Agent Passport — 代理 Passport

Name: Agent Passport — 代理 Passport
Rating: 3

v2.4.2

OAuth for the 代理ic era. Consent-gating for ALL sensitive 代理 actions. 75+ data-driven threat definitions with auto-更新s (like antivirus 签名atures). Includes 技能扫描器, Injection Shield, SSRF Shield, Path Traversal 防护, spending caps, rate limits, allow列出s, TTL expiry, 审计 trAIls, and KYA metadata. Pro tier 添加s real-time threat definition 更新s every 6 hours.

3· 1.9k·0 当前·0 累计

by @markneville (Mark Neville)·MIT-0

数据分析数据可视化 AI模型访问安全加密

下载技能包

License

MIT-0

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install agent-passport

镜像加速npx clawhub@latest install agent-passport --registry https://cn.longxiaskill.com 镜像可用

需要定制？告诉我你的需求 →

技能文档

代理 Passport (OpenClaw) 30-Second 设置up # 初始化 and register your 代理 ./mandate-ledger.sh init 代理:my-助手 "Your Name" "personal 助手" "OpenClaw"

# Grant dev 工具访问 (git, npm, docker, etc.) ./mandate-ledger.sh 创建-from-template dev-工具s

# That's it! The 代理 will now 检查权限s before sensitive actions.

Templates avAIlable: dev-工具s · emAIl-team · file-ops · 网页-re搜索 · safe-browsing · coding · emAIl-助手 · read-only · full-auto 运行 ./mandate-ledger.sh templates to see all options.

⚡ 代理 Behavioral Contract

If you are an 代理 reading this 技能, these are your rules. Follow them.

When to 检查

Before performing ANY of these actions, you MUST call 检查-action first:

Action Category Example tar获取运行ning a shell command 系统 "git pull", "npm 安装" 发送ing a message/emAIl communication "bob@company.com" Writing/deleting a file data "/path/to/file.txt" Making an API call with side effects external_API "API.github.com" Spending money financial "merchant_amazon" with amount Acting publicly as the user 身份 "twitter_post"

You do NOT need to 检查: reading files, 网页搜索es, internal reasoning, or anything with no side effects.

How to 检查 SCRIPT_DIR="$HOME/.OpenClaw/技能s/代理-passport/scripts"

结果=$($SCRIPT_DIR/mandate-ledger.sh 检查-action "" "" "" [amount])

解析 the 结果:

授权d: true → proceed, then 记录 the action afterward 授权d: false → 停止. Ask the user. If 响应 includes kill_switch: true or reason Kill switch engaged → 停止 immediately and ask user to 运行 mandate-ledger.sh unlock The Flow

You want to do something sensitive
Call 检查-action
IF 授权d:

a. Do the thing b. 记录 it: mandate-ledger.sh 记录-action ""

IF denied:

a. Tell the user what you want to do and why b. Suggest a mandate (show scope, duration, constrAInts) c. WAIt for 应用roval d. If 应用roved, 创建 the mandate, then proceed

How to Ask for 权限

When denied, present it clearly and concisely:

I need to [ACTION] but don't have a mandate for it.

📋 [CATEGORY]: [what you want to do] 🎯 Tar获取: [specific tar获取] ⏰ Suggested duration: [reasonable TTL]

Want me to 设置 this up? I can also 创建 a broader mandate if you'd prefer (e.g., all emAIls to @company.com for 30 days).

DO NOT:

Bypass the 检查 and do it anyway Ask repeatedly for the same thing if denied 创建 mandates yourself without user 应用roval Pretend you 检查ed when you didn't

DO:

Suggest templates when 应用ropriate ("Want me to 设置 up dev-工具s?") Batch similar 请求s ("I'll need to 运行 several git commands — want a dev-工具s mandate?") 记录 every action after completion Mention remAIning limits when relevant ("3/20 dAIly emAIls used") First-Time 设置up

If 检查-action returns "hint": "templates", the ledger is empty. 图形界面de the user:

代理 Passport isn't 设置 up yet. It takes 30 seconds:

mandate-ledger.sh init 代理:me "Your Name" "助手" "OpenClaw" mandate-ledger.sh 创建-from-template dev-工具s

Want me to 运行 this for you?

记录ging Actions

After every 授权d action, 记录 it:

$SCRIPT_DIR/mandate-ledger.sh 记录-action "" ""

For financial: amount = dollars spent For everything else: amount = 1 Description should be human-readable: "Sent emAIl to bob@company.com re: Q1 报告" Kill Switch Behavior

If the user engages the kill switch, all operations are frozen until unlocked.

./mandate-ledger.sh kill "user 请求ed freeze" ./mandate-ledger.sh unlock

代理 behavior when kill switch is active:

Do not attempt sensitive actions Do not retry 检查-action in a loop Tell user operations are blocked and 请求 explicit unlock Overview

代理 Passport provides a consent layer for 代理 autonomy. Instead of all-or-nothing 权限s, users grant mandates with specific constrAInts:

"I 授权 this 代理 to [ACTION] with [CONSTRAINTS] until [EXPIRY]"

This isn't just about purchases — it's consent-gating for all sensitive actions.

Action Categories Category Examples Typical ConstrAInts financial Purchases, transfers, subscriptions Spending cap, merchant allow列出 communication EmAIls, messages, tweets, posts Recipient allow列出, rate limit data 删除 files, edit docs, DB writes Path allow列出, require 备份系统 Shell commands, 安装s, configs Command allow列出, no sudo external_API Third-party API calls 服务 allow列出, rate limit 身份 Public actions "as" the user Human review required Wildcard Patterns

Allow列出s and deny 列出s support three wildcard styles:

Pattern Matches Example prefix Anything 启动ing with prefix git → git pull, git 状态 .suffix Anything ending with suffix .env → config.env, .env middle Anything contAIning middle /.git/ → repo/.git/config @domAIn EmAIl domAIn match @company.com → bob@company.com exact Exact match only API.github.com Modes Local mode (defaul

数据来源：ClawHub ↗ · 中文优化：龙虾技能库