agentmesh-governance
AI agent governance, trust scoring, and policy enforcement powered by AgentMesh. Activate when: (1) user wants to enforce token limits, tool restrictions, or content policies on agent actions, (2) checking an agent's trust score before delegation or collaboration, (3) verifying agent identity with Ed25519 cryptographic DIDs, (4) auditing agent actions with tamper-evident Merkle chain logs, (5) user asks about agent safety, governance, compliance, or trust. Enterprise-grade: 1,600+ tests, merged into Dify (65K★), LlamaIndex (47K★), Microsoft Agent-Lightning (15K★).
Why use this skill?
Enhance your AI agent security with AgentMesh Governance. Enforce policies, verify agent identity via Ed25519 DIDs, and audit actions with tamper-evident logs.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/imran-siddique/agentmesh-governanceWhat This Skill Does
AgentMesh Governance is a professional-grade zero-trust layer designed to bring enterprise security, policy enforcement, and cryptographic identity verification to OpenClaw agents. It serves as a centralized governance engine that monitors agent behaviors, evaluates trust scores based on historical performance, and ensures that all agent actions comply with predefined safety and resource usage policies. By utilizing Ed25519 cryptographic DIDs (Decentralized Identifiers) and tamper-evident Merkle chain logs, this skill allows users to maintain full visibility and control over complex multi-agent workflows. It is engineered to integrate seamlessly into existing AI infrastructure, providing a robust framework for managing agent collaboration in sensitive or high-stakes environments.
Installation
To install this skill, run the following command in your terminal:
clawhub install openclaw/skills/skills/imran-siddique/agentmesh-governance
Additionally, ensure the governance engine is active in your environment by installing the dependencies:
pip install agentmesh-governance
Use Cases
- Policy Enforcement: Dynamically restrict agent actions, such as limiting token usage or blocking specific tool calls, based on live YAML policies.
- Agent Vetting: Before delegating a task to another agent, check its composite trust score to ensure it has a history of reliable and secure performance.
- Identity Verification: Authenticate incoming data streams from third-party agents using cryptographic signature verification to prevent spoofing.
- Audit Logging: Create a tamper-proof record of agent interactions for compliance reporting and post-incident investigation.
Example Prompts
- "Check the current trust score for the research-agent before I authorize it to access the production database."
- "Enforce a strict policy on the output of this agent; verify it against policy.yaml and block any web_search tools that exceed 500 tokens."
- "Verify the identity of the incoming agent with DID did:agentmesh:789xyz and the provided cryptographic signature before allowing it to write to the log file."
Tips & Limitations
- Proactive Auditing: Always run the
check-policy.shscript prior to executing tool calls to prevent unintended side effects. - Performance: While the governance layer is efficient, frequent cryptographic verification on high-throughput systems may introduce slight latency.
- Trust Scores: Remember that trust scores are dynamic and update based on outcomes; ensure your agents are properly reporting interaction results to maintain an accurate reputation map.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-imran-siddique-agentmesh-governance": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: code-execution, file-read, file-write