ClawHub

Verifiable Data

v1.0.3

Use Cryptowerk via curl to obtain service credentials, register hashes, fetch seals, and verify proofs for files or append-only records. Use when the user wa...

1· 37·0 current·0 all-time
bykmacb.eth@i001962
Security Scan
Capability signals
CryptoCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description, scripts, and required env var (CRYPTOWERK_X_API_KEY) are coherent for a Cryptowerk proof/sealing workflow. Minor inconsistency: the registry-level required binaries list only includes curl and python3, while the SKILL.md and scripts also rely on a SHA-256 tool (shasum, sha256sum, or openssl). This is likely an omission in metadata rather than malicious behavior.
Instruction Scope
SKILL.md and the included scripts constrain actions to hashing local files, writing local sidecar artifacts (.rid, .seal, .cw.json, .verify.json), and calling documented Cryptowerk endpoints. Scripts only read/write the stated files and the single env var; they do not access unrelated system paths or hidden endpoints.
Install Mechanism
This is an instruction-only skill (no installer). Provided shell/Python scripts are included in the bundle; there is no external download or archive extraction during install, which lowers risk.
Credentials
Only one environment secret is required (CRYPTOWERK_X_API_KEY) which matches the integration. The scripts also support issuing a new key via the provided issue-key endpoint; no other credentials or unrelated env vars are requested.
Persistence & Privilege
Skill does not request always:true and does not modify other skills or system-wide settings. It writes only its own local sidecar files and optional key files (when you pass an output path), which aligns with its purpose.
Assessment
This skill appears coherent for Cryptowerk-based sealing and verification. Before installing, verify you trust the Cryptowerk domains used (www.cryptowerk.com and aiagent.cryptowerk.com), ensure your environment has a SHA-256 tool (shasum/sha256sum/openssl) in addition to curl and python3, and avoid committing any issued tokens to repositories (store them with restricted permissions). Note that issuing a key may involve a payment challenge per the notes — review that behavior before running issue-key.sh. If you need stronger guarantees, inspect network calls in your environment (or run the scripts in an isolated environment) and confirm the endpoints belong to the expected provider.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binscurl, python3
EnvCRYPTOWERK_X_API_KEY
latestvk97cp2p37y7cajr3y8mn2yhp3h85afb5
37downloads
1stars
4versions
Updated 1d ago
v1.0.3
MIT-0
kmacb.eth@i001962
latest
Download

Verifiable Data

Use this skill for Cryptowerk-backed proof workflows with simple curl scripts.

Supported primitives:

  • obtain a fresh service credential
  • register a SHA-256 hash
  • fetch a seal by retrieval id
  • verify a hash against a seal

Default style:

  • shell-first
  • curl-first
  • sidecar files for local state
  • no SDK dependency

When to use

Use this skill when the user wants:

  • verifiable logs
  • proof of file existence
  • Cryptowerk sealing
  • retrieval IDs and seals stored locally
  • deterministic local artifacts for later audit

Workflow

  1. Obtain a fresh service credential with scripts/issue-key.sh
  2. Export the returned token as CRYPTOWERK_X_API_KEY
  3. Register a file hash with scripts/register-file.sh
  4. Poll for a seal with scripts/get-seal.sh
  5. Verify with scripts/verify-file.sh

Requirements

Required binaries:

  • curl
  • python3
  • one of shasum, sha256sum, or openssl

Credential handling:

  • scripts/issue-key.sh can write a fresh token to a file you choose
  • runtime scripts expect CRYPTOWERK_X_API_KEY to contain the exact combined token value
  • keep issued tokens out of watched or committed trees
  • the skill uses service credentials only for the documented proof APIs

Quick start

Obtain a fresh service credential

scripts/issue-key.sh ~/.secrets/cryptowerk.issue-key.cap
export CRYPTOWERK_X_API_KEY="$(cat ~/.secrets/cryptowerk.issue-key.cap)"

Register a file

scripts/register-file.sh /path/to/file.txt record:file.txt

Fetch a seal

scripts/get-seal.sh /path/to/file.txt.rid

Verify a file

scripts/verify-file.sh /path/to/file.txt /path/to/file.txt.seal

Local artifacts

  • <file>.rid
  • <file>.seal
  • <file>.cw.json
  • <file>.verify.json

Rules

  • Use SHA-256 over exact raw bytes.
  • Keep issued Cryptowerk tokens outside watched trees.
  • Save new keys to fresh files, do not overwrite old credentials by default.
  • Prefer deterministic lookupInfo values.
  • Default file workflow lookupInfo may be sha256:<digest> when none is supplied.
  • Persist failures locally instead of silently discarding them.

References

Read these when needed:

  • references/cryptowerk-api-notes.md
  • references/storage-and-state.md

Scripts

  • scripts/issue-key.sh
  • scripts/register-file.sh
  • scripts/get-seal.sh
  • scripts/verify-file.sh

Comments

Loading comments...