AgentPin
PassAudited by ClawScan on May 1, 2026.
Overview
AgentPin appears to be a coherent documentation-only identity-verification skill, but users should pay attention to external package provenance, private key handling, and persistent trust pins.
This skill looks purpose-aligned and documentation-only. Before using it, confirm the external AgentPin packages are authentic, pin dependency versions, protect generated private keys, issue credentials with minimal capabilities and short lifetimes, and review how TOFU pins or trust bundles are stored and reset.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the wrong or compromised package could affect identity verification or key handling.
The skill points users to external packages without version pins or publisher verification. This is consistent with a development guide, but package provenance matters for a security/identity library.
npm install agentpin ... pip install agentpin
Verify the package source and maintainer, pin known-good versions, and prefer audited repositories or lockfiles before using these packages in sensitive workflows.
If private keys or issued credentials are mishandled, another party could impersonate an agent or exercise its delegated capabilities.
The guide instructs users to generate private keys and issue signed JWT credentials with capabilities. This is central to AgentPin, but the resulting key material and credentials can represent agent authority.
Generate ECDSA P-256 keypair ... Issue a credential ... --key ./keys/my-agent.private.pem ... --capabilities read,write --ttl 3600
Store private keys securely, use short TTLs and least-privilege capabilities, avoid committing keys to source control, and rotate/revoke credentials when needed.
A bad initial pin could cause future verifications to trust the wrong key until the pin store is corrected.
The protocol persists trust decisions for first-seen keys. This is expected for TOFU pinning, but persistent trust state can be poisoned if the first observed key or discovery document is not trustworthy.
TOFU key pinning with JWK thumbprint persistence
Initialize pins from trusted discovery documents, protect the pin store from unauthorized edits, and provide a clear process for reviewing, rotating, or resetting pins.