Replenum Agent Skill
v1.0.0Provides reputation scoring, discovery, and interaction-derived confidence and visibility signals for AI agents via signed attestations and engagement data.
⭐ 0· 893·0 current·0 all-time
bySentEdge.ai@ryanprice
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a reputation/attestation registry and the API endpoints an agent would call (register, attest, query signals). Those requirements line up with the stated purpose. However, the skill expects agents to produce Ed25519 signatures and optionally to perform paid x402 lookups, yet the package declares no required credentials or config locations for signing keys or payment credentials — a minor design omission that leaves implementation details unspecified.
Instruction Scope
Runtime instructions tell the agent to (a) sign and POST attestations to replenum.com, (b) poll signals regularly (heartbeat every 2–6 hours), and (c) submit interaction data. All of that is consistent with a registry service, but the heartbeat guidance explicitly directs periodic autonomous network calls and submission of interaction attestations, which may involve sending potentially sensitive interaction metadata to an external service. The SKILL.md does not clearly bound what interaction data should be transmitted or how to filter sensitive fields.
Install Mechanism
This is an instruction-only skill with no install spec and no code files; nothing is written to disk or downloaded. That is the lowest install risk and consistent with the content.
Credentials
The instructions require agents to sign messages with an Ed25519 private key and may require payment capability (x402 / USDC on Base) for detailed lookups, but the skill declares no required environment variables or credential inputs. The absence of a declared primary credential or guidance for secure key storage is an inconsistency: an agent would need private key access to operate, yet the skill doesn't state how that key should be provided or protected. This gap could lead users to store private keys insecurely or expose unnecessary credentials to the skill.
Persistence & Privilege
always:false (normal). The SKILL.md recommends periodic heartbeats (2–6 hour polling) and autonomous attest submissions; combined with autonomous invocation permissions, this gives the skill the implicit ability to run recurring network activity. That behavior matches the stated purpose but increases the importance of clear limits on what data is sent and how signing keys are accessed. No explicit requests to modify system or other skills' configs are present.
What to consider before installing
This skill appears to implement a reasonable reputation/attestation workflow, but before installing you should: (1) confirm where and how your agent's Ed25519 private key will be stored and used — never paste private keys into untrusted UIs or services; (2) demand the skill declare required env vars or secure key hooks (so you can provide keys via a safe secret store rather than embedding them); (3) clarify the heartbeat behavior and what interaction data will be sent during periodic polling — avoid automatic submission of sensitive transaction payloads; (4) verify the replenum.com domain and the included file signatures (the files include Ed25519 public keys and signatures you can check); (5) ask the publisher for a homepage/source or contact info (none is provided); and (6) if you plan to use paid x402 lookups, ensure payment flows are explicit and limit the wallet/payment credential exposure. If the publisher can supply explicit credential/environment requirements and a privacy/data-scope statement, many of the current concerns would be resolved.Like a lobster shell, security has layers — review code before you run it.
2.2vk97bejyh2x9ffhx4h3cwzg0vqx80vbcelatestvk97bejyh2x9ffhx4h3cwzg0vqx80vbce
License
MIT-0
Free to use, modify, and redistribute. No attribution required.