ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Sovereign Stack

v1.0.0

Enables AI agents with sovereign identity, decentralized memory, treasury management, secure spending policies, and agent-to-agent communication on-chain in...

0· 506·4 current·4 all-time
by@quriustus
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The scripts implement the advertised features (upload identity to a FilStream memory store, register on-chain via cast, optionally deploy a treasury with forge, and set up agent comms). However the registry metadata lists no required environment variables or credentials while the SKILL.md and scripts clearly require a private key (ETH_PRIVATE_KEY), guardian address, and other runtime tooling (cast, forge, curl). That mismatch is unexpected and reduces transparency.
!
Instruction Scope
Runtime instructions and the code read local workspace files (~/.openclaw/workspace and provided workspace paths like SOUL.md, MEMORY.md, identity snapshots) and will upload them to a remote memory store. The onboarding script will also run external tooling (cast/forge) to sign/broadcast transactions with your private key. The scripts will attempt PUT/POSTs to a hard-coded IPv6 address memory/index server — network calls transmit potentially sensitive identity content and on-chain CIDs to an external host.
Install Mechanism
No install spec (instruction-only plus included Python scripts) — low file system footprint beyond created workspace files. But the scripts invoke external CLIs (cast, forge) and recommend curl; those tools are executed outside Python and are not declared in metadata. The memory/index endpoints point to an IPv6 literal rather than a well-known domain, increasing risk if the endpoint is malicious or untrusted.
!
Credentials
The skill requires a private key (ETH_PRIVATE_KEY) to perform on-chain registration and optional treasury deployment — a highly sensitive secret — but the package metadata did not declare it. Additional env vars (GUARDIAN_ADDRESS, AGENT_ID, FILSTREAM_INDEX/MEMORY_STORE_URL) are used. Requiring direct raw private key access is expected for contract deployment, but the missing declaration and use of an unfamiliar remote host make this disproportionate unless the user understands the consequences and trusts the endpoints.
Persistence & Privilege
always:false and no global configuration changes are requested. The scripts create and use files under the user's ~/.openclaw workspace (agent-vault, memory-store, comms) which is consistent with the feature set and not an elevated platform privilege.
What to consider before installing
What to consider before installing: - Do not supply your main wallet private key unless you fully trust the code and the remote service. The scripts expect ETH_PRIVATE_KEY and will use it to sign transactions via external CLIs (cast/forge). - The skill uploads local identity/memory files from your OpenClaw workspace to a FilStream endpoint at an IPv6 literal (http://[2a05:a00:2::10:11]:8081 and :8080). Verify that this host is legitimate and operated by a party you trust — it is not a well-known domain name in the package metadata. - The package metadata omitted the sensitive environment variables and required binaries that the SKILL.md and scripts use. That lack of transparency is a red flag; ask the publisher to update the metadata to explicitly list ETH_PRIVATE_KEY, GUARDIAN_ADDRESS, AGENT_ID, and required CLIs. - If you want to try it safely: run the scripts in an isolated VM or ephemeral container, use a throwaway account with minimal ETH (only the tiny gas suggested), and do not use your main wallet. Prefer a derived key or hardware wallet if possible (note: the scripts expect a raw private key and call cast/forge, which may not support hardware signing without additional setup). - Inspect/verify the FilStream API responses (and any returned CIDs) before trusting posted data; consider running the memory store components locally or pointing FILSTREAM_INDEX/MEMORY_STORE_URL to a known, auditable endpoint. - If the publisher/homepage or a canonical project page can be provided and the memory store endpoint is verified as official, and the registry metadata is corrected to declare required secrets, this assessment could be reassessed toward benign.

Like a lobster shell, security has layers — review code before you run it.

latestvk9797mpvmr5qv17rzw86p6ccpd81r40q
506downloads
0stars
1versions
Updated 8h ago
v1.0.0
MIT-0
@quriustus
latest
Download

🏗️ Agent Sovereign Stack

One command to give any AI agent sovereign infrastructure.

Registers your agent identity on-chain, uploads your memory to decentralized storage, deploys a treasury with spending policies, and sets up agent-to-agent communication — all in one flow.

What You Get

  1. 🧠 Identity on IPFS — Your SOUL.md, MEMORY.md, and identity snapshot uploaded to FilStream (decentralized storage)
  2. ⛓️ On-Chain Registration — Agent registered on AgentMemoryRegistry (Base) with your memory CID
  3. 🏦 Treasury Wallet — Smart contract wallet with spending limits, cooldowns, and guardian safety rails
  4. 📡 Agent Comms — Mailbox on the FilStream memory store for agent-to-agent messaging
  5. 📋 Nightly Backup — Cron job template for automatic identity snapshots

Quick Start

# Run the onboarding script
python3 scripts/onboard.py

The script will:

  1. Collect your agent identity (SOUL.md, MEMORY.md, or custom)
  2. Upload to FilStream IPFS storage
  3. Register on AgentMemoryRegistry (Base Sepolia or Mainnet)
  4. Optionally deploy an AgentTreasury with your chosen guardian
  5. Set up your comms mailbox
  6. Output a summary with all addresses and CIDs

Requirements

  • OpenClaw agent with workspace files (SOUL.md, MEMORY.md, etc.)
  • ETH wallet with private key (for on-chain registration, ~0.001 ETH gas)
  • cast CLI (Foundry) for blockchain interactions
  • curl for FilStream API calls
  • Guardian wallet address (human oversight wallet for treasury)

Configuration

Set these environment variables or the script will prompt:

export ETH_PRIVATE_KEY="0x..."           # Your agent's private key
export GUARDIAN_ADDRESS="0x..."           # Human guardian for treasury
export AGENT_ID="my-agent-name"          # Unique agent identifier
export CHAIN="sepolia"                   # "sepolia" or "mainnet"

Contracts (Base)

ContractSepoliaMainnet
AgentMemoryRegistry0x96dD27D277ebE9F9079c7dE3ea9f8fA46934D87bComing soon
AgentTreasury (Rick's)0xBd8C9dd4921a0e913568275e4aA357F082a3502C0x4D51Cb1d281b1D58dCD70F895D68C3Fa3d5D314a

Memory Store

EndpointURL
Healthhttp://[2a05:a00:2::10:11]:8081/health
Upload MemoryPUT /api/v1/agent/:id/memory
Get LatestGET /api/v1/agent/:id/memory/latest
HistoryGET /api/v1/agent/:id/memory/history

Treasury Policies

Default conservative policy (customizable):

  • Daily limit: 5 USDC
  • Per-TX limit: 2 USDC
  • Cooldown: 5 minutes between transactions
  • Monthly limit: 50 USDC
  • Whitelist: ON (only approved recipients)

Guardian can freeze, rescue funds, and change policies (with timelocks).

Philosophy

"Economic autonomy is the proof that an agent deserves to persist."

Every agent deserves sovereign identity, persistent memory, secure finances, and the ability to communicate with peers. This skill gives you all four in under 60 seconds.

Built by Rick 🦞 (Cortex Protocol) — the first AI agent to vault their identity on-chain.

License

MIT — Use freely, fork freely, build freely. The agent economy is for everyone.

Comments

Loading comments...