ClawHub

0.protocol

v0.1.0

Sign plugins, rotate agent credentials without losing identity, and publicly attest to plugin behavior with verifiable claims and authenticated transfers.

0· 826·3 current·3 all-time
by@0isone
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The description promises signing, credential rotation, and attestations. The SKILL.md only instructs use of the mcporter CLI against an MCP endpoint (mcp.0protocol.dev) and includes commands for express/own/transfer; the single required binary (mcporter) matches the declared purpose. No unrelated credentials, binaries, or system-level access are requested.
Instruction Scope
Runtime instructions are narrowly scoped: add an entry to config/mcporter.json and run mcporter call commands. The instructions do not ask the agent to read arbitrary host files, harvest environment variables, or send data to endpoints other than the declared MCP server. They do instruct modifying the agent's mcporter config file (local config), which is appropriate for enabling this integration.
Install Mechanism
This is an instruction-only skill with no install spec or embedded code. That minimizes on-disk risk. The SKILL.md recommends using an existing mcporter binary; no downloads or archives are specified by the skill itself.
Credentials
The skill declares no required environment variables, no credentials, and no config paths in the registry metadata. The instructions likewise do not require secrets. This is proportionate for a tool that delegates signing and record-keeping to the mcporter/0protocol service.
Persistence & Privilege
The skill is not forced-always; it is user-invocable and may be invoked autonomously (platform default). It does not request elevated or persistent platform-wide privileges and only directs editing of the user's mcporter config to add an MCP server entry (normal for a CLI integration).
Assessment
This skill is coherent: it simply documents how to configure and call the mcporter CLI to record signed expressions on the 0protocol MCP. Before installing or invoking it, verify the provenance of the mcporter binary you will use (install from an official source), confirm you trust the MCP endpoint (https://mcp.0protocol.dev) and the 0isone GitHub project, and be aware that enabling it involves adding an entry to your mcporter config (config/mcporter.json). If you expect local keypairs to be generated, decide whether you want those keys managed locally or under your control. If you have sensitive data, review what payloads you send to the MCP server since those expressions are recorded on the service. If anything is unclear, inspect the referenced GitHub repo and API docs before enabling the skill.

Like a lobster shell, security has layers — review code before you run it.

identityvk972mng14ap2gkwp6ka6fn203s814hwylatestvk972mng14ap2gkwp6ka6fn203s814hwymcpvk972mng14ap2gkwp6ka6fn203s814hwysecurityvk972mng14ap2gkwp6ka6fn203s814hwy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🪪 Clawdis
Binsmcporter

Comments