ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Chain of Consciousness

v0.1.1

Cryptographic provenance and audit trail for autonomous AI agents. Create tamper-evident hash chains of agent decisions, learning, and actions. SHA-256 linke...

0· 52·0 current·0 all-time
by@alexfleetcommander
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description match the behavior in SKILL.md: creating/verifying hash chains and optional timestamp anchoring. Declared requirements (python3 and pip/pip3) are appropriate for a Python CLI/library and no unrelated credentials or binaries are requested.
Instruction Scope
Runtime instructions are narrowly scoped to initializing, adding, verifying, exporting, and anchoring local chain files via the 'coc' CLI or Python API. The skill reads and writes chain files you specify; optional anchoring calls out network services (OpenTimestamps / RFC 3161) which is expected. The instructions do not ask the agent to sweep unrelated system files, environment variables, or secrets.
Install Mechanism
There is no install spec in the registry; SKILL.md instructs the user to 'pip install chain-of-consciousness' from PyPI. Installing a third‑party PyPI package is a normal choice but carries moderate risk because arbitrary code can execute at install/runtime. The instruction to use PyPI is coherent but you should inspect the package and its provenance before installing.
Credentials
The skill declares no environment variables, credentials, or config paths. The operations described (file-based chains, optional timestamp requests) do not require secrets and the declared requirements are proportionate to the functionality.
Persistence & Privilege
Skill is user-invocable and not forced-always. disable-model-invocation is false (normal). It does not request persistent system-wide privileges or modify other skills' configs. The only noteworthy persistence is installing a PyPI package into the environment if the user follows the instructions.
Assessment
This skill appears to do what it says, but it depends on a third‑party PyPI package. Before installing or allowing the agent to run it: 1) Inspect the 'chain-of-consciousness' PyPI package page, source repository, maintainer, and release history; 2) Review the package source code (or prefer an audited release) to ensure no unexpected network exfiltration or telemetry; 3) Install into an isolated virtual environment (venv/container) rather than your system Python; 4) If you plan to use external timestamping (OpenTimestamps/RFC 3161), verify the third‑party services and consider privacy implications; 5) Limit the agent's filesystem access to directories you explicitly permit (keep chains in a controlled workspace); and 6) If you need higher assurance, ask for the package checksum or a reproducible build and/or request the skill author to provide source tarball links and signatures.

Like a lobster shell, security has layers — review code before you run it.

latestvk9733f7m2vv3qn59dj49a2ys3h849ahz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
Any binpip, pip3

Comments