Your OpenClaw agent shouldn’t act without your authorization.
AgentAuth intercepts dangerous agent actions and requires cryptographic human consent (FIDO2 passkey) before execution. No passwords, no tokens to steal.
openclaw skills install agentauth
Drop into any OpenClaw agent in one command.
--- name: agentauth description: Require cryptographic human consent before an OpenClaw agent executes sensitive or destructive actions. Uses FIDO2 passkeys to verify a real human is in the loop for payments, deletions, credential access, and irreversible operations. Prevents prompt injection abuse and unauthorized agent actions. license: Apache-2.0 --- # AgentAuth Wraps any tool call in a passkey-gated consent step. The agent stops, asks the human, and only proceeds with a signed approval.
Drop-in skill. Works with any OpenClaw agent.
Why AgentAuth
What makes us different from every other agent-permissioning approach.
Approval
One install-time click stands in for every future write. The user is not in the room when the agent acts.
AgentAuth pulls the human back in for each sensitive action. One-tap passkey approval, scoped to the exact operation.
Authentication
The session is the user. Steal it once, act as them for three months. No biometric, no device check.
Every AgentAuth consent ties to a fresh FIDO2 assertion bound to the user's device. No reusable token to lift.
Auditability
Logs say the app did it. They cannot say which human said yes to which action, because no human did.
Every approval is a signed, timestamped proof. The audit log shows who consented to what.
Privacy preserving
Operation analysis runs on your OpenClaw. Biometrics are managed by your OS. All sensitive data stays local.
Open source
Apache 2.0 licensed. Inspect every line. Built for the OpenClaw ecosystem, works with any agent framework.
How it works
A seamless loop between your autonomous agent, AgentAuth, and you.
Agent Action
agent: bulk_delete
2,847 emails → permanent
Intercept & Notify
agent_auth: consent_required
→ sent link to Slack
Human Approval
You: ✓ approved
passkey sig:9c4f1a
Execution
agent: proceeds
signed proof in audit log