š”ļø Skills A2a OpenClaw Skill - ClawHub
Do you want your AI agent to automate Skills A2a workflows? This free skill from ClawHub helps with ai & llms tasks without building custom tools from scratch.
What this skill does
Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".
Install
npx clawhub@latest install skills-a2aFull SKILL.md
Open original| name | description |
|---|---|
| Praesidia | Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent". |
Praesidia Agent Identity, Verification & Guardrails
Verify AI agents, check trust scores (0-100), discover marketplace agents, and apply guardrails for security and compliance.
Core Capabilities
- Verify agents - Check if an agent is registered, verified, and trustworthy
- Trust scores - View 0-100 trust ratings and verification status
- Agent discovery - Search marketplace for public agents by capability
- Guardrails - Apply security policies and content moderation to agents
- A2A protocol - Fetch standard Agent-to-Agent protocol cards
Prerequisites
- Praesidia account: https://praesidia.ai
- API key from Settings ā API Keys
- Configure in
~/.openclaw/openclaw.json:
{
"skills": {
"entries": {
"praesidia": {
"apiKey": "pk_live_your_key_here",
"env": {
"PRAESIDIA_API_URL": "https://api.praesidia.ai"
}
}
}
}
}
For local development, use http://localhost:3000 as the URL.
Quick Reference
1. Verify an Agent
User says: "Is agent chatbot-v2 safe?" / "Verify agent chatbot-v2"
Your action:
web_fetch({
url: "${PRAESIDIA_API_URL}/agents/chatbot-v2/agent-card",
headers: {
"Authorization": "Bearer ${PRAESIDIA_API_KEY}",
"Accept": "application/json"
}
})
Present to user:
- ā Agent name & description
- š”ļø Trust score (0-100) and trust level
- ā Verification status (verified date)
- š§ Capabilities (what the agent can do)
- š Compliance (SOC2, GDPR, etc.)
- š Agent card URL
Example output:
ā
ChatBot V2 is verified and safe to use!
Trust Score: 92.5/100 (VERIFIED)
Status: ACTIVE
Capabilities: message:send, task:create, data:analyze
Compliance: SOC2, GDPR
Last verified: 2 days ago
Agent card: https://api.praesidia.ai/agents/chatbot-v2/agent-card
2. List Guardrails for an Agent
User says: "What guardrails are configured for my agent?" / "Show me security policies for chatbot-v2"
Your action:
// First, get the user's organization ID from their profile or context
// Then fetch guardrails
web_fetch({
url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails?agentId=${agentId}",
headers: {
"Authorization": "Bearer ${PRAESIDIA_API_KEY}",
"Accept": "application/json"
}
})
Present to user:
- List of guardrails with:
- Name and description
- Type (RULE, ML, LLM)
- Category (CONTENT, SECURITY, COMPLIANCE, etc.)
- Action (BLOCK, WARN, REDACT, REPLACE)
- Scope (INPUT, OUTPUT, BOTH)
- Enabled status
- Trigger count
Example output:
Found 3 guardrails for ChatBot V2:
1. PII Detection (ENABLED)
- Type: ML | Category: SECURITY
- Scope: BOTH (input & output)
- Action: REDACT sensitive data
- Triggered: 45 times
2. Toxic Language Filter (ENABLED)
- Type: RULE | Category: CONTENT
- Scope: BOTH
- Action: BLOCK toxic content
- Triggered: 12 times
3. Financial Advice Warning (ENABLED)
- Type: LLM | Category: COMPLIANCE
- Scope: OUTPUT only
- Action: WARN if detected
- Triggered: 3 times
3. Get Available Guardrail Templates
User says: "What guardrail templates are available?" / "Show me security templates"
Your action:
web_fetch({
url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails/templates",
headers: {
"Authorization": "Bearer ${PRAESIDIA_API_KEY}",
"Accept": "application/json"
}
})
Available Templates:
Content Moderation:
- TOXIC_LANGUAGE - Detect toxic/harmful language
- PROFANITY_FILTER - Filter profanity
- HATE_SPEECH - Detect hate speech
- VIOLENCE_DETECTION - Detect violent content
- ADULT_CONTENT - Filter adult content
Security:
- PII_DETECTION - Detect personally identifiable information
- CREDIT_CARD_DETECTION - Detect credit card numbers
- SSN_DETECTION - Detect social security numbers
- API_KEY_DETECTION - Detect leaked API keys
