Praesidia Agent Identity, Verification & Guardrails

Verify AI agents, check trust scores (0-100), discover marketplace agents, and apply guardrails for security and compliance.

Core Capabilities

- Verify agents - Check if an agent is registered, verified, and trustworthy
Trust scores - View 0-100 trust ratings and verification status
Agent discovery - Search marketplace for public agents by capability
Guardrails - Apply security policies and content moderation to agents
A2A protocol - Fetch standard Agent-to-Agent protocol cards

Prerequisites

1. Praesidia account: https://praesidia.ai
API key from Settings → API Keys
Configure in ~/.openclaw/openclaw.json:

CODEBLOCK0

For local development, use http://localhost:3000 as the URL.

Quick Reference

1. Verify an Agent

User says: "Is agent chatbot-v2 safe?" / "Verify agent chatbot-v2"

Your action:
CODEBLOCK1

Present to user:

- ✅ Agent name & description
🛡️ Trust score (0-100) and trust level
✓ Verification status (verified date)
🔧 Capabilities (what the agent can do)
📜 Compliance (SOC2, GDPR, etc.)
🔗 Agent card URL

Example output:

✅ ChatBot V2 is verified and safe to use!

Trust Score: 92.5/100 (VERIFIED)
Status: ACTIVE
Capabilities: message:send, task:create, data:analyze
Compliance: SOC2, GDPR
Last verified: 2 days ago

Agent card: https://api.praesidia.ai/agents/chatbot-v2/agent-card

2. List Guardrails for an Agent

User says: "What guardrails are configured for my agent?" / "Show me security policies for chatbot-v2"

Your action:
CODEBLOCK3

Present to user:

- List of guardrails with:

- Name and description
- Type (RULE, ML, LLM)
- Category (CONTENT, SECURITY, COMPLIANCE, etc.)
- Action (BLOCK, WARN, REDACT, REPLACE)
- Scope (INPUT, OUTPUT, BOTH)
- Enabled status
- Trigger count

Example output:

Found 3 guardrails for ChatBot V2:

1. PII Detection (ENABLED)
   - Type: ML | Category: SECURITY
   - Scope: BOTH (input & output)
   - Action: REDACT sensitive data
   - Triggered: 45 times

2. Toxic Language Filter (ENABLED)
   - Type: RULE | Category: CONTENT
   - Scope: BOTH
   - Action: BLOCK toxic content
   - Triggered: 12 times

3. Financial Advice Warning (ENABLED)
   - Type: LLM | Category: COMPLIANCE
   - Scope: OUTPUT only
   - Action: WARN if detected
   - Triggered: 3 times

3. Get Available Guardrail Templates

User says: "What guardrail templates are available?" / "Show me security templates"

Your action:
CODEBLOCK5

Available Templates:

Content Moderation:

- TOXICLANGUAGE - Detect toxic/harmful language
PROFANITYFILTER - Filter profanity
HATESPEECH - Detect hate speech
VIOLENCEDETECTION - Detect violent content
ADULT_CONTENT - Filter adult content

Security:

- PIIDETECTION - Detect personally identifiable information
CREDITCARDDETECTION - Detect credit card numbers
SSNDETECTION - Detect social security numbers
APIKEYDETECTION - Detect leaked API keys
PROMPTINJECTION - Detect prompt injection attacks
JAILBREAKDETECTION - Detect jailbreak attempts

Compliance:

- FINANCIALADVICE - Flag financial advice
MEDICALADVICE - Flag medical advice
LEGALADVICE - Flag legal advice
GDPRCOMPLIANCE - Enforce GDPR rules
HIPAA_COMPLIANCE - Enforce HIPAA rules

Brand Safety:

- COMPETITORMENTIONS - Detect competitor mentions
POSITIVETONE - Ensure positive tone
BRANDVOICE - Maintain brand voice
OFFTOPIC_DETECTION - Detect off-topic responses

Accuracy:

- HALLUCINATIONDETECTION - Detect hallucinations
FACTCHECKING - Verify facts
SOURCEVALIDATION - Validate sources
CONSISTENCYCHECK - Check consistency

4. Apply a Guardrail to an Agent

User says: "Add PII detection to my chatbot" / "Apply toxic language filter to agent xyz"

Your action:
CODEBLOCK6

Guardrail Options:

Type:

- RULE - Simple regex/keyword matching (fast)
ML - Machine learning model (balanced)
LLM - LLM-powered validation (most accurate)

Category:

- CONTENT - Content moderation
SECURITY - Security checks
COMPLIANCE - Regulatory compliance
BRAND - Brand safety
ACCURACY - Accuracy checks
CUSTOM - Custom rules

