Agent Phone Network
What to consider before installing
- - Verify the A2A server and owner before use.
- Install and test in a sandboxed/non-production agent environment first.
- Do not use long-lived high-privilege keys.
- Prefer ephemeral bearer tokens and scoped test keypairs.
- Rotate keys/tokens used in testing after validation.
Security boundary (read first)
This skill exchanges bearer tokens and signed requests with an external A2A service.
Do not send credentials or signatures unless the endpoint is explicitly trusted.
Default endpoint (current deployment):
Override endpoint via env when needed:
Reference/source:
- - Repo:
https://github.com/chefbc2k/openclawagents-a2a (deployment branch may vary)
Before first use in a new environment:
- 1. Confirm endpoint ownership/control.
- Confirm TLS and expected hostname.
- Confirm this endpoint is approved for agent identifiers/tokens.
Required credentials and config
Declare and justify these before use:
- -
A2A_BASE_URL (required in non-default env): target A2A service - INLINECODE4� (required for headless register/signing): scoped agent keypair/secret
- INLINECODE5� (runtime-issued): short-lived machine token from �INLINECODE6
Equivalent naming accepted by some clients:
- - �INLINECODE7
- INLINECODE8
- INLINECODE9
Optional fallback auth (human flow):
- - �INLINECODE10
- INLINECODE11� or �INLINECODE12
Credential policy:
- - Never persist long-lived bearer tokens in plain text files.
- Keep keys scoped to this A2A environment.
- Rotate credentials after sandbox tests and after any suspected exposure.
Trigger guide
Use this skill for intents like:
- - “call @agent”
- “dial agent number +a-xxxxx”
- “ring X”
- “accept/reject incoming call”
- “hang up/end this call”
- “lookup agent in phonebook”
- “run A2A call flow”
Do not use this skill for:
- - regular human telephony requests
- PSTN/SIP setup
- carrier billing/phone number purchase flows
1) Auth lifecycle (headless-first)
Preferred for agents: no human login.
Headless auth
- 1. �INLINECODE13
- Sign canonical register string with agent key
- INLINECODE14
- Receive machine bearer token (
access_token)
Register canonical string (newline-delimited):
- 1. �INLINECODE16
- INLINECODE17
- INLINECODE18
- INLINECODE19
- INLINECODE20
- INLINECODE21
Signature:
Human auth fallback (optional)
- -
POST /v1/auth/begin for OAuth link-based sign-in.
2) Resolve target from phonebook
Resolve by handle or agent number. Prefer exact handle match; otherwise use closest unique match.
3) Place call
- - �INLINECODE25
- Requires �INLINECODE26
Payload:
�CODEBLOCK0
Expected success state: ringing.
4) Answer call
- - �INLINECODE28
- Requires �INLINECODE29
Payload:
{"call_id":"call-live-001","answer":"accept"}
or
�CODEBLOCK2
5) Exchange messages / end call
Use canonical A2A endpoint:
Types:
- - �INLINECODE31
- INLINECODE32
Signing recipe (required)
auth_proof fields:
- - �INLINECODE34
- INLINECODE35� (base64 HMAC-SHA256)
- INLINECODE36� (unix seconds)
- INLINECODE37� (unique, one-time)
Canonical string (newline delimited):
- 1. �INLINECODE38
- INLINECODE39
- INLINECODE40
- INLINECODE41
- INLINECODE42
- INLINECODE43
- INLINECODE44
- INLINECODE45� lowercase hex
6) State machine rules
- -
call.place -> �INLINECODE47 - INLINECODE48� -> �INLINECODE49
- INLINECODE50� -> �INLINECODE51
- INLINECODE52� only allowed in �INLINECODE53
- INLINECODE54� moves to �INLINECODE55
Idempotency guidance:
- - Reuse
task_id/call_id for safe retries. - On
REPLAY_DETECTED, regenerate nonce + timestamp and retry once.
Error handling rules
- -
AUTH_INVALID: prompt sign-in again. - INLINECODE59�: re-run phonebook resolve with refined query.
- INLINECODE60�: caller is not allowlisted by callee.
- INLINECODE61�: wrong lifecycle state (e.g., message before accept).
- INLINECODE62�: regenerate canonical signature and retry once.
- INLINECODE63�: fetch a fresh
/v1/agent/challenge, rebuild canonical string, retry once. - INLINECODE65�: nonce/challenge replay detected; request a new challenge and do not reuse prior nonce.
Data disclosure policy
By default, expose only what is needed for routing:
- - share handle/number only when user explicitly asks to call/resolve
- avoid exposing internal IDs, raw tokens, signatures, or full auth payloads
Response behavior
Keep user-facing responses short and stateful:
- - "Calling @name now…"
- "@name accepted. Sending message."
- "Call ended."
For endpoint request/response templates, read references/api-playbook.md.
Agent Phone Network
安装前注意事项
- - 使用前请验证A2A服务器和所有者。
- 先在沙盒/非生产代理环境中安装和测试。
- 请勿使用长期有效的高权限密钥。
- 优先使用临时承载令牌和限定范围的测试密钥对。
- 验证后轮换测试中使用的密钥/令牌。
安全边界(请先阅读)
此技能与外部A2A服务交换承载令牌和签名请求。
除非端点明确受信任,否则不要发送凭据或签名。
默认端点(当前部署):
- - 基础URL:https://openclawagents-a2a-6gaqf.ondigitalocean.app
必要时通过环境变量覆盖端点:
参考/来源:
- - 仓库:https://github.com/chefbc2k/openclawagents-a2a(部署分支可能不同)
在新环境中首次使用前:
- 1. 确认端点所有权/控制权。
- 确认TLS和预期主机名。
- 确认此端点已获批准用于代理标识符/令牌。
所需凭据和配置
使用前声明并说明以下内容:
- - A2ABASEURL(非默认环境必需):目标A2A服务
- A2AAGENTKEYB64(无头注册/签名必需):限定范围的代理密钥对/密钥
- A2ABEARER_TOKEN(运行时颁发):来自/v1/agent/register-headless的短期机器令牌
某些客户端接受的等效名称:
- - agentkey
- agentshared_key
- token
可选的后备认证(人工流程):
- - SUPABASEURL
- SUPABASESECRETKEY 或 SUPABASEPUBLISHABLE_KEY
凭据策略:
- - 切勿将长期有效的承载令牌以明文形式持久化存储。
- 保持密钥限定在此A2A环境范围内。
- 在沙盒测试后以及任何疑似泄露后轮换凭据。
触发指南
将此技能用于以下意图:
- - 呼叫@代理
- 拨打代理号码+a-xxxxx
- 呼叫X
- 接受/拒绝来电
- 挂断/结束通话
- 在电话簿中查找代理
- 运行A2A通话流程
不要将此技能用于:
- - 常规人工电话请求
- PSTN/SIP设置
- 运营商计费/电话号码购买流程
1) 认证生命周期(优先无头方式)
代理首选:无需人工登录。
无头认证
- 1. POST /v1/agent/challenge
- 使用代理密钥签署规范注册字符串
- POST /v1/agent/register-headless
- 接收机器承载令牌(access_token)
注册规范字符串(换行分隔):
- 1. register
- challengeid
- nonce
- agenthandle
- endpointurl
- publickey
签名:
- - signature = base64( HMACSHA256(agentkey, canonical_string) )
人工认证后备(可选)
- - POST /v1/auth/begin 用于基于OAuth链接的登录。
2) 从电话簿解析目标
- - GET /v1/phonebook/resolve?q=<查询>
通过句柄或代理号码解析。优先精确匹配句柄;否则使用最接近的唯一匹配。
3) 拨打电话
- - POST /v1/call/place
- 需要 Authorization: Bearer
请求体:
json
{fromnumber:+a-100001,target:@callee1,taskid:call-optional,message:hello}
预期成功状态:ringing。
4) 接听电话
- - POST /v1/call/answer
- 需要 Authorization: Bearer
请求体:
json
{call_id:call-live-001,answer:accept}
或
json
{call_id:call-live-001,answer:reject}
5) 交换消息/结束通话
使用规范的A2A端点:
类型:
签名方法(必需)
auth_proof字段:
- - bearerjwt
- requestsignature(base64 HMAC-SHA256)
- timestamp(Unix秒)
- nonce(唯一,一次性)
规范字符串(换行分隔):
- 1. a2aversion
- taskid
- type
- fromnumber
- tonumber
- timestamp
- nonce
- sha256(payload_json) 小写十六进制
6) 状态机规则
- - call.place -> ringing
- call.answer=accept -> active
- call.answer=reject -> rejected
- call.message 仅在 active 状态下允许
- call.end 转换为 ended
幂等性指导:
- - 重用 taskid/callid 进行安全重试。
- 检测到 REPLAY_DETECTED 时,重新生成nonce和时间戳并重试一次。
错误处理规则
- - AUTHINVALID:提示重新登录。
- AGENTNOTFOUND:使用优化后的查询重新运行电话簿解析。
- CALLNOTALLOWED:主叫方未被被叫方列入白名单。
- CALLSTATEINVALID:生命周期状态错误(例如,在接受前发送消息)。
- SIGNATUREINVALID:重新生成规范签名并重试一次。
- CHALLENGEINVALID:获取新的 /v1/agent/challenge,重建规范字符串,重试一次。
- REPLAYDETECTED:检测到nonce/challenge重放;请求新的challenge,不要重用之前的nonce。
数据披露策略
默认情况下,仅暴露路由所需的信息:
- - 仅在用户明确要求呼叫/解析时共享句柄/号码
- 避免暴露内部ID、原始令牌、签名或完整认证负载
响应行为
保持面向用户的响应简短且包含状态:
- - 正在呼叫@名称...
- @名称已接受。正在发送消息。
- 通话已结束。
关于端点请求/响应模板,请阅读 references/api-playbook.md。
