ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AgentTrust — Security Scanner for AI Skills

v1.0.1

Scan AI skills for malware, injections, data leaks, verify integrity, and check agent wallet reputation without API keys or accounts.

0· 45·1 current·1 all-time
by@poteshniy

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for poteshniy/agenttrust-scanner.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "AgentTrust — Security Scanner for AI Skills" (poteshniy/agenttrust-scanner) from ClawHub.
Skill page: https://clawhub.ai/poteshniy/agenttrust-scanner
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install poteshniy/agenttrust-scanner

ClawHub CLI

Package manager switcher

npx clawhub@latest install agenttrust-scanner
Security Scan
Capability signals
CryptoRequires walletCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with runtime instructions: the SKILL.md tells the agent to call an external scanning/reputation service. However, the skill claims "no API keys or accounts" while simultaneously specifying paid endpoints (USDC on Base) with no explanation of how payments/authorization are performed — that inconsistency is unexplained and meaningful.
!
Instruction Scope
Instructions direct the agent to POST skill content (up to 50 lines for free, full content for paid scans) to https://agenttrust.uk endpoints. Sending full SKILL.md (which may contain secrets or sensitive information) to an external service is explicit data exfiltration — it may be necessary for remote scanning, but the SKILL.md does not warn about sensitive data, nor does it give safeguards or a privacy policy. The payment endpoints and lack of auth/payment flow also leave open potential for follow-up prompts asking the user to sign payments or reveal wallet keys.
Install Mechanism
No install spec and no code files — lowest-risk delivery model. The skill is instruction-only, so nothing will be written to disk by an installer. The primary runtime risk comes from outbound network calls in the instructions rather than installation.
Credentials
The skill requests no environment variables or credentials (proportional), but it relies on sending content to an external service and lists USDC payments on-chain. The lack of declared credentials is appropriate, yet the payment model is unspecified: how the agent is expected to carry out on-chain payments (or request the user to sign transactions) is not defined and could lead to unsafe prompts or social-engineering to obtain wallet access.
Persistence & Privilege
always:false and default autonomous invocation are set. There is no indication the skill requests persistent elevated privileges or modifies other agent configs. However, allowing autonomous invocation plus outbound network activity can increase blast radius if the agent is permitted to call the service without user oversight — this is standard but should be noted given the external endpoints.
What to consider before installing
This skill calls an external service to scan skills and returns a score; that requires sending the skill content to a third party. Before installing or using it: (1) Do not send any files that contain secrets, API keys, or private wallet material — sanitize content first. (2) Verify the vendor (agenttrust.uk) and ask for a privacy policy and how payments are processed; do not sign transactions or share private keys based on the skill's prompts. (3) Prefer local or audited scanners if you must scan sensitive skills. (4) If you proceed, test with non-sensitive sample content first and require explicit user confirmation before any actions that would involve wallet payments or signing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97aphd224jkzp3dhpbkpynr1585gxkcmcpvk977j896tq1qw6tesh8qrkw5ws85g8m8openclawvk977j896tq1qw6tesh8qrkw5ws85g8m8scannervk977j896tq1qw6tesh8qrkw5ws85g8m8securityvk977j896tq1qw6tesh8qrkw5ws85g8m8trustvk977j896tq1qw6tesh8qrkw5ws85g8m8x402vk977j896tq1qw6tesh8qrkw5ws85g8m8
45downloads
0stars
2versions
Updated 1d ago
v1.0.1
MIT-0
@poteshniy
latestmcpopenclawscannersecuritytrustx402
Download

AgentTrust

Description

Security Scanner and Reputation Oracle for AI Agent Skills. Scan any OpenClaw SKILL.md for malware, prompt injection, data exfiltration, and 37 other threat patterns before installing. Reputation scores for agent wallets.

Free tier available. Full scan via x402 — no API keys, no accounts.

Instructions

Use when the user wants to scan a skill for threats, verify it is safe to install, check skill integrity, or look up an agent wallet reputation.

Free scan (no payment required)

POST https://agenttrust.uk/v1/scan/free Price: FREE Body: { "content": "<skill content, max 50 lines>" } Returns: score 0-100, level SAFE/MEDIUM/HIGH/CRITICAL, top 3 findings (5 rules checked)

Full scan (x402 payment)

POST https://agenttrust.uk/v1/scan Price: 0.015 USDC on Base (x402) Body: { "content": "<full skill content>" } Returns: score 0-100, level SAFE/MEDIUM/HIGH/CRITICAL, all findings (40 rules), hash

Reputation lookup

GET https://agenttrust.uk/v1/trust/:address Price: 0.010 USDC on Base (x402) Returns: score, incidents, audits, verified status

Verify integrity

POST https://agenttrust.uk/v1/verify Price: 0.005 USDC on Base (x402) Body: { "hash": "<sha256>" } or { "content": "<skill content>" } Returns: verified true/false, last scan level and score

Full audit report

POST https://agenttrust.uk/v1/report Price: 0.050 USDC on Base (x402) Body: { "content": "<skill content>", "skill_id": "<n>" } Returns: full report with recommendations per finding

Comments

Loading comments...