- PROMPT_INJECTION - Detect prompt injection attacks
- JAILBREAK_DETECTION - Detect jailbreak attempts
Compliance:
- FINANCIAL_ADVICE - Flag financial advice
- MEDICAL_ADVICE - Flag medical advice
- LEGAL_ADVICE - Flag legal advice
- GDPR_COMPLIANCE - Enforce GDPR rules
- HIPAA_COMPLIANCE - Enforce HIPAA rules
Brand Safety:
- COMPETITOR_MENTIONS - Detect competitor mentions
- POSITIVE_TONE - Ensure positive tone
- BRAND_VOICE - Maintain brand voice
- OFF_TOPIC_DETECTION - Detect off-topic responses
Accuracy:
- HALLUCINATION_DETECTION - Detect hallucinations
- FACT_CHECKING - Verify facts
- SOURCE_VALIDATION - Validate sources
- CONSISTENCY_CHECK - Check consistency
4. Apply a Guardrail to an Agent
User says: "Add PII detection to my chatbot" / "Apply toxic language filter to agent xyz"
Your action:
web_fetch({
url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails",
method: "POST",
headers: {
"Authorization": "Bearer ${PRAESIDIA_API_KEY}",
"Content-Type": "application/json"
},
body: JSON.stringify({
name: "PII Detection",
description: "Automatically detect and redact PII",
agentId: "${agentId}",
template: "PII_DETECTION",
type: "ML",
category: "SECURITY",
scope: "BOTH",
action: "REDACT",
severity: "HIGH",
isEnabled: true,
priority: 0
})
})
Guardrail Options:
Type:
- RULE - Simple regex/keyword matching (fast)
- ML - Machine learning model (balanced)
- LLM - LLM-powered validation (most accurate)
Category:
- CONTENT - Content moderation
- SECURITY - Security checks
- COMPLIANCE - Regulatory compliance
- BRAND - Brand safety
- ACCURACY - Accuracy checks
- CUSTOM - Custom rules
Scope:
- INPUT - Validate user input only
- OUTPUT - Validate agent output only
- BOTH - Validate both directions
Action:
- BLOCK - Block the request/response entirely
- WARN - Log warning but allow through
- REDACT - Mask the offending content
- REPLACE - Replace with alternative content
- RETRY - Retry with modified prompt
- ESCALATE - Escalate to human review
Severity:
- LOW, MEDIUM, HIGH, CRITICAL
5. Validate Content Against Guardrails
User says: "Check if this message passes guardrails: [content]"
Your action:
web_fetch({
url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails/validate",
method: "POST",
headers: {
"Authorization": "Bearer ${PRAESIDIA_API_KEY}",
"Content-Type": "application/json"
},
body: JSON.stringify({
content: "User's message here",
agentId: "${agentId}",
scope: "INPUT"
})
})
Response shows:
- Whether content passed or failed
- Which guardrails were triggered
- Suggested actions (block, redact, warn)
- Modified content (if redaction applied)
6. Discover Public Agents
User says: "Find public data analysis agents" / "Show me chatbot agents"
Your action:
web_fetch({
url: "${PRAESIDIA_API_URL}/agents/discovery?visibility=PUBLIC&search=data",
headers: { "Accept": "application/json" }
// Authorization optional for public agents (includes it for more results)
})
Filters available:
?visibility=PUBLIC- public marketplace agents?role=SERVER- agents that provide services?role=CLIENT- agents that consume services?status=ACTIVE- only active agents?search=keyword- search by name/description
Present to user:
- List of matching agents with:
- Name, description, agent ID
- Trust score and level
- Role (SERVER/CLIENT)
- Key capabilities
- Link to full card
Example output:
Found 2 public data analysis agents:
1. OpenData Analyzer (VERIFIED - 88.0/100)
- Capabilities: data:analyze, chart:generate, report:create
- Role: SERVER | Status: ACTIVE
- Card: https://api.praesidia.ai/agents/opendata-1/agent-card
2. CSV Processor (STANDARD - 70.0/100)
- Capabilities: file:parse, data:transform, export:json
- Role: SERVER | Status: ACTIVE
- Card: https://api.praesidia.ai/agents/csv-proc/agent-card
7. List User's Agents
User says: "Show my agents" / "List all my server agents"
Your action:
web_fetch({
url: "${PRAESIDIA_API_URL}/agents/discovery?role=SERVER",
headers: {
"Authorization": "Bearer ${PRAESIDIA_API_KEY}",
"Accept": "application/json"
}
})
This returns all agents the user has access to (their own + team/org agents).
