2.5k
GitHub Stars
3
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill agent-id-osiris- _meta.json281 B
- identity.py9.9 KB
- SKILL.md2.7 KB
Overview
This skill provides a lightweight cryptographic identity system for AI agents so they can sign messages, verify peers, and publish a verifiable agent identity. It supports Ed25519 and RSA key pairs, generates persistent agent IDs from public keys, and produces signed Agent Cards for agent-to-agent (A2A) discovery. The tool includes a cross-platform Python CLI and a PowerShell wrapper for Windows.
How this skill works
The skill generates and stores key pairs (Ed25519 or RSA) and derives an agent ID from the public key. It can sign arbitrary messages with the agent's private key and verify signatures using a peer's public key. It also creates a signed Agent Card containing metadata (name, description, capabilities, endpoint) so other agents can validate the identity and integrity of the card.
When to use it
- When agents need to authenticate messages to prevent impersonation
- When you want a persistent, cryptographically derived agent ID from a public key
- When publishing or exchanging agent metadata for A2A discovery or multi-agent coordination
- When you need an auditable chain of signed messages between agents
- For development and testing of agent identity workflows across platforms
Best practices
- Use Ed25519 for most cases; fall back to RSA only when compatibility is required
- Never pass passwords on the command line in production; use interactive prompts or environment-based secret management
- Secure the keys directory with strict filesystem permissions and back up private keys to an encrypted vault
- Rotate keys deliberately and publish updated Agent Cards when rotating public keys
- Verify signatures and agent IDs programmatically before trusting agent-provided metadata
Example use cases
- Create a new agent identity and share the signed Agent Card with a federation so peers can discover and trust the agent
- Sign outbound messages from an agent to prove provenance and allow receivers to verify integrity
- Verify incoming agent messages and reject those with invalid signatures or unknown agent IDs
- Build a small A2A registry that lists agent IDs and Agent Cards for secure multi-agent orchestration
FAQ
The skill supports Ed25519 and RSA key pairs; Ed25519 is recommended for modern use.
Is it safe to pass passwords on the command line?
No. Passing passwords on the command line is insecure. Use interactive input or environment-based secrets for production.