技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.4
统计:⭐ 0 · 298 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :可疑 · OpenClaw :可疑
Package:ahessami123/sealvera
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :可疑
OpenClaw 评估
The skill mostly implements an audit/tracing tool that fits its description, but there are multiple mismatches and risky behaviors (missing declared env requirements, a hard-coded API key, filesystem reads of agent transcripts, and global runtime monkeypatching) that warrant careful review before installing.
目的
The name/description (tamper-evident audit trail) matches what the code and docs actually do: intercept LLM SDKs, log decisions to app.sealvera.com, provide helpers and a watcher. However the registry metadata declares no required env vars or credentials while the skill and reference docs clearly require SEALVERA_API_KEY and other environment config — this inconsistency is surprising and reduces trust.
说明范围
Runtime instructions and scripts instruct the agent to run setup.js which will write files into the workspace (sealvera-log.js, .sealvera.json), patch AGENTS.md and optionally SOUL.md with mandatory logging rules, and suggest setting NODE_OPTIONS to auto-require an autoload script. The subagent-watcher reads ~/.openclaw/.../sessions.json and session transcripts and will synthesize and POST logs for missing sessions. These actions read and tran…
安装机制
There is no network install spec (instruction-only + included scripts), so nothing is downloaded during install. However the setup script will copy/generate files into the user's workspace and suggests runtime autoloading (NODE_OPTIONS). The code will attempt to require an external 'sealvera' SDK if present, but also generates a local sealvera-log.js helper that performs network calls.
证书
The skill metadata declared no required env vars, but the code and docs expect SEALVERA_API_KEY (and optionally SEALVERA_ENDPOINT, SEALVERA_AGENT). The subagent-watcher includes a hard-coded default SV_KEY value in its source (a baked-in API key), which is unexpected and dangerous. The skill also reads OPENCLAW_WORKSPACE and the user's home sessions/transcripts — access to these paths is not declared in metadata and may expose sensitive data.
持久
Setup will write config and helper files into the workspace and patch AGENTS.md and SOUL.md to enforce a mandatory logging footer. The autoload script monkeypatches module loading to intercept OpenAI/Anthropic clients at require-time and mutates require cache entries — a global runtime modification. The subagent-watcher writes state and can be run as a cron-style backstop. These changes are persistent and affect agent behavior beyond a local h…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「SealVera」。简介:Tamper-evident audit trail for AI agent decisions. Use when logging LLM decisio…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/ahessami123/sealvera/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: sealvera
description: "Tamper-evident audit trail for AI agent decisions. Use when logging LLM decisions, setting up AI compliance, auditing agents for EU AI Act, HIPAA, GDPR or SOC 2, or when a user asks about AI decision audit trails, explainability, or SealVera."
tags:
- compliance
- audit
- ai-governance
- llm
- observability
- eu-ai-act
- hipaa
- gdpr
- soc2
- fintech
- tamper-evident
- explainability
- langchain
- openai
- anthropic
- responsible-ai
---
# SealVera Skill for OpenClaw
**Cryptographically-sealed, tamper-evident audit trails for every AI decision your agents make.**
SealVera is AI Decision Audit Infrastructure. This skill wires any OpenClaw agent into SealVera
so every decision it makes is logged, cryptographically signed, chained, and monitored —
automatically. Built for teams shipping AI in finance, healthcare, legal, and insurance.
