GwapScore Protocol (Trust Engine)

The skill's files and runtime instructions are internally consistent with a trust‑scoring protocol: it asks for no credentials, installs nothing, and only directs the agent to consult local policy and template files related to scoring and review.

This skill appears coherent and documentation‑driven. Before installing or using it in production: verify the skill's provenance (who authored and maintains it), test its outputs in a sandbox, and ensure any integrations you build (partner webhooks, signed events) use secure, authenticated channels. Although the skill itself requests no secrets or installs, an agent using it may take actions based on its outputs — review enforcement decisions and manual‑review triggers before automating high‑impact flows. If future versions add install steps or request environment credentials, re‑evaluate immediately.