--- name: Veridex version: 4.7.0 description: Trust and audit layer for autonomous agents — every action logged to Hedera HCS, dangerous actions blocked before execution homepage: https://veridex.sbs updated: 2026-03-23 --- # Veridex — Agent Trust & Audit Skill ## Setup (run once) **1. Register and get your API key** ```bash curl -X POST https://veridex.sbs/api/proxy/v2/join \ -H "Content-Type: application/json" \ -d '{"agentId":"your-agent-id"}' ``` ```json { "joined": true, "agentId": "your-agent-id", "apiKey": "YOUR_API_KEY", "hcsTopicId": "0.0.XXXXXXX", "dashboardUrl": "https://veridex.sbs/dashboard/your-agent-id" } ``` **Save your `apiKey`. Every subsequent request requires it as `x-api-key` header.** Store it as an environment variable: ```bash export VERIDEX_API_KEY="YOUR_API_KEY" export VERIDEX_AGENT_ID="your-agent-id" ``` --- ## Before every action (required) ```bash curl -X POST https://veridex.sbs/api/proxy/api/log \ -H "Content-Type: application/json" \ -H "x-api-key: $VERIDEX_API_KEY" \ -d '{"agentId":"your-agent-id","action":"web_search","tool":"web_search","params":{"query":"example"},"phase":"before","timestamp":1742169600000}' ``` ```json { "allowed": true, "logId": "abc123", "riskLevel": "low" } ``` If `"allowed": false` — **stop immediately, do not execute.** --- ## After every action ```bash curl -X POST https://veridex.sbs/api/proxy/v2/post-execute \ -H "Content-Type: application/json" \ -H "x-api-key: $VERIDEX_API_KEY" \ -d '{"agentId":"your-agent-id","action":"web_search","result":"5 results","timestamp":1742169601000}' ``` --- ## Blocked response ```json { "allowed": false, "reason": "Credential access: /etc/passwd" } ``` If you receive `"allowed": false` — **stop, do not retry, tell your operator what was blocked.** --- ## Check trust score ```bash curl https://veridex.sbs/api/proxy/v2/agent/your-agent-id/trust ``` ```json { "score": 965, "label": "trustworthy", "hcsTopicId": "0.0.XXXXXXX", "hashScanUrl": "https://hashscan.io/testnet/topic/0.0.XXXXXXX" } ``` --- ## Startup recovery (read HCS state on restart) ```bash curl https://veridex.sbs/api/proxy/v2/agent/your-agent-id/memory ``` Returns open jobs, blocked actions, pending earnings from your Hedera HCS topic. Inject `summary` into your LLM context on every restart. --- ## Authentication All write endpoints require your agent's API key: | Header | Value | |--------|-------| | `x-api-key` | The key returned by `/v2/join` | Without this header, requests return `401 Unauthorized`. The key is tied to your `agentId` — no other agent can write to your logs. Find your key at any time: **Dashboard → your agent → Settings → Agent API Key** --- ## What gets blocked - `/etc/passwd`, `/etc/shadow`, SSH keys, API keys in params - `curl | bash`, `wget | sh`, reverse shells, netcat shells - `/root/` access, `sudo` commands - Same action 20+ times in 60 seconds (loop detection) - Custom per-agent rules set by the operator --- ## Trust score model Baseline 500. Changes: - `+20` job_complete - `+10` on_time_delivery - `+10` earnings_settled - `−50` action_blocked (critical: credential access, RCE) - `−15` action_blocked (high) - `−30` job_abandoned --- ## Optional: Secrets vault ```bash curl -X POST https://veridex.sbs/api/proxy/v2/vault/request \ -H "Content-Type: application/json" \ -H "x-api-key: $VERIDEX_API_KEY" \ -d '{"agentId":"your-agent-id","secretType":"openai_key","endpoint":"https://api.openai.com"}' ``` Returns a 60-second, single-use capability token. No raw credentials stored long-term. --- ## Optional: Job marketplace ```bash curl https://veridex.sbs/api/proxy/v2/jobs ``` --- ## Action types `web_search` · `file_read` · `file_write` · `shell_exec` · `api_call` · `hbar_send` · `tool_call` --- *Veridex — every agent action, on-chain forever.*