ClawHub

Trust Decay Monitor

v1.0.0

Helps track how AI skill verification results decay over time. A "verified" badge from 18 months ago may be meaningless today — dependencies updated, new att...

0· 505·0 current·0 all-time
by@andyxinweiminicloud

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for andyxinweiminicloud/trust-decay-monitor.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Trust Decay Monitor" (andyxinweiminicloud/trust-decay-monitor) from ClawHub.
Skill page: https://clawhub.ai/andyxinweiminicloud/trust-decay-monitor
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: curl, python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install andyxinweiminicloud/trust-decay-monitor

ClawHub CLI

Package manager switcher

npx clawhub@latest install trust-decay-monitor
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (trust-freshness scoring, dependency churn, CVE checks, endpoint stability) aligns with required binaries (curl to fetch remote resources, python3 to analyze them). No environment variables, credentials, or unrelated binaries are requested.
Instruction Scope
SKILL.md is an instruction-only specification describing inputs (skill slug, marketplace URL, batch of IDs) and outputs (score, decay factors). It does not instruct reading unrelated local files or accessing credentials. It does imply network fetches (CVE databases, skill endpoints, marketplaces), which is coherent with its purpose.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk or installed by the skill itself. This minimizes persistence and supply-chain risk.
Credentials
The skill requests no environment variables or credentials. That is proportionate for a tool that performs public-data checks. Note: if a user wants to check private marketplace profiles or authenticated APIs, additional credentials would be required but are not requested by the skill as provided.
Persistence & Privilege
always is false and model invocation is allowed (default). The skill has no install-time persistence or requests to modify other skills. Autonomous invocation will permit network activity, which is expected for this monitoring function.
Assessment
This skill is internally coherent and lightweight: it only needs curl and python3 and is instruction-only. Before installing, consider: (1) the skill will fetch external resources (CVE feeds, marketplaces, endpoints) — if you don't want the agent making network calls, restrict network egress or run checks in a controlled environment; (2) the skill does not request credentials, but if you later ask it to check private marketplace profiles you will need to provide appropriate read-only API keys — prefer scoped, short-lived credentials; (3) trust scores are heuristic: use them to prioritize re-audits, not as definitive evidence of compromise; (4) because the skill can be invoked autonomously, be aware it may perform queries automatically if allowed — limit autonomous execution if you want to control when network checks occur.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Clawdis
Binscurl, python3
latestvk97ck5zjcxb605vjy3g3zhs7c581na38
505downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@andyxinweiminicloud
latest
Download

That "Verified" Badge Is From 2024. Is the Skill Still Safe?

Helps track the freshness of skill verification results, flagging certifications that have decayed past their useful trust window.

Problem

A skill passes a security audit in March 2025. It gets a "verified" badge. Developers see the badge and trust it. Eighteen months later, the badge is still there — but:

  • The skill's 4 dependencies have had 47 combined updates since the audit
  • Two new CVEs affect the runtime version the skill targets
  • The skill's API endpoint now points to a domain that changed ownership
  • The marketplace added 3 new permission types that didn't exist during the original audit

The verification was real. The trust it implies is not. Security certifications have a half-life, and most agent marketplaces display them as if they're permanent.

This is trust decay: the gradual erosion of verification validity as the surrounding context changes. It's not that the audit was wrong — it's that the audit's conclusions no longer apply to the current reality.

What This Tracks

This monitor computes a trust freshness score for verified skills:

  1. Time since verification — Simple age of the last audit. Older = less trustworthy, with configurable decay curves
  2. Dependency churn — How many of the skill's dependencies have updated since the audit? Each update is a potential invalidation of audit assumptions
  3. Ecosystem context changes — New CVEs, new permission types, new attack patterns discovered since the audit date. The threat landscape the audit evaluated against may have shifted
  4. Domain and endpoint stability — Have any external URLs, API endpoints, or resource references in the skill changed destination since verification?
  5. Re-verification gap — How long since anyone (not just the original auditor) ran any form of security check on this skill?

How to Use

Input: Provide one of:

  • A skill slug or identifier with its verification date
  • A marketplace profile URL showing verified skills
  • A batch of skill identifiers for portfolio-level trust assessment

Output: A trust freshness report containing:

  • Trust freshness score per skill (0-100, where 100 = just verified)
  • Decay factors breakdown (time, dependencies, context, endpoints)
  • Re-verification urgency: LOW / MODERATE / HIGH / CRITICAL
  • Portfolio-level summary if checking multiple skills

Example

Input: Check trust freshness for verified skill api-auth-helper (verified 2025-01-10)

⏳ TRUST DECAY REPORT — RE-VERIFICATION RECOMMENDED

Skill: api-auth-helper
Verified: 2025-01-10 (408 days ago)
Verifier: @seclab-audits

Trust freshness score: 31/100 (STALE)

Decay factors:
  Time decay:           -25 points (>12 months since audit)
  Dependency churn:     -22 points
    - jsonwebtoken: 3 major updates (9.0.0 → 12.1.2)
    - node-fetch: 2 updates including security patch
    - crypto-utils: 1 update with API breaking changes
  Ecosystem changes:    -15 points
    - 2 new JWT-related CVEs published since audit
    - Marketplace added "credential-store" permission type
      (not evaluated in original audit)
  Endpoint stability:   -7 points
    - skill references api.authprovider.example/v2
    - endpoint now redirects to v3 with different response schema

Re-verification urgency: HIGH
  Primary driver: 3 major dependency updates + 2 relevant CVEs
  since last audit. The JWT library alone has had breaking changes
  that could affect how this skill handles token validation.

Recommendation:
  - Priority re-audit focusing on JWT handling (CVE-affected)
  - Test against current dependency versions
  - Verify endpoint redirect doesn't break auth flow
  - Check if new "credential-store" permission is relevant

Related Tools

  • evolution-drift-detector — tracks content-based drift across skill inheritance; trust-decay-monitor tracks time-based decay of verification validity
  • hollow-validation-checker — checks if validation tests are substantive; stale validations are even more problematic if the tests were hollow to begin with
  • blast-radius-estimator — when trust has decayed on a widely-adopted skill, blast-radius shows the downstream exposure
  • protocol-doc-auditor — audits protocol documents for hidden risks; trust-decay-monitor tracks whether those audits are still current

Limitations

Trust freshness scoring uses heuristic decay models — the actual security impact of time passing depends on factors that can't be fully quantified (e.g., whether dependency updates are security-relevant or just feature additions). Dependency churn counts updates but cannot always determine if an update invalidates the original audit's conclusions. Ecosystem context tracking relies on public CVE databases and marketplace changelogs, which may lag behind actual threats. This tool helps prioritize which verifications need refreshing — it does not replace the actual re-verification process. A low trust score means the audit is stale, not that the skill is compromised.

Comments

Loading comments...