Tencent SkillHub · AI

AgentGuard by Nano

Agent Identity & Permission Guardian - Trust middleware for credential management, permission scopes, human approval workflows, and audit trails. Use when AI...

skill openclawclawhub Free

0 Downloads

0 Stars

0 Installs

0 Score

High Signal

Agent Identity & Permission Guardian - Trust middleware for credential management, permission scopes, human approval workflows, and audit trails. Use when AI...

⬇ 0 downloads ★ 0 stars Unverified but indexed

Install for OpenClaw

Quick setup

Download the package from Yavira.
Extract the archive and review SKILL.md first.
Import or place the package into your OpenClaw setup.

Requirements

Target platform: OpenClaw
Install method: Manual import
Extraction: Extract archive
Prerequisites: OpenClaw
Primary doc: SKILL.md

Package facts

Download mode: Yavira redirect
Package format: ZIP package
Source platform: Tencent SkillHub
What's included: CLAWHUB.md, README-GITHUB.md, README.md, SKILL.md, TEST-REPORT.md, docs/1PASSWORD-COMPARISON.md

Validation

Use the Yavira download entry.
Review SKILL.md after the package is downloaded.
Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

Download the package from Yavira.
Extract it into a folder your agent can access.
Paste one of the prompts below and point your agent at the extracted folder.

New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source: Tencent SkillHub
Verification: Indexed source record
Version: 0.4.0

Provenance

Publisher: sendwealth
Source page: View original listing
Canonical URL: Open canonical page

Documentation

ClawHub primary doc Primary doc: SKILL.md 12 sections Open source page

Overview

AgentGuard is a trust middleware for Phase 1 hybrid authentication: Credential Vault: Encrypted storage for API keys and OAuth tokens Permission Scopes: Define what operations need human approval Human Gate: Push confirmation requests for high-risk operations Audit Trail: Cryptographically signed operation logs Agent Registry: Track agents with credentials and permissions

Installation

# Install globally npm install -g agentguard # Or use as OpenClaw skill cp -r . ~/.openclaw/skills/agentguard

Quick Start

# Initialize vault agentguard init # Register an agent agentguard register my-agent --owner "user@example.com" # Store a credential agentguard vault store my-agent OPENAI_API_KEY sk-xxx # Define permission scope agentguard scope set my-agent --level read --dangerous require-approval # List agents agentguard list # Audit log agentguard audit my-agent --last 24h

Permission Levels

LevelAuto-approveRequires Humanread✅ Read operations❌write✅ Read/Write❌admin✅ Most operations⚠️ Dangerous onlydangerous❌ All operations✅ Always

Dangerous Operations (Require Human Approval)

Send messages/emails Financial transactions Delete data Modify system config Access sensitive credentials External API calls (configurable)

Human Gate Integration

When an agent attempts a dangerous operation: AgentGuard blocks the operation Pushes notification to owner (Feishu/Telegram/Email) Owner approves/denies with biometric confirmation If approved, operation proceeds with short-lived token All logged with cryptographic signature

Configuration

~/.agentguard/config.json: { "vault": { "encryption": "aes-256-gcm", "keyDerivation": "pbkdf2" }, "humanGate": { "timeout": 300, "channels": ["feishu", "telegram"], "biometric": true }, "audit": { "retention": "30d", "signLogs": true } }

API Usage (for skills)

Security Model

Vault Encryption: AES-256-GCM with key derived from master password Credential Isolation: Each agent has separate encrypted container Audit Integrity: SHA-256 hash chain for tamper detection Human Gate: Out-of-band confirmation via trusted channel Token Expiry: Short-lived tokens (default 5 min)

Files

~/.agentguard/ - Data directory ~/.agentguard/vault/ - Encrypted credentials ~/.agentguard/registry.json - Agent registry ~/.agentguard/audit/ - Audit logs ~/.agentguard/config.json - Configuration

OpenClaw Integration

AgentGuard integrates with OpenClaw as a skill: Add to ~/.openclaw/skills/agentguard/ Configure in workspace AGENTS.md: ## AgentGuard All external API calls require AgentGuard permission check. Dangerous operations require human approval. Use in other skills: const guard = require('agentguard'); await guard.checkOrApprove(agentId, operation, details);

Roadmap

Phase 1: CLI + Vault + Permission Scopes Phase 2: Human Gate (Feishu/Telegram integration) Phase 3: Audit Trail + Export Phase 4: OAuth2 Token Auto-refresh Phase 5: Multi-tenant Support Phase 6: DID Preparation (future Phase 2) Building trust infrastructure for the Agentic Era.

Category context

Agent frameworks, memory systems, reasoning layers, and model-native orchestration.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package

6 Docs

SKILL.md Primary doc
CLAWHUB.md Docs
docs/1PASSWORD-COMPARISON.md Docs
README-GITHUB.md Docs
README.md Docs
TEST-REPORT.md Docs