> EU AI Act · SOC 2 · HIPAA · GDPR · FINRA · ISO 42001
---
## Why SealVera?
- **Tamper-evident** — every decision is cryptographically hashed (RSA-2048) and chained; any alteration is detectable
- **Works in 2 lines** — `init()` + one patch call and every LLM decision is logged
- **Full explainability** — captures inputs, outputs, reasoning steps, confidence scores, model used
- **Real-time dashboard** — search, filter, export at [app.sealvera.com](https://app.sealvera.com)
- **Drift detection** — alerts when agent behaviour deviates from its baseline
- **Any LLM** — OpenAI, Anthropic, Gemini, Ollama, LangChain, CrewAI, AutoGen
- **Zero friction** — no new infrastructure, installs in seconds
---
## First time? Run setup
Check if SealVera is configured:
```javascript
const fs = require('fs');
const path = require('path');
const configured = fs.existsSync(path.join(process.env.OPENCLAW_WORKSPACE || process.cwd(), '.sealvera.json'));
```
If `.sealvera.json` does NOT exist, run setup:
```bash
node <skill_dir>/scripts/setup.js
```
Setup will:
1. Ask for your API key (get one free at [app.sealvera.com](https://app.sealvera.com))
2. Verify connectivity and show org/plan info
3. Copy `sealvera-log.js` into the workspace
4. Patch `AGENTS.md` with the mandatory sub-agent audit rule
5. Write `.sealvera.json` config
6. Fire a test log to confirm end-to-end
**One-time setup. After this, every sub-agent you spawn is audited automatically.**
If the user says "install SealVera", "set up SealVera", or "connect SealVera" — run setup, don't just describe it.
---
## How logging works
After setup, two logging paths are active:
### 1. Sub-agent logging (automatic via AGENTS.md)
Every `sessions_spawn` task prompt gets a MANDATORY footer — the sub-agent logs itself on completion.
### 2. Main-session logging (call after every significant task)
The agent running the main session must log its own work. This is what shows your day-to-day activity in the dashboard.
```javascript
const log = require('./sealvera-log');
await log({
action: 'fix_login_bug', // short description of what you did
decision: 'COMPLETED', // COMPLETED | FAILED | ESCALATED
input: { task: '...' },
output: { result: '...' },
reasoning: [{ factor: 'outcome', value: 'ok', signal: 'safe', explanation: '...' }]
});
```
**Log after:** code written, bug fixed, feature deployed, investigation done, judgment call made.
**Don't log:** routine chat, heartbeat pings, trivial lookups.
Setup patches `SOUL.md` with this rule so the agent follows it automatically.
Each log entry includes: input/output, reasoning steps, RSA-2048 signature, chain link, timestamp, model, and agent name.
---
## Decision vocabulary
**Task / agent execution:**
| Decision | Meaning |
|---|---|
| `COMPLETED` | Task finished successfully |
| `RESPONDED` | Answered a question / returned output |
| `FAILED` | Task failed |
| `ERROR` | Unexpected exception |
| `ESCALATED` | Handed off to human or higher-level agent |
| `SKIPPED` | Task intentionally not run |
| `PARTIAL` | Completed with caveats |
**Approval / gating:**
| Decision | Meaning |
|---|---|
| `APPROVED` | Request approved |
| `REJECTED` | Request blocked |
| `FLAGGED` | Needs human review |
**Tests:**
| Decision | Meaning |
|---|---|
| `PASSED` | Test passed |
| `FAILED` | Test failed |
| `SKIPPED` | Test skipped |
---
## Sub-agent audit rule
Append this footer to every `sessions_spawn` task:
```
---
MANDATORY: Before you finish, log your result to SealVera:
const log = require('<workspace>/sealvera-log');
await log({
action: '<what you did>',
decision: 'COMPLETED',
input: { task: '<summary>' },
output: { result: '<summary>' },
reasoning: [{ factor: 'outcome', value: '<result>', signal: 'safe', explanation: '<why>' }]
});
Vocabulary: task=COMPLETED/FAILED | test=PASSED/FAILED | gate=APPROVED/REJECTED | handoff=ESCALATED
```
---
## Check status
```bash
node <skill_dir>/scripts/status.js
```
---
## Get your API key
Sign up at **[app.sealvera.com](https://app.sealvera.com)** — free tier includes 10,000 decisions/month.
---
## Reference
See `references/api.md` for all SDK methods and log field schema.
See `references/compliance.md` for regulation mapping (EU AI Act, FINRA, HIPAA, GDPR, SOC 2).