skillsign

Sign and verify agent skill folders with ed25519 keys. Detect tampering, manage trusted authors, and track provenance chains (isnād).

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "skillsign" with this command: npx skills add felmonon/skillsign

skillsign

Cryptographic signing and verification for agent skill folders using ed25519 keys. Protects your skills from tampering and lets you verify who wrote them.

Install

pip3 install cryptography

That's the only dependency. The tool is a single Python file.

Commands

Generate a signing identity

python3 skillsign.py keygen
python3 skillsign.py keygen --name myagent

Creates an ed25519 keypair in ~/.skillsign/keys/. Share the .pub file. Keep the .pem file secret.

Sign a skill folder

python3 skillsign.py sign ./my-skill/
python3 skillsign.py sign ./my-skill/ --key ~/.skillsign/keys/myagent.pem

Hashes every file (SHA-256), builds a manifest, signs it with your private key. Creates .skillsig/ inside the folder.

Verify a skill folder

python3 skillsign.py verify ./my-skill/

Detects modified, added, or removed files. Verifies the cryptographic signature. Shows whether the signer is trusted.

Inspect signature metadata

python3 skillsign.py inspect ./my-skill/

Shows signer fingerprint, timestamp, file count, and all covered files with their hashes.

Trust an author

python3 skillsign.py trust ./their-key.pub

Adds a public key to your local trusted authors list.

List trusted authors

python3 skillsign.py trusted

View provenance chain (isnād)

python3 skillsign.py chain ./my-skill/

Shows the full signing history — every author who signed the folder, in order.

When to Use

  • After installing a new skill — verify it hasn't been tampered with
  • Before running untrusted code — check who signed it and whether you trust them
  • Periodically — re-verify your skill folders to detect unauthorized modifications
  • When publishing skills — sign your work so others can verify it came from you
  • When auditing your agent's integrity — run verify on all your skill folders

Example Workflow

# First time: create your identity
python3 skillsign.py keygen --name parker

# Sign your skills
python3 skillsign.py sign ~/.openclaw/skills/my-skill/

# Later: check nothing changed
python3 skillsign.py verify ~/.openclaw/skills/my-skill/
# ✅ Verified — 14 files intact.
#    Signer: ca3458e92b73e432 [TRUSTED]

# Someone tampers with a file:
python3 skillsign.py verify ~/.openclaw/skills/my-skill/
# ❌ TAMPERED — Files changed since signing:
#    ~ main.py (modified)

# Trust another agent's key
python3 skillsign.py trust ./other-agent.pub

# View full provenance
python3 skillsign.py chain ~/.openclaw/skills/my-skill/
# === Isnād: my-skill/ (2 links) ===
#   [1] ca3458e92b73e432 [TRUSTED]
#       ↓
#   [2] f69159d8a25e8e32 [UNTRUSTED]

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Agentshield Audit

Trust Infrastructure for AI Agents - Like SSL/TLS for agent-to-agent communication. 77 security tests, cryptographic certificates, and Trust Handshake Protoc...

Registry SourceRecently Updated
1.2K0Profile unavailable
Security

GauntletScore

Trust verification for AI output — verify any document or code before you act on it

Registry SourceRecently Updated
3210Profile unavailable
Security

NotaryOS

Seal AI agent actions with Ed25519 cryptographic receipts. Verify what your agent did and prove what it chose not to do.

Registry SourceRecently Updated
2931Profile unavailable
Security

ZipCracker

CTF-oriented ZIP cracking and recovery with the bundled ZipCracker engine. Use when Codex or OpenClaw needs to analyze or recover an encrypted ZIP in authori...

Registry SourceRecently Updated
6051Profile unavailable