release of DeepRead OCR Agent Self-Signup skill.
- Enables zero-friction agent signup with device authorization—no dashboard or copy/paste required.
- Provides 97%+ OCR accuracy via multi-model consensus and human-in-the-loop review.
- Includes free tier: 2,000 pages/month, no credit card needed.
- Supports major AI coding agents with clear setup and API usage instructions.
元数据
常见问题
DeepRead Agent Self Sign Up 是什么?
Authenticate AI agents with the DeepRead OCR API using OAuth device flow. The agent displays a code, the user approves it in their browser, and the agent rec... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 782 次。
如何安装 DeepRead Agent Self Sign Up?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install deepread-agent-setup」即可一键安装,无需额外配置。
DeepRead Agent Self Sign Up 是免费的吗?
是的,DeepRead Agent Self Sign Up 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
DeepRead Agent Self Sign Up 支持哪些平台?
DeepRead Agent Self Sign Up 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 DeepRead Agent Self Sign Up?
由 DeepRead.tech(@uday390)开发并维护,当前版本 v2.1.0。
推荐 Skills