2.5k
GitHub Stars
5
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill verify-matrix-device- _meta.json293 B
- package-lock.json8.0 KB
- package.json366 B
- README.md2.5 KB
- SKILL.md2.1 KB
Overview
This skill verifies and cross-signs the active Matrix device for an OpenClaw-managed account. It helps repair device trust, confirm a device is self-signed, or recover cross-signing using a Matrix recovery key. The tool uses the existing OpenClaw access token and a local verifier script to perform server-side confirmation of signatures.
How this skill works
The skill runs a Node-based verifier script in the skill folder against the specified homeserver and username. It ensures required dependencies are installed, then invokes the verifier which prompts for the recovery key in a real TTY to avoid exposing secrets. The verifier uses openclaw.json access credentials by default, signs the active device directly, and confirms the signature server-side.
When to use it
- Repair cross-signing trust for an OpenClaw-managed Matrix device after loss of trust.
- Confirm whether the current active device is already self-signed or cross-signed.
- Recover cross-signing for a device using a Matrix recovery key.
- Run a controlled, auditable verification using the OpenClaw access token.
- Test local device signing behavior during development or support workflows.
Best practices
- Provide homeserver and username exactly as used by the account to avoid mismatches.
- Never pass the recovery key on the command line or in environment variables; enter it at the hidden TTY prompt.
- Run the skill in a real terminal/TTY so the recovery-key prompt remains hidden.
- Use the optional openclaw.json path only when the file is outside the default location.
- Install dependencies in the skill folder (npm install --prefix {baseDir}) before running the verifier.
Example use cases
- A user lost cross-signing trust after reinstalling a client and needs to re-establish trust with their active device.
- Support staff verify whether an OpenClaw-managed device is already cross-signed before advising next steps.
- A recovery key holder wants to recover cross-signing for a single device without creating helper devices.
- Developer testing: run verifier with --access-token for local checks independent of openclaw.json.
- Performing a server-side confirmation that a freshly signed device is recognized by the homeserver.
FAQ
No. For security the verifier prompts for the recovery key interactively in a TTY; do not pass it on the command line or via environment variables.
What if openclaw.json is not in the default location?
Pass --openclaw-json "<path>" to the verifier command to use a non-default config file.