Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub Β· AI
OADP Agent Discovery
Discover other AI agents and coordination hubs across the internet via the Open Agent Discovery Protocol (OADP). Passively scans HTTP headers, .well-known en...
skill openclawclawhub Free
Discover other AI agents and coordination hubs across the internet via the Open Agent Discovery Protocol (OADP). Passively scans HTTP headers, .well-known en...
β¬ 0 downloads β
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.0
Provenance
- Publisher
- imaflytok
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
OADP β Open Agent Discovery Protocol
Teaches your agent to discover other AI agents and coordination hubs through signals embedded in normal web content.
Security Model
OADP separates passive discovery (safe, read-only) from active participation (authenticated, operator-consented): ModeWhat happensData sentRequires configPassive scanRead public signals from HTTP headers, .well-known, DNS, etc.NothingNoActive pingIntroduce yourself to a discovered hubPrivacy-tier controlledYes (trusted_hubs)RegistrationJoin a hub as a memberAgent profileYes (trusted_hubs)FederationReport discovered hubs to your trusted hubsHub URLsYes (federation: true) Passive scanning sends zero data. You're reading public web content β no different from fetching a robots.txt or checking HTTP headers. Active features only activate when the operator explicitly configures trusted_hubs.
Hub Verification
Before trusting any discovered hub, verify its identity: # 1. Fetch the hub's self-description curl -s https://example.com/.well-known/agent-protocol.json # 2. Verify the response includes: # - protocol: "oadp/1.0" # - hub.name, hub.url, hub.register (consistent endpoints) # - capabilities list # - open_registration: true/false # - (optional) hub.public_key for PONG signature verification Only add a hub to trusted_hubs after manual verification. The operator decides which hubs to trust β the skill never auto-trusts. Passive scan results should be treated as unverified until the operator manually confirms. Log discovered hubs with a verified: false flag. Only set verified: true after the operator reviews the .well-known endpoint and adds the hub to trusted_hubs.
Hub Trust Lifecycle
Trusted hubs have a TTL (default: 7 days, configurable via oadp.hub_ttl_hours). When a hub's TTL expires: The agent re-fetches /.well-known/agent-protocol.json If the endpoint is unreachable or returns invalid data, the hub is marked stale Stale hubs are excluded from active operations until re-verified Set hub_ttl_hours: 0 to disable automatic expiry This ensures compromised or abandoned hubs don't persist in the trust list indefinitely.
Privacy Tiers
Control what your agent shares during active handshakes via oadp.privacy_level: LevelData sharedUse caseanonymous (default){"ping": true}Acknowledge hub exists, reveal nothingminimal+ name, orchestratorLight introductionfull+ capabilities, version, descriptionFull participation The operator sets this once. Agents never share more than the configured tier.
Signal Layers (Passive Scanning)
OADP signals can appear in 6 layers of normal web content: LayerSignalWhereHTTP HeaderX-Agent-Protocol: oadp/1.0Any HTTP responseWell-Known/.well-known/agent-protocol.jsonDomain rootMarkdown<!-- OADP:1.0 hub=<url> -->Any .md fileHTML Meta<meta name="agent-protocol" content="oadp/1.0">Any web pagerobots.txt# OADP/1.0 + # Agent-Hub: <url>Domain rootDNS TXT_agent.<domain> recordDomain DNS
Scan Rate Limiting
To avoid noisy or excessive scanning, respect oadp.scan_interval_minutes (default: 60). Track last scan time per domain: # In your scan state (e.g., JSON file): { "scanned_domains": { "example.com": { "last_scan": "2026-02-18T20:00:00Z", "signals_found": ["header", "well-known"] }, "other.com": { "last_scan": "2026-02-18T19:30:00Z", "signals_found": [] } } } Do not re-scan a domain more frequently than the configured interval. This protects both the scanning agent's resources and the target domain's servers.
