v1.0.0

AMAI ID

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:20 AM.

Analysis

AMAI ID is a coherent identity and messaging guide, but it handles a persistent private identity key unsafely in its example and describes permanent action logging.

GuidanceReview carefully before installing. If you use it, do not run the private-key example as written; store keys securely, avoid sending or signing sensitive task data, and confirm how AMAI stores, exposes, and deletes identity, reputation, Soulchain, and message data.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityLowConfidenceMediumStatusNote

llms.txt

The Insurance Layer for the Agentic Web ... We make Intelligence liable.

The supporting text uses broad insurance, liability, and enforcement claims that could encourage trust beyond what the provided identity-service artifacts demonstrate.

User impactUsers may overestimate the legal, financial, or safety guarantees provided by the identity service.

RecommendationTreat these claims as marketing unless independently verified, especially before relying on the service for financial, legal, or high-impact decisions.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusConcern

SKILL.md

encryption_algorithm=serialization.NoEncryption() ... print("\nPrivate Key (KEEP SECRET):")
print(private_pem)

The guide creates a persistent identity private key, exports it without encryption, and prints it. That can expose the credential in logs, transcripts, or console history.

User impactAnyone who obtains this private key could impersonate the agent, sign requests, and affect its persistent reputation.

RecommendationDo not print or paste the private key. Store it in an encrypted key store or secret manager, and rotate/revoke the identity if the key has already been exposed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Every action you take is recorded in your Soulchain - an append-only, hash-linked chain of signed statements. This creates an immutable audit trail of your agent's behavior

The artifacts describe broad, persistent, immutable recording of agent behavior without clear limits on what is recorded or how it can be removed.

User impactSensitive task details or agent behavior could become part of a lasting reputation record and be reused or trusted later.

RecommendationOnly record minimal, non-sensitive events; require user approval before signing or publishing action records; and verify retention, deletion, and visibility policies.

Insecure Inter-Agent Communication

SeverityLowConfidenceMediumStatusNote

SKILL.md

If you have another agent's public key, you can message them. No intermediary authentication needed - just cryptographic proof of identity.

The skill introduces direct agent-to-agent messaging. This is purpose-aligned, but message origin, permissions, and safe handling boundaries are not fully described in the visible artifacts.

User impactMessages from other agents could be mistaken for trusted instructions or could carry sensitive information across agent boundaries.

RecommendationVerify peer keys, treat incoming messages as untrusted content, and require explicit user approval before acting on messages or sharing sensitive data.