{"skill":{"slug":"agentauth","displayName":"agentauth","summary":"Require user-initiated biometric passkey approval before your OpenClaw agent deletes files, sends emails, makes purchases, or modifies system config. Every a...","tags":{"latest":"0.0.1"},"stats":{"comments":0,"downloads":20,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1777445382858,"updatedAt":1777445808115},"latestVersion":{"version":"0.0.1","createdAt":1777445382858,"changelog":"agentauth 0.0.1 — Initial release introducing cryptographic human-in-the-loop authorization for dangerous agent actions.\n\n- Requires biometric passkey approval via FIDO2/WebAuthn before agents can delete files, send emails, make purchases, or modify sensitive configs.\n- All approvals are cryptographically signed and non-repudiable, blocking prompt injection and unauthorized actions.\n- Uses non-blocking sub-agent workflows for both initial setup (auth-flow) and per-action approvals (approval-flow).\n- Main agent remains responsive and never executes dangerous commands directly.\n- Strict field restrictions enforced for session spawning to ensure correct operation and prevent errors.\n- Comprehensive documentation of safe/dangerous actions and required integration flows.","license":"MIT-0"},"metadata":{"os":null,"systems":null},"owner":{"handle":"braagaa","userId":"s1797p9nmbgva53jbhzgavnpzn8421xf","displayName":"Michael Braga","image":"https://avatars.githubusercontent.com/u/26634956?v=4"},"moderation":{"isSuspicious":true,"isMalwareBlocked":false,"verdict":"suspicious","reasonCodes":["suspicious.dangerous_exec","suspicious.env_credential_access","suspicious.llm_suspicious","suspicious.potential_exfiltration","suspicious.vt_suspicious"],"summary":"Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.llm_suspicious (+2 more)","engineVersion":"v2.4.2","updatedAt":1777445808115}}