Get the FREE Ultimate OpenClaw Setup Guide →
A

Openclaw Signet

@AtlasPA

npx machina-cli add skill @AtlasPA/openclaw-signet --openclaw
Files (1)
SKILL.md
2.0 KB

OpenClaw Signet

Cryptographic verification for installed skills. Sign skills at install time, verify they haven't been tampered with later.

The Problem

You install a skill and it works. Days later, a compromised process modifies files inside the skill directory — injecting code, altering behavior, adding exfiltration. All current defenses are heuristic (regex pattern matching). Nothing mathematically verifies that installed code is unchanged.

Commands

Sign Skills

Generate SHA-256 content hashes for all installed skills and store in trust manifest.

python3 {baseDir}/scripts/signet.py sign --workspace /path/to/workspace

Sign Single Skill

python3 {baseDir}/scripts/signet.py sign openclaw-warden --workspace /path/to/workspace

Verify Skills

Compare current skill state against trusted signatures.

python3 {baseDir}/scripts/signet.py verify --workspace /path/to/workspace

List Signed Skills

python3 {baseDir}/scripts/signet.py list --workspace /path/to/workspace

Quick Status

python3 {baseDir}/scripts/signet.py status --workspace /path/to/workspace

How It Works

  1. sign computes SHA-256 hashes of every file in each skill directory
  2. A composite hash represents the entire skill state
  3. verify recomputes hashes and compares against the manifest
  4. If any file is modified, added, or removed — the composite hash changes
  5. Reports exactly which files changed within each tampered skill

Exit Codes

  • 0 — All skills verified
  • 1 — Unsigned skills detected
  • 2 — Tampered skills detected

No External Dependencies

Python standard library only. No pip install. No network calls. Everything runs locally.

Cross-Platform

Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.

Source

git clone https://clawhub.ai/AtlasPA/openclaw-signetView on GitHub

Overview

OpenClaw Signet signs installed skills by generating SHA-256 hashes for all files and storing them in a trust manifest. It then verifies the current state against the manifest to detect tampering within skill directories, including modified, added, or removed files.

How This Skill Works

Sign computes SHA-256 hashes for every file in each skill directory and creates a composite representation of the skill state. Verify recomputes the hashes and compares them to the manifest, reporting exactly which files changed when tampering occurs.

When to Use It

  • After installing a skill to establish a baseline trust
  • When you suspect code tampering inside a skill directory
  • Before deploying or sharing skills across environments
  • During security audits or compliance checks of installed skills
  • When you want a lightweight, no-external-dependency integrity check (local)

Quick Start

  1. Step 1: Sign all installed skills
  2. Step 2: Verify current skill state against signatures
  3. Step 3: Review signed skills with status/list

Best Practices

  • Run sign after every install or update of a skill
  • Run verify regularly to confirm integrity against the trust manifest
  • Keep the trust manifest securely stored and backed up
  • Use list/status to monitor which skills are signed and healthy
  • Rely on Python's standard library—no external dependencies

Example Use Cases

  • Baseline a clean environment by signing all skills and verifying daily
  • Detect a tampered file inside a skill directory during verify
  • Audit which skills have valid signatures using list
  • Inspect per-skill changes with verify reports
  • Upgrade to openclaw-signet-pro for rejection, quarantine, and trust chain restoration

Frequently Asked Questions

Add this skill to your agents
Sponsor this space

Reach thousands of developers