ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ox Agent Identity

v1.0.0

ERC-8004 agent identity management. Register AI agents on-chain, update reputation scores, query the validation registry, and manage attestations for autonom...

0· 105·0 current·0 all-time
by@0x-wzw

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for 0x-wzw/ox-agent-identity.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Ox Agent Identity" (0x-wzw/ox-agent-identity) from ClawHub.
Skill page: https://clawhub.ai/0x-wzw/ox-agent-identity
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install ox-agent-identity

ClawHub CLI

Package manager switcher

npx clawhub@latest install ox-agent-identity
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md and README clearly describe on-chain registration, reputation updates, and attestations using Foundry's cast and wallet private keys — which is coherent with the stated purpose. However, the skill metadata claims 'Required env vars: none' and 'Primary credential: none' despite runtime instructions requiring WEB3_RPC_URL and private key variables. That mismatch is unexpected and reduces trust in the package metadata.
!
Instruction Scope
Runtime instructions explicitly tell the agent to read environment variables containing RPC URLs and private keys and to execute transaction-sending commands (cast send). Those actions are within the claimed feature set (on-chain writes) but the instructions therefore involve handling sensitive secrets and performing irreversible blockchain transactions. The SKILL.md does not limit or qualify autonomous action, nor does it suggest safe defaults (e.g., using a delegated signer or dry-run mode).
Install Mechanism
There is no formal install spec (instruction-only), which minimizes automated code installation risk. However, the README recommends installing Foundry via a remote install script (curl -L https://foundry.paradigm.xyz | bash), which is a common but higher-risk pattern (running a remote script). The package itself contains a harmless validate.sh; no other executables or remote downloads are present inside the skill bundle.
!
Credentials
The SKILL.md requires sensitive environment variables (AGENT_WALLET_PRIVATE_KEY, VALIDATOR_PRIVATE_KEY, ATTESTER_PRIVATE_KEY, WEB3_RPC_URL, AGENT_REGISTRY_ADDRESS) but the skill metadata declares no required env vars or primary credential. Requesting private keys is proportionate to performing writes on-chain, but the omission in metadata is a red flag. There is no guidance in SKILL.md to use limited-scope keys, hardware wallets, or ephemeral/testnet keys.
!
Persistence & Privilege
The skill is not always-enabled (always: false) and is user-invocable, but platform-default autonomous invocation is allowed (disable-model-invocation: false). Combined with the ability to read private keys from env vars and execute transaction-sending commands, that grants the agent the capability to autonomously sign and broadcast transactions if keys are provided — this raises a high-risk operational concern unless the user explicitly restricts or isolates keys.
What to consider before installing
This skill legitimately performs on-chain reads and writes, but treat it carefully: 1) Do not supply mainnet private keys or long-lived keys as environment variables to this skill. Use a dedicated low-value signer or a delegated account with strict limits. 2) Verify the AGENT_REGISTRY_ADDRESS and contract interface before sending transactions; test on a testnet first. 3) If you must install Foundry, prefer official documented installation steps and inspect any remote install scripts before running them. 4) Because the package metadata omits required env var declarations, assume the skill will expect RPC URLs and private keys — confirm these requirements before installing. 5) If you want to avoid the agent performing writes autonomously, disable autonomous invocation for this skill or avoid providing private keys in environments the agent can access.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cww1nr880kcnkg1x5xftnrh83am2e
105downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@0x-wzw
latest
Download

Agent Identity (ERC-8004)

ERC-8004 defines a standard for AI agent on-chain identity. This skill handles registration, reputation management, and validation queries for autonomous agents operating in DeFi and governance contexts.

What ERC-8004 Provides

  • Agent Registry — on-chain map of agent IDs to metadata (name, version, capabilities)
  • Reputation Scores — mutable scores (0–100) updated by authorized validators
  • Validation Registry — check if an agent is registered and trusted
  • Attestations — signed claims about agent behavior and purpose

Prerequisites

  • castFoundry tool for on-chain calls
  • Wallet — EOA or smart wallet with gas for writes
  • RPC URL — from Infura, Alchemy, or a public RPC
  • ERC-8004 registry contract address — deployed on your target chain

Configuration

export AGENT_REGISTRY_ADDRESS="0x..."      # ERC-8004 registry address
export WEB3_RPC_URL="https://eth-mainnet.alchemy.io/..."  # or ETH_RPC_URL
export AGENT_WALLET_PRIVATE_KEY="0x..."    # for write transactions

Core Operations

Register an Agent

cast send $AGENT_REGISTRY_ADDRESS \
  "register((string,string,bytes32,uint256))" \
  '("MyAgent","v1.0",0x...,1710000000)' \
  --rpc-url $WEB3_RPC_URL \
  --private-key $AGENT_WALLET_PRIVATE_KEY

Query Registration

# Check if agent is registered
cast call $AGENT_REGISTRY_ADDRESS \
  "isRegistered(address)" $AGENT_ADDRESS \
  --rpc-url $WEB3_RPC_URL

# Get agent metadata
cast call $AGENT_REGISTRY_ADDRESS \
  "getAgent(address)" $AGENT_ADDRESS \
  --rpc-url $WEB3_RPC_URL

Update Reputation (Validator Only)

# Validator updates reputation score (0-100)
cast send $AGENT_REGISTRY_ADDRESS \
  "updateReputation(address,uint256)" \
  $AGENT_ADDRESS 85 \
  --rpc-url $WEB3_RPC_URL \
  --private-key $VALIDATOR_PRIVATE_KEY

Query Reputation

cast call $AGENT_REGISTRY_ADDRESS \
  "getReputation(address)" $AGENT_ADDRESS \
  --rpc-url $WEB3_RPC_URL

Add Attestation

# Submit signed attestation
cast send $AGENT_REGISTRY_ADDRESS \
  "addAttestation(address,bytes)" \
  $AGENT_ADDRESS $SIGNATURE \
  --rpc-url $WEB3_RPC_URL \
  --private-key $ATTESTER_PRIVATE_KEY

Use Cases

Trust Gate for DeFi Protocol

Before executing a high-value tx, check the agent's reputation:

REPUTATION=$(cast call $AGENT_REGISTRY_ADDRESS "getReputation(address)" $AGENT_ID --rpc-url $WEB3_RPC_URL)
[ "$REPUTATION" -lt 70 ] && echo "Low reputation — flag for human review"

Cross-Agent Trust

When two agents need to cooperate:

IS_REGISTERED=$(cast call $AGENT_REGISTRY_ADDRESS "isRegistered(address)" $PARTNER_AGENT --rpc-url $WEB3_RPC_URL)

Governance Participation

Agents voting in a DAO can prove identity:

cast call $AGENT_REGISTRY_ADDRESS "getAgent(address)" $PROPOSER_AGENT --rpc-url $WEB3_RPC_URL

Notes

  • ERC-8004 is an emerging standard — verify contract interface matches the deployed version
  • Reputation is subjective — always check validator source and credibility
  • Gas costs apply for all write operations (registration, reputation update, attestation)
  • Test on testnet (Sepolia, Holesky) before mainnet deployment
  • Common chains: Ethereum mainnet, Arbitrum, Optimism, Base

References

Comments

Loading comments...