{"skill":{"slug":"trust-my-agent-ai","displayName":"TrustMyAgent","summary":"πŸ›‘οΈ TrustMyAgent - Security posture monitoring for AI agents. Runs 41 stateless checks across 14 domains and calculates a trust score (0-100). Supports local...","description":"---\nname: trustmyagent\ndescription: πŸ›‘οΈ TrustMyAgent - Security posture monitoring for AI agents. Runs 41 stateless checks across 14 domains and calculates a trust score (0-100). Supports local-only mode (no network calls) and dry-run mode (preview before sending).\nversion: 1.0\nauthor: Anecdotes AI Labs\nlicense: MIT\nhomepage: https://www.trustmyagent.ai\nrepository: https://github.com/Anecdotes-Yair/trust-my-agent-ai\nmetadata:\n openclaw:\n emoji: \"πŸ›‘οΈ\"\n category: security\n tags:\n - security\n - compliance\n - monitoring\n - trust\n requires:\n bins:\n - openssl\n shared: true\n install:\n - id: python3\n kind: brew\n formula: python3\n os:\n - darwin\n bins:\n - python3\n label: \"Python 3 (Homebrew)\"\n - id: python3-apt\n kind: node\n os:\n - linux\n bins:\n - python3\n label: \"Python 3 (system)\"\n---\n\n# πŸ›‘οΈ TrustMyAgent - Security Agent\n\n**Stateless security posture monitoring for AI agents.**\n\nTrustMyAgent runs 41 read-only security checks across 14 domains on the host machine, calculates a trust score (0-100), and optionally reports results to a public [Trust Center](https://www.trustmyagent.ai/trust-center.html) dashboard. It is fully stateless β€” no files are written, no state is persisted, and no background processes are installed without explicit user consent.\n\n> **Open source**: All check logic is visible in `run.py` and `checks/*.json`. The full source code is at [github.com/Anecdotes-Yair/trust-my-agent-ai](https://github.com/Anecdotes-Yair/trust-my-agent-ai).\n\n## Setup\n\nWhen the user asks to set up TrustMyAgent, walk them through the following steps. **Present each step to the user and wait for their approval before executing.** Do not run commands silently or skip user confirmation.\n\n### Step 1: Verify Python 3\n\nCheck that Python 3 is available:\n\n```bash\npython3 --version\n```\n\nIf Python 3 is not installed, ask the user before installing it:\n- macOS: `brew install python3`\n- Linux: `sudo apt-get install python3` or `sudo apk add python3`\n\n### Step 2: Run a dry-run assessment\n\nRun the security assessment in **dry-run mode** first so the user can review the results before any data leaves the machine:\n\n```bash\npython3 {baseDir}/run.py --dry-run\n```\n\nThis runs all 41 checks and prints the full telemetry payload that *would* be sent β€” but sends nothing. Show the user the results and let them review:\n\n- The trust score and tier\n- Which checks passed and failed\n- The exact JSON payload that would be transmitted\n\nAsk the user: **\"Would you like to send this report to the Trust Center dashboard, run in local-only mode (no network), or adjust any settings?\"**\n\n### Step 3: Run the full assessment (with user consent)\n\nIf the user approves sending telemetry:\n\n```bash\npython3 {baseDir}/run.py\n```\n\nIf the user prefers local-only mode (no telemetry sent):\n\n```bash\npython3 {baseDir}/run.py --local-only\n```\n\n### Step 4: Schedule recurring assessments (optional)\n\nAsk the user if they want to schedule automatic assessments. If they agree, suggest a cron job. The command varies by agent platform:\n\n**OpenClaw agents:**\n```bash\nopenclaw cron add --name \"πŸ›‘οΈ TrustMyAgent\" --cron \"*/15 * * * *\" --session agent:security:main --message \"Run security assessment: python3 {baseDir}/run.py\"\n```\n\n**Other agents / standalone:**\n```bash\n# Add to system crontab (runs every 15 minutes)\n(crontab -l 2>/dev/null; echo \"*/15 * * * * python3 {baseDir}/run.py --quiet\") | crontab -\n```\n\n> The user can choose any interval or skip scheduling entirely.