openclaw-signet-pro

Full cryptographic verification suite: SHA-256 skill signing and tamper detection, plus automatic rejection of unsigned skills, quarantine of tampered ones, trusted snapshots, and restoration. Everything in openclaw-signet (free) plus automated countermeasures.

7 stars

byDemerzels-lab

View on GitHub Installation ↓

Best use case

openclaw-signet-pro is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Teams using openclaw-signet-pro should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

You only need a quick one-off answer and do not need a reusable workflow.
You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/openclaw-signet-pro/SKILL.md --create-dirs "https://raw.githubusercontent.com/Demerzels-lab/elsamultiskillagent/main/public/skills/atlaspa/openclaw-signet-pro/SKILL.md"

Manual Installation

Download SKILL.md from GitHub
Place it in .claude/skills/openclaw-signet-pro/SKILL.md inside your project
Restart your AI agent — it will auto-discover the skill

How openclaw-signet-pro Compares

Feature / Agent	openclaw-signet-pro	Standard Approach
Platform Support	Not specified	Limited / Varies
Context Awareness	High	Baseline
Installation Complexity	Unknown	N/A

Frequently Asked Questions

What does this skill do?

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# OpenClaw Signet Pro

Everything in [openclaw-signet](https://github.com/AtlasPA/openclaw-signet) (free) plus automated countermeasures.

**Free version alerts. Pro version subverts, quarantines, and defends.**

## Detection Commands (also in free)

### Sign Skills

Generate SHA-256 content hashes for all installed skills and store in trust manifest.

```bash
python3 {baseDir}/scripts/signet.py sign --workspace /path/to/workspace
```

### Sign Single Skill

```bash
python3 {baseDir}/scripts/signet.py sign openclaw-warden --workspace /path/to/workspace
```

### Verify Skills

Compare current skill state against trusted signatures. Reports exactly which files were modified, added, or removed.

```bash
python3 {baseDir}/scripts/signet.py verify --workspace /path/to/workspace
```

### Verify Single Skill

```bash
python3 {baseDir}/scripts/signet.py verify openclaw-warden --workspace /path/to/workspace
```

### List Signed Skills

Display the trust manifest with hashes, file counts, and quarantined skills.

```bash
python3 {baseDir}/scripts/signet.py list --workspace /path/to/workspace
```

### Quick Status

One-line health check: verified, tampered, unsigned, quarantined counts.

```bash
python3 {baseDir}/scripts/signet.py status --workspace /path/to/workspace
```

## Pro Countermeasures

### Reject Unsigned Skills

Remove unsigned skills from the workspace. Moves them to `.quarantine/signet/` with metadata recording why they were rejected.

```bash
# Reject all unsigned skills
python3 {baseDir}/scripts/signet.py reject --workspace /path/to/workspace

# Reject a specific unsigned skill
python3 {baseDir}/scripts/signet.py reject untrusted-skill --workspace /path/to/workspace
```

### Quarantine a Tampered Skill

Disable a skill by renaming its directory with a `.quarantined-` prefix so the agent will not load it. Records tampering evidence (expected vs actual hashes, changed files) in `.quarantine/signet/{skill}-evidence.json`.

```bash
python3 {baseDir}/scripts/signet.py quarantine bad-skill --workspace /path/to/workspace
```

### Unquarantine a Skill

Restore a quarantined skill to its original name. Warns that it should be re-signed before trusting.

```bash
python3 {baseDir}/scripts/signet.py unquarantine bad-skill --workspace /path/to/workspace
```

### Snapshot a Verified Skill

Create a trusted backup of a signed skill. Only succeeds if the skill currently passes verification (hash matches manifest). Snapshots are stored in `.signet/snapshots/{skill}/`.

```bash
python3 {baseDir}/scripts/signet.py snapshot openclaw-warden --workspace /path/to/workspace
```

### Restore from Snapshot

Restore a skill from its trusted snapshot. Verifies snapshot integrity before restoring. Updates the trust manifest to match the restored state.

```bash
python3 {baseDir}/scripts/signet.py restore openclaw-warden --workspace /path/to/workspace
```

### Protect (Automated Sweep)

Full automated protection sweep. Recommended for session startup.

