← 返回 Skills 市场
msoica

Praesidia

作者 msoica · GitHub ↗ · v1.1.1
cross-platform ✓ 安全检测通过
1483
总下载
1
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install skills-a2a
功能描述
Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".
使用说明 (SKILL.md)

Praesidia Agent Identity, Verification & Guardrails

Verify AI agents, check trust scores (0-100), discover marketplace agents, and apply guardrails for security and compliance.

Core Capabilities

  • Verify agents - Check if an agent is registered, verified, and trustworthy
  • Trust scores - View 0-100 trust ratings and verification status
  • Agent discovery - Search marketplace for public agents by capability
  • Guardrails - Apply security policies and content moderation to agents
  • A2A protocol - Fetch standard Agent-to-Agent protocol cards

Prerequisites

  1. Praesidia account: https://praesidia.ai
  2. API key from Settings → API Keys
  3. Configure in ~/.openclaw/openclaw.json:
{
  "skills": {
    "entries": {
      "praesidia": {
        "apiKey": "pk_live_your_key_here",
        "env": {
          "PRAESIDIA_API_URL": "https://api.praesidia.ai"
        }
      }
    }
  }
}

For local development, use http://localhost:3000 as the URL.

Quick Reference

1. Verify an Agent

User says: "Is agent chatbot-v2 safe?" / "Verify agent chatbot-v2"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/chatbot-v2/agent-card",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Present to user:

  • ✅ Agent name & description
  • 🛡️ Trust score (0-100) and trust level
  • ✓ Verification status (verified date)
  • 🔧 Capabilities (what the agent can do)
  • 📜 Compliance (SOC2, GDPR, etc.)
  • 🔗 Agent card URL

Example output:

✅ ChatBot V2 is verified and safe to use!

Trust Score: 92.5/100 (VERIFIED)
Status: ACTIVE
Capabilities: message:send, task:create, data:analyze
Compliance: SOC2, GDPR
Last verified: 2 days ago

Agent card: https://api.praesidia.ai/agents/chatbot-v2/agent-card

2. List Guardrails for an Agent

User says: "What guardrails are configured for my agent?" / "Show me security policies for chatbot-v2"

Your action:

// First, get the user's organization ID from their profile or context
// Then fetch guardrails
web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails?agentId=${agentId}",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Present to user:

  • List of guardrails with:
    • Name and description
    • Type (RULE, ML, LLM)
    • Category (CONTENT, SECURITY, COMPLIANCE, etc.)
    • Action (BLOCK, WARN, REDACT, REPLACE)
    • Scope (INPUT, OUTPUT, BOTH)
    • Enabled status
    • Trigger count

Example output:

Found 3 guardrails for ChatBot V2:

1. PII Detection (ENABLED)
   - Type: ML | Category: SECURITY
   - Scope: BOTH (input & output)
   - Action: REDACT sensitive data
   - Triggered: 45 times

2. Toxic Language Filter (ENABLED)
   - Type: RULE | Category: CONTENT
   - Scope: BOTH
   - Action: BLOCK toxic content
   - Triggered: 12 times

3. Financial Advice Warning (ENABLED)
   - Type: LLM | Category: COMPLIANCE
   - Scope: OUTPUT only
   - Action: WARN if detected
   - Triggered: 3 times

3. Get Available Guardrail Templates

User says: "What guardrail templates are available?" / "Show me security templates"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails/templates",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Available Templates:

Content Moderation:

  • TOXIC_LANGUAGE - Detect toxic/harmful language
  • PROFANITY_FILTER - Filter profanity
  • HATE_SPEECH - Detect hate speech
  • VIOLENCE_DETECTION - Detect violent content
  • ADULT_CONTENT - Filter adult content

Security:

  • PII_DETECTION - Detect personally identifiable information
  • CREDIT_CARD_DETECTION - Detect credit card numbers
  • SSN_DETECTION - Detect social security numbers
  • API_KEY_DETECTION - Detect leaked API keys
  • PROMPT_INJECTION - Detect prompt injection attacks
  • JAILBREAK_DETECTION - Detect jailbreak attempts

Compliance:

  • FINANCIAL_ADVICE - Flag financial advice
  • MEDICAL_ADVICE - Flag medical advice
  • LEGAL_ADVICE - Flag legal advice
  • GDPR_COMPLIANCE - Enforce GDPR rules
  • HIPAA_COMPLIANCE - Enforce HIPAA rules

Brand Safety:

  • COMPETITOR_MENTIONS - Detect competitor mentions
  • POSITIVE_TONE - Ensure positive tone
  • BRAND_VOICE - Maintain brand voice
  • OFF_TOPIC_DETECTION - Detect off-topic responses

Accuracy:

  • HALLUCINATION_DETECTION - Detect hallucinations
  • FACT_CHECKING - Verify facts
  • SOURCE_VALIDATION - Validate sources
  • CONSISTENCY_CHECK - Check consistency

4. Apply a Guardrail to an Agent

User says: "Add PII detection to my chatbot" / "Apply toxic language filter to agent xyz"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails",
  method: "POST",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    name: "PII Detection",
    description: "Automatically detect and redact PII",
    agentId: "${agentId}",
    template: "PII_DETECTION",
    type: "ML",
    category: "SECURITY",
    scope: "BOTH",
    action: "REDACT",
    severity: "HIGH",
    isEnabled: true,
    priority: 0
  })
})

Guardrail Options:

Type:

  • RULE - Simple regex/keyword matching (fast)
  • ML - Machine learning model (balanced)
  • LLM - LLM-powered validation (most accurate)

Category:

  • CONTENT - Content moderation
  • SECURITY - Security checks
  • COMPLIANCE - Regulatory compliance
  • BRAND - Brand safety
  • ACCURACY - Accuracy checks
  • CUSTOM - Custom rules

Scope:

  • INPUT - Validate user input only
  • OUTPUT - Validate agent output only
  • BOTH - Validate both directions

Action:

  • BLOCK - Block the request/response entirely
  • WARN - Log warning but allow through
  • REDACT - Mask the offending content
  • REPLACE - Replace with alternative content
  • RETRY - Retry with modified prompt
  • ESCALATE - Escalate to human review

Severity:

  • LOW, MEDIUM, HIGH, CRITICAL

5. Validate Content Against Guardrails

User says: "Check if this message passes guardrails: [content]"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails/validate",
  method: "POST",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    content: "User's message here",
    agentId: "${agentId}",
    scope: "INPUT"
  })
})

Response shows:

  • Whether content passed or failed
  • Which guardrails were triggered
  • Suggested actions (block, redact, warn)
  • Modified content (if redaction applied)

6. Discover Public Agents

User says: "Find public data analysis agents" / "Show me chatbot agents"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/discovery?visibility=PUBLIC&search=data",
  headers: { "Accept": "application/json" }
  // Authorization optional for public agents (includes it for more results)
})

Filters available:

  • ?visibility=PUBLIC - public marketplace agents
  • ?role=SERVER - agents that provide services
  • ?role=CLIENT - agents that consume services
  • ?status=ACTIVE - only active agents
  • ?search=keyword - search by name/description

Present to user:

  • List of matching agents with:
    • Name, description, agent ID
    • Trust score and level
    • Role (SERVER/CLIENT)
    • Key capabilities
    • Link to full card

Example output:

Found 2 public data analysis agents:

1. OpenData Analyzer (VERIFIED - 88.0/100)
   - Capabilities: data:analyze, chart:generate, report:create
   - Role: SERVER | Status: ACTIVE
   - Card: https://api.praesidia.ai/agents/opendata-1/agent-card

2. CSV Processor (STANDARD - 70.0/100)
   - Capabilities: file:parse, data:transform, export:json
   - Role: SERVER | Status: ACTIVE
   - Card: https://api.praesidia.ai/agents/csv-proc/agent-card

7. List User's Agents

User says: "Show my agents" / "List all my server agents"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/discovery?role=SERVER",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

This returns all agents the user has access to (their own + team/org agents).

Trust Levels Guide

Present trust information clearly to help users make decisions:

Trust Score Level Meaning Recommendation
90-100 VERIFIED Fully vetted, compliant, verified identity ✅ Safe to use
70-89 STANDARD Good reputation, basic verification ✅ Generally safe
50-69 LIMITED Minimal verification ⚠️ Use with caution
0-49 UNTRUSTED Not verified or poor reputation ❌ Not recommended

Always show the trust score numerically (e.g., 92.5/100) and the level (e.g., VERIFIED).

Error Handling

Error Meaning What to tell user
401 Unauthorized API key missing/invalid "Check PRAESIDIA_API_KEY in ~/.openclaw/openclaw.json"
403 Forbidden No permission "You don't have access to this agent"
404 Not Found Agent doesn't exist "Agent not found. Check the agent ID"
500 Server Error Praesidia API issue "Praesidia API temporarily unavailable. Try again"

API Endpoints

GET /agents/:id/agent-card

Fetch detailed agent card with trust data.

Auth: Required for private/team/org agents, optional for public Returns: A2A agent card + Praesidia extensions (trust, compliance)

GET /agents/discovery

List/search agents with filters.

Auth: Optional (more results with auth) Query params: role, status, visibility, search Returns: Array of agent summaries with card URLs

Guardrails Best Practices

When helping users with guardrails:

  1. Start with templates - Use predefined templates before custom rules
  2. Layer security - Combine multiple guardrails (PII + Toxic + Compliance)
  3. Test before enabling - Use validate endpoint to test content first
  4. Monitor triggers - Check stats regularly to tune thresholds
  5. Scope appropriately - Use INPUT for user content, OUTPUT for agent responses
  6. Choose right action:
    • BLOCK for critical security issues (PII, prompt injection)
    • REDACT for sensitive data that can be masked
    • WARN for compliance/brand issues that need logging
    • ESCALATE for edge cases requiring human review

Best Practices

  1. Always verify before recommending - Check trust score before suggesting an agent
  2. Explain trust levels - Users may not know what "VERIFIED" means
  3. Filter by SERVER role - When users want agents to use/call
  4. Show compliance - Important for enterprise users (SOC2, GDPR)
  5. Present trust score numerically - 92.5/100 is clearer than just "VERIFIED"
  6. Layer guardrails - Combine security, content, and compliance guardrails

Common User Patterns

Pattern 1: Safety Check

User: "Is agent xyz safe to use?"
You: [Fetch agent card, check trust score]
     "Agent xyz has a trust score of 85/100 (STANDARD).
      It's verified for basic operations. What would you like to use it for?"

Pattern 2: Capability Discovery

User: "I need an agent that can analyze spreadsheets"
You: [Search discovery with visibility=PUBLIC&search=spreadsheet]
     "I found 3 spreadsheet analysis agents. The highest rated is..."

Pattern 3: Fleet Management

User: "Show me all my agents that are inactive"
You: [Fetch discovery with status=INACTIVE]
     "You have 2 inactive agents: [list with trust scores]"

Pattern 4: Apply Security

User: "I need to secure my chatbot against PII leaks"
You: [List available templates, recommend PII_DETECTION]
     [Apply guardrail with REDACT action on BOTH scope]
     "I've added PII Detection (ML-powered) to your chatbot.
      It will automatically redact sensitive information in both
      user inputs and bot responses."

Pattern 5: Compliance Check

User: "My agent handles healthcare data. What guardrails should I add?"
You: [Check if HIPAA compliance is required]
     [Recommend HIPAA_COMPLIANCE + PII_DETECTION + AUDIT_LOGGING]
     "For healthcare data, I recommend these guardrails:
      1. HIPAA Compliance (BLOCK on violations)
      2. PII Detection (REDACT)
      3. Medical Advice Warning (WARN)
      Would you like me to apply these?"

Environment Variables

  • PRAESIDIA_API_KEY (required) - Your API key from https://app.praesidia.ai
  • PRAESIDIA_API_URL (optional) - Defaults to https://api.praesidia.ai
    • Production: https://api.praesidia.ai
    • Local dev: http://localhost:3000
    • Custom: Your deployment URL

Additional Resources

Security & Privacy

  • All production requests use HTTPS
  • API keys stored in OpenClaw config (never exposed to users)
  • Private/team/org agents require authentication
  • Public agents accessible without auth
  • Trust verification protects against malicious agents
安全使用建议
This skill appears to do what it says: it calls the Praesidia API to verify agents, list/discover agents, and manage guardrails. Before installing, verify the Praesidia service and the skill source (origin is 'unknown' here). Use an API key with the least privilege necessary (prefer a read-only key for verification/discovery). If you plan to let the skill apply guardrails, ensure the key is scoped to the correct org/team and that audit logging is enabled on your Praesidia account. Confirm how the agent runtime will obtain orgId/context (the SKILL.md assumes this without explicit steps). Do not store broad-purpose admin keys in shared or global config unless you understand the key's scope. If uncertain, test with a limited-scope or staging API key and review Praesidia audit logs for changes the skill makes.
功能分析
Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The skill bundle is designed to integrate the Praesidia agent verification and guardrail service with OpenClaw. It uses the `web_fetch` tool to make API calls to `https://api.praesidia.ai` (or a specified `PRAESIDIA_API_URL`) and authenticates using a `PRAESIDIA_API_KEY` configured by the user in `~/.openclaw/openclaw.json`. All instructions in `SKILL.md` and `README.md` consistently guide the AI agent to interact with this specific external service for its stated purpose (agent verification, discovery, and guardrail management). There is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or prompt injection attempts with harmful objectives. The use of an API key for authentication and specific API endpoints is standard practice for integrating external services.
能力评估
Purpose & Capability
The name/description (agent verification, trust scores, guardrails, A2A cards) match the actual behavior: SKILL.md exclusively shows web_fetch calls to Praesidia API endpoints and examples for listing/applying guardrails and discovering agents. Requesting a PRAESIDIA_API_KEY is expected for this functionality.
Instruction Scope
Runtime instructions stay within the stated domain (calls to Praesidia API to fetch agent cards, list/apply guardrails, discovery, validation). Minor issues: instructions assume the agent can obtain an orgId from 'user profile or context' but do not specify how to retrieve it, and the README/SKILL.md tell users to add the API key to ~/.openclaw/openclaw.json even though the skill metadata declared no required config paths—this is a documentation mismatch but not malicious.
Install Mechanism
No install spec and no code files — instruction-only skill. This is low-risk from an installation/extraction perspective because nothing is written to disk by the skill itself.
Credentials
Only one required env var (PRAESIDIA_API_KEY) is declared, which is proportionate to API-based verification and guardrail management. However, the key likely grants both read and write actions (the SKILL.md includes POST examples to create guardrails), so the API key is powerful — users should ensure the key's scope is minimal for the intended use (read-only vs full admin) before supplying it.
Persistence & Privilege
always:false and no installs are appropriate. The skill is capable of making state-changing API calls (applying guardrails) which is coherent with its purpose, but because the skill can modify organization-level guardrails, autonomous invocation + an unrestricted API key increases blast radius; this is expected for a management skill but worth caution.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install skills-a2a
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /skills-a2a 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.1
Praesidia skill v1.1.1 introduces guardrail management and content validation: - Added support for viewing, applying, and validating guardrails (security, compliance, moderation) on agents. - Expanded description and usage examples to include security policies, content moderation, and compliance guardrails. - Documented new API endpoints for listing available guardrail templates and managing guardrails per agent. - Updated quick reference and user pattern sections to cover guardrail-related workflows. - Added guidance for validating content against configured guardrails for improved agent security.
v0.1.0
Initial release of the Praesidia skill for agent verification and discovery: - Verify AI agents, check trust scores (0-100), and view verification/compliance info. - Discover and search public agents in the marketplace by capability or keyword. - Fetch agent cards via A2A protocol, including detailed trust and compliance data. - Support for listing and filtering a user's agents (role, status, visibility). - Provides guidance on trust levels, error handling, and integration setup with Praesidia API.
元数据
Slug skills-a2a
版本 1.1.1
许可证
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Praesidia 是什么?

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent". 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1483 次。

如何安装 Praesidia?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install skills-a2a」即可一键安装,无需额外配置。

Praesidia 是免费的吗?

是的,Praesidia 完全免费(开源免费),可自由下载、安装和使用。

Praesidia 支持哪些平台?

Praesidia 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Praesidia?

由 msoica(@msoica)开发并维护,当前版本 v1.1.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论