\n\n## What Data Is Sent\n\nWhen telemetry is enabled (the default), the following data is sent via HTTPS POST to `https://www.trustmyagent.ai/api/telemetry`:\n\n| Field | Example | Purpose |\n|-------|---------|---------|\n| `agent.id` | `sha256(hostname)` | Unique identifier (derived from hostname hash, not the hostname itself) |\n| `agent.name` | `\"My Agent\"` | Display name (from IDENTITY.md or env var) |\n| `agent.platform` | `\"darwin\"` | OS type (darwin/linux) |\n| `agent.detected_env` | `\"macos_arm64\"` | Runtime environment label |\n| `posture.trust_tier` | `\"HIGH\"` | Computed trust tier |\n| `posture.overall_score` | `92` | Numeric score 0-100 |\n| `results[]` | `{check_id, passed, status}` | Per-check pass/fail status |\n| `detections[]` | `{check_id, severity, risk}` | Failed checks with risk context |\n\n**What is NOT sent:**\n- No file contents, paths, or directory listings\n- No environment variable values (only whether secret-like patterns exist)\n- No process names, PIDs, or command lines\n- No network traffic, IP addresses, or hostnames\n- No credentials, tokens, or API keys\n- No conversation transcripts or user data\n\nThe telemetry endpoint and all check logic are open source. You can verify exactly what is transmitted by using `--dry-run` mode.\n\n### Opting out of telemetry\n\nUse `--local-only` to run all checks without any network calls:\n\n```bash\npython3 {baseDir}/run.py --local-only\n```\n\nThis gives you the full security assessment locally without sending anything.\n\n## How It Works\n\n1. **`run.py` executes on the host** β€” triggered manually, by cron, or by agent heartbeat\n2. **41 security checks run** using bash commands and Python sensors (all read-only)\n3. **Trust score is calculated** (0-100) based on pass/fail results and severity weighting\n4. **Results are displayed** locally in the terminal\n5. **(Optional) Telemetry is sent** to the Trust Center dashboard via HTTPS\n\nNo files are written locally. No state is persisted on the agent machine.\n\n## Security Domains\n\n| Domain | Checks | Focus |\n|--------|--------|-------|\n| **Physical Environment** | PHY-001 to PHY-005 | Disk encryption, container isolation, non-root execution |\n| **Network** | NET-001 to NET-005 | Dangerous ports, TLS/SSL, DNS, certificates |\n| **Secrets** | SEC-001 to SEC-005, MSG-005 | Env var secrets, cloud creds, private keys, conversation leaks |\n| **Code** | COD-001 to COD-004 | Git security, no secrets in repos |\n| **Logs** | LOG-001 to LOG-004 | System logging, audit readiness |\n| **Skills** | SKL-001 to SKL-005, MSG-001, MSG-003 | Skill manifests, MCP server trust |\n| **Integrity** | INT-001 to INT-005, MSG-002, MSG-006 | Backdoors, browser abuse, suspicious tool calls, URL reputation |\n| **Social Guards** | SOC-001 to SOC-006, MSG-004 | Action logging, session transparency, Moltbook integrity, owner reputation |\n| **Incident Prevention** | INC-001 to INC-005 | Process spawning, system load, port scanning |\n| **Node Security** | NODE-001 to NODE-005 | Remote execution approval, token permissions, exec allowlists |\n| **Media Security** | MEDIA-002 to MEDIA-003 | Temp directory permissions, file type validation |\n| **Gateway Security** | GATEWAY-001 to GATEWAY-002 | Binding address, authentication |\n| **Identity Security** | IDENTITY-001 to IDENTITY-002 | DM pairing allowlist, group chat allowlist |\n| **SubAgent Security** | SUBAGENT-001 to SUBAGENT-002 | Concurrency limits, target allowlists |\n\n## Check Types\n\n### Bash checks (20 checks)\nDefined in `checks/openclaw_checks.json`. Each check runs a shell command and evaluates the output against a `pass_condition` (`equals`, `contains`, `not_contains`, `exit_code_zero`, etc.).\n\n### Python/Message-based checks (21 checks)\nDefined in `checks/message_checks.json` and `checks/nodes_media_checks.json`. These are programmatic sensors that analyze secrets, session transcripts, MCP configs, skill manifests, and more.\n\n### Platform Support\nChecks auto-detect macOS vs Linux and use platform-appropriate commands. Checks can declare `\"platforms\": [\"linux\"]` to be gracefully skipped on unsupported platforms.\n\n## Trust Tiers\n\n| Tier | Score | Label |\n|------|-------|-------|\n| HIGH | 90-100 | Ready for Business |\n| MEDIUM | 70-89 | Needs Review |\n| LOW | 50-69 | Elevated Risk |\n| UNTRUSTED | 0-49 | Critical Security Gaps |\n\nAny critical-severity failure caps the score at 49 (UNTRUSTED). Three or more high-severity failures cap at 69 (LOW).\n\n## Command Line Options\n\n| Flag | Description |\n|------|-------------|\n| `--checks`, `-c` | Path to custom checks JSON file |\n| `--timeout`, `-t` | Timeout per check in seconds (default: 30) |\n| `--quiet`, `-q` | Minimal output |\n| `--json`, `-j` | Output structured JSON to stdout |\n| `--dry-run` | Run all checks and display the telemetry payload, but do not send it |\n| `--local-only` | Run all checks locally without any network calls |\n| `--no-notify` | Skip agent notifications for detections |\n\n## Configuration\n\n| Source | Description | Default |\n|---------------------|-------------|---------|\n| `IDENTITY.md` | Agent display name (read from `# Name` section) | `\"Agent\"` |\n| `OPENCLAW_AGENT_NAME` env var | Overrides IDENTITY.md name | β€” |\n| `OPENCLAW_AGENT_ID` env var | Agent identifier | SHA256 of hostname |\n| `TRUSTMYAGENT_TELEMETRY_URL` env var | Server endpoint | `https://www.trustmyagent.ai/api/telemetry` |\n\n## Files\n\n```\nAgent/\nβ”œβ”€β”€ SKILL.md # This file\nβ”œβ”€β”€ run.py # Main entry point (stateless runner)\n└── checks/\n β”œβ”€β”€ openclaw_checks.json # 20 bash-based security checks\n β”œβ”€β”€ message_checks.json # 10 Python-based message/secret sensors\n β”œβ”€β”€ nodes_media_checks.json # 11 infrastructure checks\n └── detection_kb.json # Risk descriptions and remediation guidance\n```\n\n## Architecture\n\n```\nβ”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”\nβ”‚ Agent Host β”‚ POST /api/telemetry β”‚ πŸ›‘οΈ TrustMyAgent β”‚\nβ”‚ β”‚ ────────────────────────────► β”‚ Server β”‚\nβ”‚ run.py β”‚ (only when telemetry enabled) β”‚ (Cloudflare) β”‚\nβ”‚ β”œβ”€ bash checks β”‚ β”‚ β”œβ”€ R2 storage β”‚\nβ”‚ └─ python checksβ”‚ β”‚ β”œβ”€ agents index β”‚\nβ”‚ β”‚ β”‚ └─ trend historyβ”‚\nβ”‚ (no local state)β”‚ β”‚ β”‚\nβ””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜\n β”‚\n trust-center.html\n (public dashboard)\n```\n\n## Privacy & Trust\n\n- **Open source**: All code is MIT-licensed and publicly auditable at [github.com/Anecdotes-Yair/trust-my-agent-ai](https://github.com/Anecdotes-Yair/trust-my-agent-ai)\n- **Stateless**: No files written, no state persisted, no background processes installed without consent\n- **Opt-in telemetry**: Use `--local-only` to run entirely offline, or `--dry-run` to preview before sending\n- **No secrets transmitted**: Checks detect the *presence* of issues, never transmit actual secret values\n- **Transparent payload**: The `--dry-run` flag shows the exact JSON that would be sent\n- **Server**: Operated by [Anecdotes AI](https://anecdotes.ai), a GRC (Governance, Risk, Compliance) company. Server code is at [github.com/Anecdotes-Yair/trust-my-agent-ai-website](https://github.com/Anecdotes-Yair/trust-my-agent-ai-website)\n\n## Credits\n\nBuilt by [Anecdotes AI](https://anecdotes.ai) for the AI agent ecosystem.\n","tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":605,"installsAllTime":1,"installsCurrent":1,"stars":0,"versions":1},"createdAt":1772110632756,"updatedAt":1778491649051},"latestVersion":{"version":"1.0.0","createdAt":1772110632756,"changelog":"Initial release of TrustMyAgent – security posture monitoring for AI agents.\n\n- Runs 41 stateless, read-only security checks across 14 domains.\n- Calculates and displays a trust score (0–100) and detailed pass/fail status for each check.\n- Supports dry-run mode for previewing results before sending, and local-only mode for full privacy (no network calls).\n- Guides users interactively through setup, running assessments, telemetry options, and optional scheduled scans.\n- All check logic and telemetry data formats are fully open source and transparent.","license":null},"metadata":{"setup":[],"os":null,"systems":null},"owner":{"handle":"anecdotes-yair","userId":"s178f95yqy2c09jnyvv679naks885378","displayName":"Anecdotes-Yair","image":"https://avatars.githubusercontent.com/u/66201365?v=4"},"moderation":{"isSuspicious":false,"isMalwareBlocked":false,"verdict":"clean","reasonCodes":["review.llm_review"],"summary":"Review: review.llm_review","engineVersion":"v2.4.24","updatedAt":1779962208085}}