Skip to content

razashariff/agentsign-openclaw

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
LAUNCH_POSTS.md
LAUNCH_POSTS.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
agentsign_openclaw_demo.ipynb
agentsign_openclaw_demo.ipynb
 
 
demo.js
demo.js
 
 
index.d.ts
index.d.ts
 
 
index.js
index.js
 
 
package.json
package.json
 
 

Repository files navigation

agentsign-openclaw

Zero Trust Middleware for OpenClaw & NemoClaw

npm stars license Open In Colab

Drop-in trust layer for OpenClaw and NemoClaw. Every tool call gets identity verification, signed execution chains, and trust gating. Zero runtime dependencies.

Agent Runtime (OpenClaw / NemoClaw)
    |
  AgentSign Middleware
    |-- Verify agent identity (passport)
    |-- Check trust score before tool access
    |-- Sign execution (input + output hash)
    |-- Build cryptographic execution chain
    |
  MCP Tools / APIs

Try It

Open in Google Colab -- interactive demo with live server, no setup needed.

Live server: https://agentsign-api.fly.dev

Install

npm install agentsign-openclaw agentsign

Quick Start -- Wrap Tools (3 lines)

const AgentSignMiddleware = require('agentsign-openclaw');

const middleware = new AgentSignMiddleware({
  serverUrl: 'http://localhost:8888',
  agentName: 'My OpenClaw Agent',
  minTrust: 50,  // block tools if trust drops below 50
});

// Wrap individual tools
const safeSearch = middleware.wrap('web_search', originalSearchFn);
const result = await safeSearch({ query: 'latest news' });
// -> tool executes, input/output signed, added to execution chain

// Or wrap all tools at once
const safeTools = middleware.wrapAll({
  web_search: searchFn,
  file_read: readFn,
  database_query: queryFn,
  send_email: emailFn,
});

OpenClaw Skill Plugin

const AgentSignMiddleware = require('agentsign-openclaw');

const middleware = new AgentSignMiddleware({
  serverUrl: 'http://localhost:8888',
  minTrust: 50,
  blockedTools: ['shell_exec', 'file_delete'],
  logExecutions: true,
});

// Register as OpenClaw skill
module.exports = {
  skills: [
    middleware.asSkill(),
    // ... your other skills
  ],
};

The skill hooks run automatically:

  • beforeToolCall -- checks passport, trust score, blocked list
  • afterToolCall -- signs the execution, adds to chain

Trust Gating

Block tools based on trust score or policy:

const middleware = new AgentSignMiddleware({
  serverUrl: 'http://localhost:8888',
  minTrust: 70,                              // minimum trust score
  blockedTools: ['shell_exec', 'file_delete'], // always blocked
});

// Agent with trust score 45 tries to call a tool:
// -> AgentSignError: Trust score 45 below minimum 70

// Agent tries shell_exec:
// -> AgentSignError: Tool 'shell_exec' is blocked by policy

Execution Chain

Every tool call is signed and linked to the previous one:

await safeSearch({ query: 'test' });
await safeRead({ path: '/data.json' });
await safeQuery({ sql: 'SELECT *' });

// Get the full chain
const chain = middleware.getChain();
// [
//   { executionId: '...', tool: 'web_search', parentId: null, ... },
//   { executionId: '...', tool: 'file_read', parentId: '<search-id>', ... },
//   { executionId: '...', tool: 'database_query', parentId: '<read-id>', ... },
// ]

// Verify chain integrity
middleware.verifyChain();  // { valid: true, length: 3 }

// Verify specific output wasn't tampered
middleware.verifyOutput(result, chain[0]);  // 'PASS' or 'TAMPERED'

API

Method Description
new AgentSignMiddleware(opts) Create middleware instance
init() Register agent + get passport (auto-called on first wrap)
wrap(name, fn) Wrap a single tool function
wrapAll(tools) Wrap all tools in an object
asSkill() Get OpenClaw skill plugin definition
getPassport() Get agent's cryptographic passport
getChain() Get signed execution chain
getAgentId() Get agent ID
getTrustScore() Get current trust score
verifyChain() Verify chain integrity
verifyOutput(output, exec) Check output for tampering

Options

Option Type Default Description
serverUrl string required AgentSign server URL
agentName string hostname Agent display name
category string 'openclaw' Agent category
minTrust number 0 Minimum trust score to allow tool calls
blockedTools string[] [] Tools to always block
autoRegister boolean true Auto-register on first use
logExecutions boolean false Log executions to console
apiKey string null Pre-existing AgentSign API key

How It Works

  1. Agent registers with AgentSign server, gets cryptographic passport
  2. Before each tool call: passport validity checked, trust score verified, blocked list consulted
  3. Tool executes normally
  4. After each tool call: input/output hashed, execution signed, linked to chain
  5. Chain is verifiable -- any tampering breaks the hash links

Requirements

  • Node >= 18 (uses native fetch and crypto)
  • AgentSign server running (self-host or use hosted)

CyberSecAI Ltd -- agentsign.dev

About

AgentSign zero trust middleware for OpenClaw and NemoClaw -- cryptographic identity, signed execution chains, trust gating for every agent tool call

agentsign.dev

Topics

middleware identity mcp ai-agents zero-trust agent-security openclaw nemoclaw

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages