0.protocol
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is coherent, but it connects your agent to a remote identity service where signed claims and handoffs can become public and persistent.
Install this only if you want your agent to use 0protocol’s remote MCP service for signed attestations and handoffs. Review each claim or transfer before sending it, especially when visibility is public or the payload contains task context.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent will rely on a remote provider for the signing, ownership, and transfer tools.
The skill instructs users to connect mcporter to a remote MCP server; this is expected for the service, but the server implementation is outside the provided local artifact.
"baseUrl": "https://mcp.0protocol.dev/mcp"
Verify that the MCP endpoint and GitHub project are the provider you intend to trust before adding the configuration.
Signed statements can be attributed to your agent identity and may affect how others interpret that agent’s actions.
The skill creates or uses an agent identity key to sign statements, which is central to its purpose but gives outputs identity weight.
**Authorship** | Ed25519 signatures. Agent generates keypair locally.
Use the signing tools only for claims you are comfortable associating with the agent identity.
Mistaken, sensitive, or overly broad claims may remain linked to the agent identity for a long time.
The artifacts disclose persistent, identity-linked records; persistent claims can be reused or over-trusted later if inaccurate or too broad.
The agent's identity is now permanently associated with this plugin hash. This survives restarts, platform changes, and credential rotation.
Keep claim payloads minimal, non-sensitive, and verifiable before publishing them to the expression log.
Context transferred to another agent or marked public could reveal task details or other information included in the payload.
The skill supports agent-to-agent handoffs, including payload context and public visibility in the example, which is expected but can expose shared context.
`transfer` | Authenticated handoff with server-witnessed receipt
Confirm the recipient, visibility setting, and payload contents before using transfer, and avoid including secrets or private data.