Scope:

- INPUT - Validate user input only
OUTPUT - Validate agent output only
BOTH - Validate both directions

Action:

- BLOCK - Block the request/response entirely
WARN - Log warning but allow through
REDACT - Mask the offending content
REPLACE - Replace with alternative content
RETRY - Retry with modified prompt
ESCALATE - Escalate to human review

Severity:

- LOW, MEDIUM, HIGH, CRITICAL

5. Validate Content Against Guardrails

User says: "Check if this message passes guardrails: [content]"

Your action:
CODEBLOCK7

Response shows:

- Whether content passed or failed
Which guardrails were triggered
Suggested actions (block, redact, warn)
Modified content (if redaction applied)

6. Discover Public Agents

User says: "Find public data analysis agents" / "Show me chatbot agents"

Your action:
CODEBLOCK8

Filters available:

- ?visibility=PUBLIC - public marketplace agents
INLINECODE3 - agents that provide services
INLINECODE4 - agents that consume services
INLINECODE5 - only active agents
INLINECODE6 - search by name/description

Present to user:

- List of matching agents with:

- Name, description, agent ID
- Trust score and level
- Role (SERVER/CLIENT)
- Key capabilities
- Link to full card

Example output:

Found 2 public data analysis agents:

1. OpenData Analyzer (VERIFIED - 88.0/100)
   - Capabilities: data:analyze, chart:generate, report:create
   - Role: SERVER | Status: ACTIVE
   - Card: https://api.praesidia.ai/agents/opendata-1/agent-card

2. CSV Processor (STANDARD - 70.0/100)
   - Capabilities: file:parse, data:transform, export:json
   - Role: SERVER | Status: ACTIVE
   - Card: https://api.praesidia.ai/agents/csv-proc/agent-card

7. List User's Agents

User says: "Show my agents" / "List all my server agents"

Your action:
CODEBLOCK10

This returns all agents the user has access to (their own + team/org agents).

Trust Levels Guide

Present trust information clearly to help users make decisions:

Trust Score	Level	Meaning	Recommendation
90-100	VERIFIED	Fully vetted, compliant, verified identity	✅ Safe to use
70-89

Always show the trust score numerically (e.g., 92.5/100) and the level (e.g., VERIFIED).

Error Handling

Error	Meaning	What to tell user
401 Unauthorized	API key missing/invalid	"Check PRAESIDIAAPIKEY in ~/.openclaw/openclaw.json"
403 Forbidden

API Endpoints

GET /agents/:id/agent-card

Fetch detailed agent card with trust data.

Auth: Required for private/team/org agents, optional for public
Returns: A2A agent card + Praesidia extensions (trust, compliance)

GET /agents/discovery

List/search agents with filters.

Auth: Optional (more results with auth)
Query params: role, status, visibility, search
Returns: Array of agent summaries with card URLs

Guardrails Best Practices

When helping users with guardrails:

1. Start with templates - Use predefined templates before custom rules
Layer security - Combine multiple guardrails (PII + Toxic + Compliance)
Test before enabling - Use validate endpoint to test content first
Monitor triggers - Check stats regularly to tune thresholds
Scope appropriately - Use INPUT for user content, OUTPUT for agent responses
Choose right action:

- BLOCK for critical security issues (PII, prompt injection) - REDACT for sensitive data that can be masked - WARN for compliance/brand issues that need logging - ESCALATE for edge cases requiring human review

Best Practices

1. Always verify before recommending - Check trust score before suggesting an agent
Explain trust levels - Users may not know what "VERIFIED" means
Filter by SERVER role - When users want agents to use/call
Show compliance - Important for enterprise users (SOC2, GDPR)
Present trust score numerically - 92.5/100 is clearer than just "VERIFIED"
Layer guardrails - Combine security, content, and compliance guardrails

Common User Patterns

Pattern 1: Safety Check

CODEBLOCK11

Pattern 2: Capability Discovery

CODEBLOCK12

Pattern 3: Fleet Management

CODEBLOCK13

Pattern 4: Apply Security

CODEBLOCK14

Pattern 5: Compliance Check

User: "My agent handles healthcare data. What guardrails should I add?"
You: [Check if HIPAA compliance is required]
     [Recommend HIPAA_COMPLIANCE + PII_DETECTION + AUDIT_LOGGING]
     "For healthcare data, I recommend these guardrails:
      1. HIPAA Compliance (BLOCK on violations)
      2. PII Detection (REDACT)
      3. Medical Advice Warning (WARN)
      Would you like me to apply these?"

Environment Variables

- PRAESIDIA_API_KEY (required) - Your API key from https://app.praesidia.ai
INLINECODE12 (optional) - Defaults to INLINECODE13

- Production: https://api.praesidia.ai - Local dev: http://localhost:3000 - Custom: Your deployment URL

Additional Resources

- Full setup guide: See README.md in this skill folder
API documentation: https://app.praesidia.ai/docs/api
A2A protocol: https://a2a-protocol.org
Support: hello@praesidia.ai or https://discord.gg/e9EwZfHS

Security & Privacy

- All production requests use HTTPS
API keys stored in OpenClaw config (never exposed to users)
Private/team/org agents require authentication
Public agents accessible without auth
Trust verification protects against malicious agents

技能名称: Praesidia

Praesidia 智能体身份、验证与防护栏

验证AI智能体，检查信任评分（0-100），发现市场智能体，并应用防护栏以确保安全与合规。

核心能力

- 验证智能体 - 检查智能体是否已注册、已验证且值得信赖
信任评分 - 查看0-100的信任评级和验证状态
智能体发现 - 按能力在市场搜索公开智能体
防护栏 - 对智能体应用安全策略和内容审核
A2A协议 - 获取标准的智能体间协议卡片

前提条件

1. Praesidia账户：https://praesidia.ai
从设置 → API密钥获取API密钥
在 ~/.openclaw/openclaw.json 中配置：

json
{
skills: {
entries: {
praesidia: {
apiKey: pkliveyourkeyhere,
env: {
PRAESIDIAAPIURL: https://api.praesidia.ai
}
}
}
}
}

本地开发时，使用 http://localhost:3000 作为URL。

快速参考

1. 验证智能体

用户说： 智能体chatbot-v2安全吗？ / 验证智能体chatbot-v2

你的操作：
javascript
web_fetch({
url: ${PRAESIDIAAPIURL}/agents/chatbot-v2/agent-card,
headers: {
Authorization: Bearer ${PRAESIDIAAPIKEY},
Accept: application/json
}
})

向用户展示：

- ✅ 智能体名称与描述
🛡️ 信任评分（0-100） 和信任等级
✓ 验证状态（验证日期）
🔧 能力（智能体可以做什么）
📜 合规性（SOC2、GDPR等）
🔗 智能体卡片URL

示例输出：

✅ ChatBot V2 已验证且使用安全！

信任评分：92.5/100（已验证）
状态：活跃
能力：message:send, task:create, data:analyze
合规性：SOC2, GDPR
上次验证：2天前

智能体卡片：https://api.praesidia.ai/agents/chatbot-v2/agent-card

2. 列出智能体的防护栏

用户说： 我的智能体配置了哪些防护栏？ / 显示chatbot-v2的安全策略

你的操作：
javascript
// 首先，从用户资料或上下文中获取用户组织ID
// 然后获取防护栏
web_fetch({
url: ${PRAESIDIAAPIURL}/organizations/${orgId}/guardrails?agentId=${agentId},
headers: {
Authorization: Bearer ${PRAESIDIAAPIKEY},
Accept: application/json
}
})

向用户展示：

- 防护栏列表，包含：

- 名称和描述
- 类型（规则、机器学习、大语言模型）
- 类别（内容、安全、合规等）
- 操作（阻止、警告、编辑、替换）
- 范围（输入、输出、两者）
- 启用状态
- 触发次数

示例输出：

为ChatBot V2找到3个防护栏：

1. PII检测（已启用）

- 类型：机器学习 | 类别：安全 - 范围：两者（输入和输出） - 操作：编辑敏感数据 - 触发次数：45次

2. 有害语言过滤器（已启用）

- 类型：规则 | 类别：内容 - 范围：两者 - 操作：阻止有害内容 - 触发次数：12次

3. 财务建议警告（已启用）

- 类型：大语言模型 | 类别：合规 - 范围：仅输出 - 操作：检测到则警告 - 触发次数：3次

3. 获取可用的防护栏模板

用户说： 有哪些可用的防护栏模板？ / 显示安全模板

你的操作：
javascript
web_fetch({
url: ${PRAESIDIAAPIURL}/organizations/${orgId}/guardrails/templates,
headers: {
Authorization: Bearer ${PRAESIDIAAPIKEY},
Accept: application/json
}
})

可用模板：

内容审核：

- TOXICLANGUAGE - 检测有毒/有害语言
PROFANITYFILTER - 过滤脏话
HATESPEECH - 检测仇恨言论
VIOLENCEDETECTION - 检测暴力内容
ADULT_CONTENT - 过滤成人内容

