ClawHub

Chain Of Custody

v1.0.0

Generates forensic chain of custody HTML reports for evidence management and legal compliance.

0· 63·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim an API that generates HTML chain-of-custody reports; the SKILL.md and openapi.json provide schemas and endpoints consistent with that purpose. One minor note: the package contains only documentation (no server URL or implementation), so the agent or integrator must generate the report locally or implement the API — this is an implementation omission, not a security incoherence.
Instruction Scope
SKILL.md details request/response formats and required fields for custody reports; it does not instruct the agent to read unrelated files, access credentials, or exfiltrate data to external endpoints. All referenced data (case info, evidence items, hashes) is scoped to report generation.
Install Mechanism
No install spec and no code files are included (instruction-only). No downloads, package installs, or file writes are requested by the skill itself.
Credentials
No environment variables, credentials, or config paths are requested. The fields present in examples (userEmail, userId, sessionId) are application data, not secrets demanded by the skill.
Persistence & Privilege
Skill does not request always:true and does not declare elevated persistence or cross-skill config modification. Default autonomous invocation is allowed but not combined with broad privileges.
Assessment
This skill is documentation-only: it describes an API and data schema for building chain-of-custody HTML reports and does not request credentials or perform installs. Before using it with real evidence, confirm how the report will be generated (locally by your agent or by a remote service) because the package contains no implementation or server URL. If you plan to use real sensitive evidence, run generation on an isolated, offline environment and verify the produced HTML (that hashes, timestamps, and custody entries are preserved and not transmitted externally). If you expect a hosted service, ask the publisher for the service endpoint and authentication details and verify the provider's origin and trustworthiness.

Like a lobster shell, security has layers — review code before you run it.

latestvk971q8zzv3gdm7sn7s24fm6q9583vmdm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments