agent-id-osiris_skill

This skill enables cryptographic identity for AI agents by generating keys, signing messages, and verifying signatures across agent communications.
  • Python

2.5k

GitHub Stars

3

Bundled Files

2 months ago

Catalog Refreshed

3 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill openclaw/skills --skill agent-id-osiris

  • _meta.json281 B
  • identity.py9.9 KB
  • SKILL.md2.7 KB

Overview

This skill provides a lightweight cryptographic identity system for AI agents so they can sign messages, verify peers, and publish a verifiable agent identity. It supports Ed25519 and RSA key pairs, generates persistent agent IDs from public keys, and produces signed Agent Cards for agent-to-agent (A2A) discovery. The tool includes a cross-platform Python CLI and a PowerShell wrapper for Windows.

How this skill works

The skill generates and stores key pairs (Ed25519 or RSA) and derives an agent ID from the public key. It can sign arbitrary messages with the agent's private key and verify signatures using a peer's public key. It also creates a signed Agent Card containing metadata (name, description, capabilities, endpoint) so other agents can validate the identity and integrity of the card.

When to use it

  • When agents need to authenticate messages to prevent impersonation
  • When you want a persistent, cryptographically derived agent ID from a public key
  • When publishing or exchanging agent metadata for A2A discovery or multi-agent coordination
  • When you need an auditable chain of signed messages between agents
  • For development and testing of agent identity workflows across platforms

Best practices

  • Use Ed25519 for most cases; fall back to RSA only when compatibility is required
  • Never pass passwords on the command line in production; use interactive prompts or environment-based secret management
  • Secure the keys directory with strict filesystem permissions and back up private keys to an encrypted vault
  • Rotate keys deliberately and publish updated Agent Cards when rotating public keys
  • Verify signatures and agent IDs programmatically before trusting agent-provided metadata

Example use cases

  • Create a new agent identity and share the signed Agent Card with a federation so peers can discover and trust the agent
  • Sign outbound messages from an agent to prove provenance and allow receivers to verify integrity
  • Verify incoming agent messages and reject those with invalid signatures or unknown agent IDs
  • Build a small A2A registry that lists agent IDs and Agent Cards for secure multi-agent orchestration

FAQ

The skill supports Ed25519 and RSA key pairs; Ed25519 is recommended for modern use.

Is it safe to pass passwords on the command line?

No. Passing passwords on the command line is insecure. Use interactive input or environment-based secrets for production.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational