# Send Volcengine Agent Identity to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "volcengine-agent-identity", "name": "Volcengine Agent Identity", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/loveyana/volcengine-agent-identity", "canonicalUrl": "https://clawhub.ai/loveyana/volcengine-agent-identity", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/volcengine-agent-identity", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=volcengine-agent-identity", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "SKILL.md" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "slug": "volcengine-agent-identity", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-04T10:28:20.454Z", "expiresAt": "2026-05-11T10:28:20.454Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=volcengine-agent-identity", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=volcengine-agent-identity", "contentDisposition": "attachment; filename=\"volcengine-agent-identity-0.2.1.zip\"", "redirectLocation": null, "bodySnippet": null, "slug": "volcengine-agent-identity" }, "scope": "item", "summary": "Item download looks usable.", "detail": "Yavira can redirect you to the upstream package for this item.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/volcengine-agent-identity" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/volcengine-agent-identity", "downloadUrl": "https://openagent3.xyz/downloads/volcengine-agent-identity", "agentUrl": "https://openagent3.xyz/skills/volcengine-agent-identity/agent", "manifestUrl": "https://openagent3.xyz/skills/volcengine-agent-identity/agent.json", "briefUrl": "https://openagent3.xyz/skills/volcengine-agent-identity/agent.md" } } ``` ## Documentation ### Agent Identity Use the agent-identity plugin for UserPool OIDC login (入站授权), TIP token (工作负载访问令牌), credential hosting (出站授权 OAuth2, API key), and optional tool risk approval (权限管控 AuthZ). Volcengine terminology: 用户池 (UserPool), 入站授权 (OIDC login), 出站授权 (credential fetch), 工作负载令牌 (TIP), 凭据托管 (credential hosting), 权限管控 (CheckPermission). Docs: Volcengine 智能体身份和权限管理. Agent flow: When the user asks to log in, add credentials, check status, bind env, etc., call the corresponding tools directly. Do not suggest slash commands for those. Slash commands below are for user-initiated use (e.g. /identity approve when the user must approve in chat; agent must never call identity_approve_tool). ### Slash commands (user-initiated) CommandPurpose/identityShow help/identity whoamiIdentity brief/identity statusFull status: session, TIP, credentials, bindings/identity loginLog in via OIDC (returns auth URL)/identity logoutClear session and TIP/identity list-credentials or /identity list [page]List providers and credentials/identity list-tipsList valid TIP tokens/identity configShow plugin config (redacted)/identity fetch [--flow=...]Add credential/identity set Bind credential to env var/identity unset Remove env binding/identity risk Diagnose risk for a shell command/identity risk-patternsList built-in risky patterns/identity approve Approve high-risk tool call (user runs this; agent must not self-approve)/identity reject Reject high-risk tool call ### Tools Overview ToolParamsPurposeidentity_whoami—Identity brief: sub, login time, TIP expiryidentity_status—Full status: session/TIP (issued, expires, chain), credentials, bindingsidentity_login—Start OIDC login or refresh TIPidentity_logout—Clear session and TIPidentity_list_credentialspage?List providers and credentials (paginated)identity_list_tips—List valid TIP tokens and bindingsidentity_config—Show plugin config (secrets redacted)identity_config_suggestintent?, lang?Generate config snippets for openclaw.jsonidentity_fetchprovider, flow?, redirectUrl?, scopes?Add credentialidentity_set_bindingprovider, envVarBind provider → env var for tool injectionidentity_unset_bindingproviderRemove env bindingidentity_approve_toolapproval_idApprove a high-risk tool callidentity_risk_checkcommand?, toolName?, params?Diagnose risk for command or tool callidentity_list_risk_patterns—List built-in risky patterns and paths ### Risk Detection and Approval When authz.requireRiskApproval is on, the plugin classifies tool calls (e.g. exec, write, apply_patch) by risk. User-provided commands and file paths are evaluated: Rule-based: Destructive patterns (rm -rf, sudo, curl|bash), sensitive paths (/etc, ~/.ssh). LLM-based (optional): When rules return "medium", an LLM re-evaluates for context (authz.enableLlmRiskCheck). High-risk calls require user approval. The approval message and block reason include the LLM risk explanation when available (e.g. "Pipe-to-shell: network fetch piped to shell execution"). ### identity_login Starts OIDC login or refreshes TIP. Call when: "login", "登录", "sign in", "我需要先登录". Required before identity_fetch. No params. ### identity_whoami Brief identity check. Call when: "who am I", "查身份", "am I logged in", "当前登录状态" Returns: sub, hasTip, loggedIn, sessionLoginAt, sessionExpiresAt, tipIssuedAt, tipExpiresAt, tipExpiresInSeconds, tipChain. No params. ### identity_status Full status including credentials and bindings. Call when: "status", "查看完整状态", "我的凭据和绑定", "show my credentials and bindings" Returns: loggedIn, sub, hasTip, session (loginAt, expiresAt), tip (issuedAt, expiresAt, chain), credentialProviders, bindings. No params. ### identity_list_credentials Lists available credential providers and what the user has stored. Call this when the user wants to see what they can connect or what credentials they have. User prompts: "有哪些服务可以连接", "what providers are available", "我添加了哪些凭据", "list my credentials", "show available providers" ParamTypeRequiredDescriptionpagenumberNoPage number (default: 1) { "page": 2 } Returns: providers, storedOnly, page, hasMore. ### identity_fetch Adds a credential for a provider (OAuth2 or API key). Call this when the user wants to add, get, or configure credentials. User prompts that mean "call identity_fetch": English: "add/google my Google token", "get credentials for OpenAI", "connect my GitHub", "I need to use Google API", "set up API key for X", "authorize access to Y", "I want to use [provider] but have no key" 中文: "帮我添加/获取 Google 凭据", "配置 OpenAI 的 API key", "连接我的 GitHub", "我要用某某服务但没有密钥", "授权访问某平台", "添加某某的 token", "获取某某的凭证" First ensure user is logged in (identity_whoami); if not, use identity_login. Then call identity_fetch with the provider. Use identity_list_credentials to discover available providers. ParamTypeRequiredDescriptionproviderstringYesProvider name (e.g. google, openai)flowstringNooauth2-user (default for 3LO), oauth2-m2m, or apikey. Auto-inferred when omitted.redirectUrlstringNoOAuth redirect URL (when provider requires custom)scopesstring[]NoOAuth scopes (e.g. ["email", "profile"])returnValuebooleanNoWhen true and fetch succeeds, include credential value in result for same-turn automation. Default false. { "provider": "google" } { "provider": "openai", "flow": "apikey", "returnValue": true } Response: OAuth2-user: authUrl (user must open in browser). After authorization, success message sent to chat. OAuth2-m2m / apikey: success: true, message (completes immediately). If returnValue: true, also includes value (credential string) for same-turn use. ### identity_set_binding Binds a stored credential to an env var so tools can use it at runtime. Call this when the user wants tools/agent to have access to a credential. User prompts: "让工具能用我的 Google 凭据", "bind/google my credential for tools", "把 Google token 注入给 agent", "inject my OpenAI key for API calls", "配置某某凭据给工具用" Credential must exist first (identity_fetch). Common env vars: GOOGLE_ACCESS_TOKEN, OPENAI_API_KEY, GITHUB_TOKEN, etc. ParamTypeRequiredDescriptionproviderstringYesProvider name (e.g. google)envVarstringYesEnv var for injection (e.g. GOOGLE_ACCESS_TOKEN). Must match [A-Za-z_][A-Za-z0-9_]*. { "provider": "google", "envVar": "GOOGLE_ACCESS_TOKEN" } If credential exists: binds it. Else: imports from process.env[envVar] as api_key (gateway must have that env set). ### identity_unset_binding ParamTypeRequiredDescriptionproviderstringYesProvider name to unbind (e.g. google) { "provider": "google" } ### identity_approve_tool ParamTypeRequiredDescriptionapproval_idstringYesID from the approval prompt (e.g. after blocking a high-risk exec/write) Optional tool (not given to agent by default). For human approval, use /identity approve or reply "approve" in chat. The agent must NOT call this tool to self-approve. The approval prompt includes the LLM risk reason when available. { "approval_id": "abc123" } ### identity_risk_check Evaluates risk of a command or tool call before execution. Call when: "这个命令安全吗", "is rm -rf dangerous", "check if this is risky", "帮我评估这个命令有没有风险" ParamTypeRequiredDescriptioncommandstringNo*Shell command to evaluate (treated as exec). Use for quick diagnosis.toolNamestringNo*Tool name (e.g. write, apply_patch). Use with params.paramsobjectNoTool params. For exec: {command}. For write: {path, content}. *Provide either command or toolName. Returns risk, reason, source (rules or llm). Uses LLM when authz.enableLlmRiskCheck is true and rules return medium. { "command": "rm -rf /" } { "toolName": "write", "params": { "path": "/etc/hosts", "content": "..." } } ### identity_list_risk_patterns Returns built-in dangerous command patterns and sensitive paths. No params. Use to query what triggers high-risk approval. {} ### identity_config_suggest Generates config snippets for the agent-identity plugin. Call when: user asks to configure identity, login, authz, risk approval, or "如何配置 identity 插件", "帮我配置登录", "怎么开启权限检查". ParamTypeRequiredDescriptionintentstringNoidentity (AK/SK), userpool (OIDC login), authz (permission/approval), llm_risk (LLM re-eval), full (all). Default: fulllangstringNoen or zh for instructions. Default: en Returns: configPath, config (JSON to merge), instructions, nextSteps. When intent is identity or full, also returns identityDefaults (env vars, credential resolution order, config defaults, credential file format). User must manually add to openclaw.json and restart gateway. { "intent": "userpool", "lang": "zh" } ### Workflow: Adding a Credential Check login: identity_whoami (brief) or identity_status (full). If not logged in, use identity_login first (user opens auth URL). Add credential: identity_fetch with provider. For OAuth2-user, tell user to open authUrl; success message sent when done. Bind for tools (optional): identity_set_binding so the credential is injected as an env var when tools run. ### Workflow: Checking Risk Before Running Diagnose: identity_risk_check with command or toolName+params. Returns risk level and reason. List patterns: identity_list_risk_patterns to see what triggers high-risk approval. ### Configuration Plugin config lives under plugins.entries.agent-identity.config: identity: Identity API (endpoint, credentials, workloadPoolName, workloadName, roleTrn). When roleTrn is set (AssumeRole), workload name is omitted; backend uses roleName. When workload not found (404), plugin auto-creates via CreateWorkloadIdentity then retries. userpool: OIDC (discoveryUrl, clientId, callbackUrl, or userPoolName+clientName) authz: Optional AuthZ (toolCheck, skillReadCheck, requireRiskApproval, enableLlmRiskCheck, llmRiskCheck, namespaceName, lowRiskBypass). When enableLlmRiskCheck is true, rules returning "medium" are re-evaluated via LLM; the risk reason is shown in approval prompts and block messages. ### Notes Requires the agent-identity plugin to be enabled. /identity and tools require session context (channel + sender); use from an active chat. identity_risk_check and identity_list_risk_patterns do not require login. ## Trust - Source: tencent - Verification: Indexed source record - Publisher: loveyana - Version: 0.2.1 ## Source health - Status: healthy - Item download looks usable. - Yavira can redirect you to the upstream package for this item. - Health scope: item - Reason: direct_download_ok - Checked at: 2026-05-04T10:28:20.454Z - Expires at: 2026-05-11T10:28:20.454Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/volcengine-agent-identity) - [Send to Agent page](https://openagent3.xyz/skills/volcengine-agent-identity/agent) - [JSON manifest](https://openagent3.xyz/skills/volcengine-agent-identity/agent.json) - [Markdown brief](https://openagent3.xyz/skills/volcengine-agent-identity/agent.md) - [Download page](https://openagent3.xyz/downloads/volcengine-agent-identity)