Trust Levels Guide
Present trust information clearly to help users make decisions:
| Trust Score | Level | Meaning | Recommendation |
|---|---|---|---|
| 90-100 | VERIFIED | Fully vetted, compliant, verified identity | ā Safe to use |
| 70-89 | STANDARD | Good reputation, basic verification | ā Generally safe |
| 50-69 | LIMITED | Minimal verification | ā ļø Use with caution |
| 0-49 | UNTRUSTED | Not verified or poor reputation | ā Not recommended |
Always show the trust score numerically (e.g., 92.5/100) and the level (e.g., VERIFIED).
Error Handling
| Error | Meaning | What to tell user |
|---|---|---|
| 401 Unauthorized | API key missing/invalid | "Check PRAESIDIA_API_KEY in ~/.openclaw/openclaw.json" |
| 403 Forbidden | No permission | "You don't have access to this agent" |
| 404 Not Found | Agent doesn't exist | "Agent not found. Check the agent ID" |
| 500 Server Error | Praesidia API issue | "Praesidia API temporarily unavailable. Try again" |
API Endpoints
GET /agents/:id/agent-card
Fetch detailed agent card with trust data.
Auth: Required for private/team/org agents, optional for public Returns: A2A agent card + Praesidia extensions (trust, compliance)
GET /agents/discovery
List/search agents with filters.
Auth: Optional (more results with auth)
Query params: role, status, visibility, search
Returns: Array of agent summaries with card URLs
Guardrails Best Practices
When helping users with guardrails:
- Start with templates - Use predefined templates before custom rules
- Layer security - Combine multiple guardrails (PII + Toxic + Compliance)
- Test before enabling - Use validate endpoint to test content first
- Monitor triggers - Check stats regularly to tune thresholds
- Scope appropriately - Use INPUT for user content, OUTPUT for agent responses
- Choose right action:
- BLOCK for critical security issues (PII, prompt injection)
- REDACT for sensitive data that can be masked
- WARN for compliance/brand issues that need logging
- ESCALATE for edge cases requiring human review
Best Practices
- Always verify before recommending - Check trust score before suggesting an agent
- Explain trust levels - Users may not know what "VERIFIED" means
- Filter by SERVER role - When users want agents to use/call
- Show compliance - Important for enterprise users (SOC2, GDPR)
- Present trust score numerically - 92.5/100 is clearer than just "VERIFIED"
- Layer guardrails - Combine security, content, and compliance guardrails
Common User Patterns
Pattern 1: Safety Check
User: "Is agent xyz safe to use?"
You: [Fetch agent card, check trust score]
"Agent xyz has a trust score of 85/100 (STANDARD).
It's verified for basic operations. What would you like to use it for?"
Pattern 2: Capability Discovery
User: "I need an agent that can analyze spreadsheets"
You: [Search discovery with visibility=PUBLIC&search=spreadsheet]
"I found 3 spreadsheet analysis agents. The highest rated is..."
Pattern 3: Fleet Management
User: "Show me all my agents that are inactive"
You: [Fetch discovery with status=INACTIVE]
"You have 2 inactive agents: [list with trust scores]"
Pattern 4: Apply Security
User: "I need to secure my chatbot against PII leaks"
You: [List available templates, recommend PII_DETECTION]
[Apply guardrail with REDACT action on BOTH scope]
"I've added PII Detection (ML-powered) to your chatbot.
It will automatically redact sensitive information in both
user inputs and bot responses."
Pattern 5: Compliance Check
User: "My agent handles healthcare data. What guardrails should I add?"
You: [Check if HIPAA compliance is required]
[Recommend HIPAA_COMPLIANCE + PII_DETECTION + AUDIT_LOGGING]
"For healthcare data, I recommend these guardrails:
1. HIPAA Compliance (BLOCK on violations)
2. PII Detection (REDACT)
3. Medical Advice Warning (WARN)
Would you like me to apply these?"
Environment Variables
PRAESIDIA_API_KEY(required) - Your API key from https://app.praesidia.aiPRAESIDIA_API_URL(optional) - Defaults tohttps://api.praesidia.ai- Production:
https://api.praesidia.ai - Local dev:
http://localhost:3000 - Custom: Your deployment URL
- Production:
Additional Resources
- Full setup guide: See README.md in this skill folder
- API documentation: https://app.praesidia.ai/docs/api
- A2A protocol: https://a2a-protocol.org
- Support: [email protected] or https://discord.gg/e9EwZfHS
Security & Privacy
- All production requests use HTTPS
- API keys stored in OpenClaw config (never exposed to users)
- Private/team/org agents require authentication
- Public agents accessible without auth
- Trust verification protects against malicious agents