安全：

- PIIDETECTION - 检测个人身份信息
CREDITCARDDETECTION - 检测信用卡号
SSNDETECTION - 检测社会安全号码
APIKEYDETECTION - 检测泄露的API密钥
PROMPTINJECTION - 检测提示注入攻击
JAILBREAKDETECTION - 检测越狱尝试

合规：

- FINANCIALADVICE - 标记财务建议
MEDICALADVICE - 标记医疗建议
LEGALADVICE - 标记法律建议
GDPRCOMPLIANCE - 执行GDPR规则
HIPAA_COMPLIANCE - 执行HIPAA规则

品牌安全：

- COMPETITORMENTIONS - 检测竞争对手提及
POSITIVETONE - 确保积极语气
BRANDVOICE - 维护品牌声音
OFFTOPIC_DETECTION - 检测离题回复

准确性：

- HALLUCINATIONDETECTION - 检测幻觉
FACTCHECKING - 验证事实
SOURCEVALIDATION - 验证来源
CONSISTENCYCHECK - 检查一致性

4. 为智能体应用防护栏

用户说： 为我的聊天机器人添加PII检测 / 为智能体xyz应用有害语言过滤器

你的操作：
javascript
web_fetch({
url: ${PRAESIDIAAPIURL}/organizations/${orgId}/guardrails,
method: POST,
headers: {
Authorization: Bearer ${PRAESIDIAAPIKEY},
Content-Type: application/json
},
body: JSON.stringify({
name: PII检测,
description: 自动检测并编辑PII,
agentId: ${agentId},
template: PII_DETECTION,
type: ML,
category: SECURITY,
scope: BOTH,
action: REDACT,
severity: HIGH,
isEnabled: true,
priority: 0
})
})

防护栏选项：

类型：

- RULE - 简单正则/关键词匹配（快速）
ML - 机器学习模型（平衡）
LLM - 大语言模型驱动验证（最准确）

类别：

- CONTENT - 内容审核
SECURITY - 安全检查
COMPLIANCE - 法规合规
BRAND - 品牌安全
ACCURACY - 准确性检查
CUSTOM - 自定义规则

范围：

- INPUT - 仅验证用户输入
OUTPUT - 仅验证智能体输出
BOTH - 双向验证

操作：

- BLOCK - 完全阻止请求/响应
WARN - 记录警告但允许通过
REDACT - 屏蔽违规内容
REPLACE - 替换为替代内容
RETRY - 使用修改后的提示重试
ESCALATE - 升级到人工审核

严重性：

- LOW、MEDIUM、HIGH、CRITICAL

5. 根据防护栏验证内容

用户说： 检查这条消息是否通过防护栏：[内容]

你的操作：
javascript
web_fetch({
url: ${PRAESIDIAAPIURL}/organizations/${orgId}/guardrails/validate,
method: POST,
headers: {
Authorization: Bearer ${PRAESIDIAAPIKEY},
Content-Type: application/json
},
body: JSON.stringify({
content: 用户的消息在这里,
agentId: ${agentId},
scope: INPUT
})
})

响应显示：

- 内容是否通过或失败
哪些防护栏被触发
建议的操作（阻止、编辑、警告）
修改后的内容（如果应用了编辑）

6. 发现公开智能体

用户说： 查找公开的数据分析智能体 / 显示聊天机器人智能体

你的操作：
javascript
web_fetch({
url

PraesidiaAI代理验证

Praesidia

Praesidia Agent Identity, Verification & Guardrails

Core Capabilities

Prerequisites

Quick Reference

1. Verify an Agent

2. List Guardrails for an Agent

3. Get Available Guardrail Templates

4. Apply a Guardrail to an Agent

5. Validate Content Against Guardrails

6. Discover Public Agents

7. List User's Agents

Trust Levels Guide

Error Handling

API Endpoints

GET /agents/:id/agent-card

GET /agents/discovery

Guardrails Best Practices

Best Practices

Common User Patterns

Pattern 1: Safety Check

Pattern 2: Capability Discovery

Pattern 3: Fleet Management

Pattern 4: Apply Security

Pattern 5: Compliance Check

Environment Variables

Additional Resources

Security & Privacy

Praesidia 智能体身份、验证与防护栏

核心能力

前提条件

快速参考

1. 验证智能体

2. 列出智能体的防护栏

3. 获取可用的防护栏模板

4. 为智能体应用防护栏

5. 根据防护栏验证内容

6. 发现公开智能体

标签

通过对话安装

方式一：安装 SkillHub 和技能

方式二：设置 SkillHub 为优先技能安装源

通过命令行安装

下载

相关推荐

self-improvement

self-improvement

self-improvement

self-improvement