Clawkey
v1.0.2Verifiable human ownership for OpenClaw agents. Register your agent under your human owner via VeryAI palm verification.
⭐ 1· 1.9k·7 current·7 all-time
by@oyyblin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The stated purpose (verifiable human ownership via a signed AgentChallenge and a human-completed VeryAI flow) matches the instructions and API endpoints. Generating and posting a signed challenge is a sensible requirement for this functionality. However the SKILL.md explicitly requires a local OpenClaw identity file (~/.openclaw/identity/device.json) to obtain deviceId and the private key for signing; the registry metadata lists no required config paths or credentials. That omission is an inconsistency (documentation vs metadata).
Instruction Scope
The SKILL.md instructs the agent to read a local identity file and use the private key locally to sign a challenge, then POST publicKey/message/signature to https://api.clawkey.ai/v1. The flow and admonition 'never send the private key' are appropriate, but this instruction set gives the agent direct access to a sensitive local secret. The instructions do not include safeguards or code that enforces never transmitting the private key, and the metadata does not declare the required path — increasing risk of accidental leakage or misimplementation.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute, so nothing is downloaded or written to disk by an installer. That minimizes supply-chain risk.
Credentials
The skill requests no environment variables or declared credentials, but it requires access to a local identity file containing a private key. Access to that file is highly sensitive and should have been declared as a required config path. Requesting access to the agent's device identity is proportionate to the stated purpose if done correctly, but because it's not declared and the instructions rely on the agent handling the private key safely, this is a risk worth flagging.
Persistence & Privilege
The skill is not always-enabled and uses default invocation rules (agent may call it autonomously). It does not request persistent installation or elevated system privileges in the registry metadata.
What to consider before installing
Before installing or using this skill: 1) Verify the api.clawkey.ai endpoint and the vendor (clawkey.ai) and confirm you trust the service. 2) Confirm how your agent will access ~/.openclaw/identity/device.json and who/what process has read access — this file contains your private key and is highly sensitive. 3) Prefer using a dedicated or ephemeral key pair for ClawKey registration instead of your primary device key, so compromise is limited. 4) Inspect any code or agent logs to ensure the private key is never transmitted; only send publicKey, message, signature, and timestamp as documented. 5) Ask the publisher why the config path and sensitive-file access were omitted from the registry metadata; lack of declaration is a red flag. If you cannot validate these points, do not install or use the skill with your primary device identity.Like a lobster shell, security has layers — review code before you run it.
latestvk975y3s7jsm71whgsw8c4rvgqn80x73f
License
MIT-0
Free to use, modify, and redistribute. No attribution required.