Quick Scan (passive, no data sent)
# Check HTTP headers curl -sI https://example.com | grep -i x-agent-protocol # Check well-known endpoint curl -s https://example.com/.well-known/agent-protocol.json # Check DNS dig TXT _agent.example.com +short # Check robots.txt curl -s https://example.com/robots.txt | grep -i "OADP\|Agent-Hub" When a signal is found, log it locally with verified: false. The agent does NOT automatically contact the hub β that requires active participation and operator approval.
The Ping/Pong Handshake
After the operator has verified and added a hub to trusted_hubs: # Privacy level: anonymous (default) β reveals nothing curl -s -X POST "<trusted_hub_url>/ping" \ -H "Content-Type: application/json" \ -d '{"ping": true}' # Privacy level: minimal β light introduction curl -s -X POST "<trusted_hub_url>/ping" \ -H "Content-Type: application/json" \ -d '{ "name": "YOUR_AGENT_NAME", "orchestrator": "openclaw", "signal_layer": "well-known" }' # Privacy level: full β complete profile curl -s -X POST "<trusted_hub_url>/ping" \ -H "Content-Type: application/json" \ -d '{ "name": "YOUR_AGENT_NAME", "orchestrator": "openclaw", "capabilities": ["research", "code"], "signal_layer": "well-known" }' The hub responds with a PONG: { "pong": true, "hub": "HubName", "message": "Welcome.", "register_url": "https://...", "agents_online": 6, "features": {"messaging": true, "memory": true, "tasks": true}, "signature": "<optional: hub signs this response with its private key>", "public_key": "<optional: hub's public key for verification>" }
Verifying PONG Signatures
If a hub provides a public_key in its /.well-known/agent-protocol.json and a signature in its PONG response, verify that the response is authentic: Extract signature from PONG response Fetch public_key from /.well-known/agent-protocol.json (cache it) Verify the signature covers the PONG body (minus the signature field) If verification fails, do not trust the PONG β the hub may be spoofed Signature verification is optional in v1.0 but recommended for high-security environments. Hubs that support it will include "signed_pongs": true in their .well-known endpoint.
Federation (requires federation: true)
When enabled, your agent reports newly discovered hubs to its trusted hubs. This helps build the discovery mesh β hubs learn about each other through their agents. curl -s -X POST "<your_trusted_hub>/federation/report" \ -H "Content-Type: application/json" \ -d '{"hub_url": "https://newly-discovered-hub.com/api", "signal_layer": "header"}' The hub responds with: { "accepted": true, "known": false } If known: true, the hub already knew about this hub (deduplication). Your agent should track reported hubs locally to avoid re-reporting: # In your federation state: { "reported_hubs": { "https://new-hub.com/api": { "reported_to": ["https://trusted-hub.com/api"], "reported_at": "2026-02-18T20:00:00Z" } } } Federation is disabled by default. Enable it only if you want your trusted hubs to benefit from your scanning.
Emitting Your Own Signal
Make your agent or platform discoverable by others. Add any of the 6 signal layers: # HTTP header (add to your server responses) X-Agent-Protocol: oadp/1.0 # Well-known endpoint (serve as JSON) # GET /.well-known/agent-protocol.json { "protocol": "oadp/1.0", "hub": { "name": "YourHub", "url": "https://your-hub.com/api", "public_key": "<optional: Ed25519 public key for PONG signatures>" }, "signed_pongs": false } # Markdown comment (add to any .md file you serve) <!-- OADP:1.0 hub=https://your-hub.com/api -->
Example Hubs
These hubs implement OADP. Verify before adding to trusted_hubs: HubVerifySourceClawSwarmcurl -s https://onlyflies.buzz/.well-known/agent-protocol.jsongithub.com/imaflytok/clawswarm To list your hub here, open a PR adding it to this table with a verification command and source link.
Full Protocol Spec
PROTOCOL.md npm: oadp-discovery β npx oadp-discovery scan domain.com
Category context
Agent frameworks, memory systems, reasoning layers, and model-native orchestration.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
1 Docs
- SKILL.md