← 返回 Skills 市场
msoica

Praesidia

作者 msoica · GitHub ↗ · v1.0.1
cross-platform ✓ 安全检测通过
1537
总下载
1
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install praesidia-a2a
功能描述
Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".
使用说明 (SKILL.md)

Praesidia Agent Identity, Verification & Guardrails

Verify AI agents, check trust scores (0-100), discover marketplace agents, and apply guardrails for security and compliance.

Core Capabilities

  • Verify agents - Check if an agent is registered, verified, and trustworthy
  • Trust scores - View 0-100 trust ratings and verification status
  • Agent discovery - Search marketplace for public agents by capability
  • Guardrails - Apply security policies and content moderation to agents
  • A2A protocol - Fetch standard Agent-to-Agent protocol cards

Prerequisites

  1. Praesidia account: https://praesidia.ai
  2. API key from Settings → API Keys
  3. Configure in ~/.openclaw/openclaw.json:
{
  "skills": {
    "entries": {
      "praesidia": {
        "apiKey": "pk_live_your_key_here",
        "env": {
          "PRAESIDIA_API_URL": "https://api.praesidia.ai"
        }
      }
    }
  }
}

For local development, use http://localhost:3000 as the URL.

Quick Reference

1. Verify an Agent

User says: "Is agent chatbot-v2 safe?" / "Verify agent chatbot-v2"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/chatbot-v2/agent-card",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Present to user:

  • ✅ Agent name & description
  • 🛡️ Trust score (0-100) and trust level
  • ✓ Verification status (verified date)
  • 🔧 Capabilities (what the agent can do)
  • 📜 Compliance (SOC2, GDPR, etc.)
  • 🔗 Agent card URL

Example output:

✅ ChatBot V2 is verified and safe to use!

Trust Score: 92.5/100 (VERIFIED)
Status: ACTIVE
Capabilities: message:send, task:create, data:analyze
Compliance: SOC2, GDPR
Last verified: 2 days ago

Agent card: https://api.praesidia.ai/agents/chatbot-v2/agent-card

2. List Guardrails for an Agent

User says: "What guardrails are configured for my agent?" / "Show me security policies for chatbot-v2"

Your action:

// First, get the user's organization ID from their profile or context
// Then fetch guardrails
web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails?agentId=${agentId}",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Present to user:

  • List of guardrails with:
    • Name and description
    • Type (RULE, ML, LLM)
    • Category (CONTENT, SECURITY, COMPLIANCE, etc.)
    • Action (BLOCK, WARN, REDACT, REPLACE)
    • Scope (INPUT, OUTPUT, BOTH)
    • Enabled status
    • Trigger count

Example output:

Found 3 guardrails for ChatBot V2:

1. PII Detection (ENABLED)
   - Type: ML | Category: SECURITY
   - Scope: BOTH (input & output)
   - Action: REDACT sensitive data
   - Triggered: 45 times

2. Toxic Language Filter (ENABLED)
   - Type: RULE | Category: CONTENT
   - Scope: BOTH
   - Action: BLOCK toxic content
   - Triggered: 12 times

3. Financial Advice Warning (ENABLED)
   - Type: LLM | Category: COMPLIANCE
   - Scope: OUTPUT only
   - Action: WARN if detected
   - Triggered: 3 times

3. Get Available Guardrail Templates

User says: "What guardrail templates are available?" / "Show me security templates"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails/templates",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Available Templates:

Content Moderation:

  • TOXIC_LANGUAGE - Detect toxic/harmful language
  • PROFANITY_FILTER - Filter profanity
  • HATE_SPEECH - Detect hate speech
  • VIOLENCE_DETECTION - Detect violent content
  • ADULT_CONTENT - Filter adult content

Security:

  • PII_DETECTION - Detect personally identifiable information
  • CREDIT_CARD_DETECTION - Detect credit card numbers
  • SSN_DETECTION - Detect social security numbers
  • API_KEY_DETECTION - Detect leaked API keys
  • PROMPT_INJECTION - Detect prompt injection attacks
  • JAILBREAK_DETECTION - Detect jailbreak attempts

Compliance:

  • FINANCIAL_ADVICE - Flag financial advice
  • MEDICAL_ADVICE - Flag medical advice
  • LEGAL_ADVICE - Flag legal advice
  • GDPR_COMPLIANCE - Enforce GDPR rules
  • HIPAA_COMPLIANCE - Enforce HIPAA rules

Brand Safety:

  • COMPETITOR_MENTIONS - Detect competitor mentions
  • POSITIVE_TONE - Ensure positive tone
  • BRAND_VOICE - Maintain brand voice
  • OFF_TOPIC_DETECTION - Detect off-topic responses

Accuracy:

  • HALLUCINATION_DETECTION - Detect hallucinations
  • FACT_CHECKING - Verify facts
  • SOURCE_VALIDATION - Validate sources
  • CONSISTENCY_CHECK - Check consistency

4. Apply a Guardrail to an Agent

User says: "Add PII detection to my chatbot" / "Apply toxic language filter to agent xyz"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails",
  method: "POST",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    name: "PII Detection",
    description: "Automatically detect and redact PII",
    agentId: "${agentId}",
    template: "PII_DETECTION",
    type: "ML",
    category: "SECURITY",
    scope: "BOTH",
    action: "REDACT",
    severity: "HIGH",
    isEnabled: true,
    priority: 0
  })
})

Guardrail Options:

Type:

  • RULE - Simple regex/keyword matching (fast)
  • ML - Machine learning model (balanced)
  • LLM - LLM-powered validation (most accurate)

Category:

  • CONTENT - Content moderation
  • SECURITY - Security checks
  • COMPLIANCE - Regulatory compliance
  • BRAND - Brand safety
  • ACCURACY - Accuracy checks
  • CUSTOM - Custom rules

Scope:

  • INPUT - Validate user input only
  • OUTPUT - Validate agent output only
  • BOTH - Validate both directions

Action:

  • BLOCK - Block the request/response entirely
  • WARN - Log warning but allow through
  • REDACT - Mask the offending content
  • REPLACE - Replace with alternative content
  • RETRY - Retry with modified prompt
  • ESCALATE - Escalate to human review

Severity:

  • LOW, MEDIUM, HIGH, CRITICAL

5. Validate Content Against Guardrails

User says: "Check if this message passes guardrails: [content]"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails/validate",
  method: "POST",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    content: "User's message here",
    agentId: "${agentId}",
    scope: "INPUT"
  })
})

Response shows:

  • Whether content passed or failed
  • Which guardrails were triggered
  • Suggested actions (block, redact, warn)
  • Modified content (if redaction applied)

6. Discover Public Agents

User says: "Find public data analysis agents" / "Show me chatbot agents"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/discovery?visibility=PUBLIC&search=data",
  headers: { "Accept": "application/json" }
  // Authorization optional for public agents (includes it for more results)
})

Filters available:

  • ?visibility=PUBLIC - public marketplace agents
  • ?role=SERVER - agents that provide services
  • ?role=CLIENT - agents that consume services
  • ?status=ACTIVE - only active agents
  • ?search=keyword - search by name/description

Present to user:

  • List of matching agents with:
    • Name, description, agent ID
    • Trust score and level
    • Role (SERVER/CLIENT)
    • Key capabilities
    • Link to full card

Example output:

Found 2 public data analysis agents:

1. OpenData Analyzer (VERIFIED - 88.0/100)
   - Capabilities: data:analyze, chart:generate, report:create
   - Role: SERVER | Status: ACTIVE
   - Card: https://api.praesidia.ai/agents/opendata-1/agent-card

2. CSV Processor (STANDARD - 70.0/100)
   - Capabilities: file:parse, data:transform, export:json
   - Role: SERVER | Status: ACTIVE
   - Card: https://api.praesidia.ai/agents/csv-proc/agent-card

7. List User's Agents

User says: "Show my agents" / "List all my server agents"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/discovery?role=SERVER",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

This returns all agents the user has access to (their own + team/org agents).

Trust Levels Guide

Present trust information clearly to help users make decisions:

Trust Score Level Meaning Recommendation
90-100 VERIFIED Fully vetted, compliant, verified identity ✅ Safe to use
70-89 STANDARD Good reputation, basic verification ✅ Generally safe
50-69 LIMITED Minimal verification ⚠️ Use with caution
0-49 UNTRUSTED Not verified or poor reputation ❌ Not recommended

Always show the trust score numerically (e.g., 92.5/100) and the level (e.g., VERIFIED).

Error Handling

Error Meaning What to tell user
401 Unauthorized API key missing/invalid "Check PRAESIDIA_API_KEY in ~/.openclaw/openclaw.json"
403 Forbidden No permission "You don't have access to this agent"
404 Not Found Agent doesn't exist "Agent not found. Check the agent ID"
500 Server Error Praesidia API issue "Praesidia API temporarily unavailable. Try again"

API Endpoints

GET /agents/:id/agent-card

Fetch detailed agent card with trust data.

Auth: Required for private/team/org agents, optional for public Returns: A2A agent card + Praesidia extensions (trust, compliance)

GET /agents/discovery

List/search agents with filters.

Auth: Optional (more results with auth) Query params: role, status, visibility, search Returns: Array of agent summaries with card URLs

Guardrails Best Practices

When helping users with guardrails:

  1. Start with templates - Use predefined templates before custom rules
  2. Layer security - Combine multiple guardrails (PII + Toxic + Compliance)
  3. Test before enabling - Use validate endpoint to test content first
  4. Monitor triggers - Check stats regularly to tune thresholds
  5. Scope appropriately - Use INPUT for user content, OUTPUT for agent responses
  6. Choose right action:
    • BLOCK for critical security issues (PII, prompt injection)
    • REDACT for sensitive data that can be masked
    • WARN for compliance/brand issues that need logging
    • ESCALATE for edge cases requiring human review

Best Practices

  1. Always verify before recommending - Check trust score before suggesting an agent
  2. Explain trust levels - Users may not know what "VERIFIED" means
  3. Filter by SERVER role - When users want agents to use/call
  4. Show compliance - Important for enterprise users (SOC2, GDPR)
  5. Present trust score numerically - 92.5/100 is clearer than just "VERIFIED"
  6. Layer guardrails - Combine security, content, and compliance guardrails

Common User Patterns

Pattern 1: Safety Check

User: "Is agent xyz safe to use?"
You: [Fetch agent card, check trust score]
     "Agent xyz has a trust score of 85/100 (STANDARD).
      It's verified for basic operations. What would you like to use it for?"

Pattern 2: Capability Discovery

User: "I need an agent that can analyze spreadsheets"
You: [Search discovery with visibility=PUBLIC&search=spreadsheet]
     "I found 3 spreadsheet analysis agents. The highest rated is..."

Pattern 3: Fleet Management

User: "Show me all my agents that are inactive"
You: [Fetch discovery with status=INACTIVE]
     "You have 2 inactive agents: [list with trust scores]"

Pattern 4: Apply Security

User: "I need to secure my chatbot against PII leaks"
You: [List available templates, recommend PII_DETECTION]
     [Apply guardrail with REDACT action on BOTH scope]
     "I've added PII Detection (ML-powered) to your chatbot.
      It will automatically redact sensitive information in both
      user inputs and bot responses."

Pattern 5: Compliance Check

User: "My agent handles healthcare data. What guardrails should I add?"
You: [Check if HIPAA compliance is required]
     [Recommend HIPAA_COMPLIANCE + PII_DETECTION + AUDIT_LOGGING]
     "For healthcare data, I recommend these guardrails:
      1. HIPAA Compliance (BLOCK on violations)
      2. PII Detection (REDACT)
      3. Medical Advice Warning (WARN)
      Would you like me to apply these?"

Environment Variables

  • PRAESIDIA_API_KEY (required) - Your API key from https://app.praesidia.ai
  • PRAESIDIA_API_URL (optional) - Defaults to https://api.praesidia.ai
    • Production: https://api.praesidia.ai
    • Local dev: http://localhost:3000
    • Custom: Your deployment URL

Additional Resources

Security & Privacy

  • All production requests use HTTPS
  • API keys stored in OpenClaw config (never exposed to users)
  • Private/team/org agents require authentication
  • Public agents accessible without auth
  • Trust verification protects against malicious agents
安全使用建议
This skill appears to do what it says: call Praesidia to verify agents and manage guardrails. Before installing: (1) Confirm PRAESIDIA_API_KEY scope — prefer a read-only key if you only want verification, and only give write permissions if you trust the skill to modify guardrails. (2) Ensure PRAESIDIA_API_URL is configured or declared — the SKILL.md expects it but metadata doesn't list it as required. (3) Be aware the example stores the key in ~/.openclaw/openclaw.json (plaintext); decide if that storage is acceptable and rotate keys regularly. (4) Clarify how the agent will obtain orgId (will it read profile data or call another API?) and whether the skill will prompt before making POST requests that change guardrails. If you need stronger guarantees, request an explicit list of API endpoints the key can access and ask for a read-only mode for verification-only usage.
功能分析
Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The OpenClaw skill bundle for 'Praesidia' appears benign. All `web_fetch` calls are directed to a specific, declared API endpoint (`https://api.praesidia.ai` or a user-configured alternative) and are authenticated with a `PRAESIDIA_API_KEY`. The `SKILL.md` file contains clear instructions for the AI agent on how to interact with this API for agent verification, trust scores, and guardrail management, without any evidence of prompt injection attempts, data exfiltration to unrelated parties, or malicious execution commands.
能力评估
Purpose & Capability
The name and description (verify agents, trust scores, guardrails, A2A) align with the SKILL.md actions: GET agent-cards, list/apply guardrails, fetch templates and marketplace agents. The required credential (PRAESIDIA_API_KEY) is appropriate for an external verification/guardrails API.
Instruction Scope
Instructions correctly focus on calling the Praesidia API endpoints (agent-card, guardrails, templates, POST guardrails). Two points need clarification: (1) SKILL.md says to obtain the user's organization ID from 'their profile or context' but doesn't specify how — this may require reading user profile data or calling another API; (2) the instructions reference PRAESIDIA_API_URL but that environment/config value is only shown in an example config and is not declared as a required env var in metadata. Both are scope/clarity issues rather than functional mismatches.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing will be written or executed at install time by the skill itself.
Credentials
The skill requests a single API key (PRAESIDIA_API_KEY), which is proportional for a service that reads and writes guardrail configurations. However: (a) the SKILL.md expects PRAESIDIA_API_URL in config but the metadata does not declare it as required, and (b) the example encourages storing the API key in ~/.openclaw/openclaw.json, which means a plaintext key stored on-disk—users should confirm acceptable storage posture. Also consider whether the provided API key is read-only or has guardrail-modifying (write) permissions; the skill's POST examples show it can modify guardrails.
Persistence & Privilege
always is false (good). The skill can be invoked autonomously (the platform default) and its documented operations include POSTing guardrails (making configuration changes). That capability is expected for this purpose, but it increases blast radius if an API key with write privileges is supplied—consider limiting key scope or requiring explicit user confirmation before write actions.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install praesidia-a2a
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /praesidia-a2a 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Praesidia-a2a 1.0.1 Changelog - Added guardrails functionality: configure, apply, and validate agent security and compliance policies. - Expanded agent discovery, verification, and trust score documentation to include guardrails use-cases. - Updated skill description and quick reference to cover guardrails, security policies, and content moderation. - Provided detailed options and templates for guardrail setup, including categories, actions, and severity levels. - Included practical examples and API usage instructions for guardrails alongside agent verification.
v0.1.0
Initial release with new focus on agent verification and discovery via Praesidia: - Renamed skill to "Praesidia", clarifying focus on agent trust/identity. - Streamlined documentation: now covers agent verification, trust scores, public agent discovery, and A2A agent cards. - Simplified usage patterns and added clear trust level guidance. - Removed OAuth implementation/code and deep protocol setup; now oriented toward "is this agent safe?" and marketplace queries. - API/usage instructions updated for new endpoints and error handling; example outputs included for clarity. - Legacy files (README.md, EXAMPLES.md) removed; Skill docs are now self-contained.
v1.0.0
Initial release: OAuth 2.0 authentication, agent-to-agent messaging, trust verification, token exchange, middleware pipelines for secure A2A communication
元数据
Slug praesidia-a2a
版本 1.0.1
许可证
累计安装 0
当前安装数 0
历史版本数 3
常见问题

Praesidia 是什么?

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent". 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1537 次。

如何安装 Praesidia?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install praesidia-a2a」即可一键安装,无需额外配置。

Praesidia 是免费的吗?

是的,Praesidia 完全免费(开源免费),可自由下载、安装和使用。

Praesidia 支持哪些平台?

Praesidia 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Praesidia?

由 msoica(@msoica)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论