Timestamp
v1.0.0Create cryptographic proofs anchoring your files' exact content and timestamp to the Bitcoin blockchain for immutable, verifiable history.
⭐ 0· 604·2 current·2 all-time
by@axhoff
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Bitcoin anchoring via OpenTimestamps) matches the provided scripts and SKILL.md. Minor note: the registry metadata lists no required binaries, but the scripts invoke an 'ots' CLI (and SKILL.md tells the user to 'pip3 install opentimestamps-client'), so an ots binary is effectively required.
Instruction Scope
SKILL.md and the scripts operate on local workspace files (MEMORY.md, SOUL.md, memory/*.md). They hash files, archive old .ots proofs, run 'ots stamp' and 'ots verify'. There are no instructions to read unrelated system files, harvest environment secrets, or transmit raw files. Network activity (contacting OpenTimestamps/calendar servers and Bitcoin network via the ots client) is expected and appropriate for the stated purpose.
Install Mechanism
No formal install spec is included (instruction-only). The README directs the user to 'pip3 install opentimestamps-client' which is a typical, low-risk step but does rely on PyPI. This is proportionate to the task; users should verify the pip package source/version before installing.
Credentials
The skill declares no required credentials or config paths. The scripts optionally honor OTS_BIN and WORKSPACE environment variables but do not require secrets or unrelated service keys. No excessive or unrelated environment access is requested.
Persistence & Privilege
The skill is not always-enabled and is user-invocable. It does not modify other skills or system-wide agent configuration. It only creates .ots proof files and local archives in the workspace, which is normal for this functionality.
Assessment
This skill appears to do what it says: it creates and verifies OpenTimestamps proofs for files. Before installing/using it, consider: (1) install the official opentimestamps-client (pip3 install opentimestamps-client) from a trusted environment (verify PyPI/package integrity), because the scripts call the 'ots' CLI; (2) the scripts operate on your local workspace and will create .ots proof files and an .ots-archive directory — add .ots-archive/ to .gitignore if you don't want archives committed; (3) stamping only sends hashes (not file contents) to calendar servers, but those commitments are visible on-chain and multiple files stamped together are linkable as noted in the SKILL.md; (4) network access is required for stamping and verification (calendar servers/Bitcoin), so run these tools where network usage is acceptable. Overall, the package is coherent and proportionate to its purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk977jyqefrs83eqakpdn440jj9816fwn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.