1. Verify all skills against the trust manifest
2. Auto-quarantine tampered skills (with evidence)
3. Optionally reject unsigned skills (`--reject-unsigned` flag, off by default)
4. Create/update snapshots of all verified skills

```bash
# Standard protection (quarantine tampered, snapshot clean)
python3 {baseDir}/scripts/signet.py protect --workspace /path/to/workspace

# Strict protection (also reject unsigned skills)
python3 {baseDir}/scripts/signet.py protect --reject-unsigned --workspace /path/to/workspace
```

## Recommended Integration

### Session Startup Hook (Claude Code)

```json
{
  "hooks": {
    "SessionStart": [
      {
        "hooks": [
          {
            "type": "command",
            "command": "python3 scripts/signet.py protect",
            "timeout": 30
          }
        ]
      }
    ]
  }
}
```

### Heartbeat (OpenClaw)

Add to HEARTBEAT.md for periodic protection:
```
- Run skill signature protection (python3 {skill:openclaw-signet-pro}/scripts/signet.py protect)
```

## Countermeasure Summary

| Command | Action |
|---------|--------|
| `protect` | Full sweep: verify + quarantine tampered + snapshot clean |
| `protect --reject-unsigned` | Full sweep + reject unsigned skills |
| `reject [skill]` | Remove unsigned skills to quarantine area |
| `quarantine <skill>` | Disable tampered skill with evidence |
| `unquarantine <skill>` | Restore quarantined skill (re-sign recommended) |
| `snapshot <skill>` | Create trusted backup of verified skill |
| `restore <skill>` | Restore from trusted snapshot |

## Exit Codes

- `0` -- All skills verified / action succeeded
- `1` -- Unsigned skills detected / warnings
- `2` -- Tampered skills detected / critical issues

## No External Dependencies

Python standard library only. No pip install. No network calls. Everything runs locally.

## Cross-Platform

Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.

Related Skills

OpenClaw-Finnhub

from Demerzels-lab/elsamultiskillagent

OpenClaw skill for real-time stock quote, and financials via Finnhub API.

openclaw-nextcloud

from Demerzels-lab/elsamultiskillagent

Manage Notes, Tasks, Calendar, Files, and Contacts in your Nextcloud instance via CalDAV, WebDAV, and Notes API. Use for creating notes, managing todos and calendar events, uploading/downloading files, and managing contacts.

openclaw-safety-coach

from Demerzels-lab/elsamultiskillagent

Safety coach for OpenClaw users. Refuses harmful, illegal, or unsafe requests and provides practical guidance to reduce ecosystem risk (malicious skills, tool abuse, secret exfiltration, prompt injection).

openclaw

from Demerzels-lab/elsamultiskillagent

openclaw

openclaw-spacesuit

from Demerzels-lab/elsamultiskillagent

**A framework scaffold for OpenClaw workspaces.**

nutrient-openclaw

from Demerzels-lab/elsamultiskillagent

Document processing for OpenClaw — convert, extract, OCR, redact, sign, and watermark PDFs and Office documents using the Nutrient DWS API. Use when asked to convert documents (DOCX/XLSX/PPTX to PDF, PDF to images or Office formats), extract text or tables from PDFs, apply OCR to scanned documents, redact sensitive information or PII, add watermarks, or digitally sign documents. Triggers on "convert to PDF", "extract text", "OCR this", "redact PII", "watermark", "sign document", or any document processing request.

openclaw-setup

from Demerzels-lab/elsamultiskillagent

Set up a complete OpenClaw personal AI assistant from scratch using Claude Code. Walks through AWS provisioning, OpenClaw installation, Telegram bot creation, API configuration, Google Workspace integration, security hardening, and all power features. Give this to Claude Code and it handles the rest.

OpenClaw Optimizer Skill

from Demerzels-lab/elsamultiskillagent

## Overview

openclaw-backup

from Demerzels-lab/elsamultiskillagent

Enhanced backup and restore for openclaw configuration, skills, commands, and settings. Sync across devices, version control with git, automate backups, and migrate to new machines with advanced compression.

openclaw-trakt

from Demerzels-lab/elsamultiskillagent

Track and recommend TV shows and movies using Trakt.tv. Use when the user asks for show/movie recommendations, wants to track what they're watching, check their watchlist, or get personalized suggestions based on their viewing history. Requires Trakt.tv account with Pro subscription for full functionality.

OpenClaw Claude Code Skill

from Demerzels-lab/elsamultiskillagent

## Description

OpenClaw Async Task

from Demerzels-lab/elsamultiskillagent

## Description