ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Attestation

v3.0.2

Portable reputation system for agents v3 - Ed25519 signatures, input validation, handoff KV

0· 455·1 current·1 all-time
byIvan Cetta@nantes

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for nantes/agent-attestation.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Agent Attestation" (nantes/agent-attestation) from ClawHub.
Skill page: https://clawhub.ai/nantes/agent-attestation
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install agent-attestation

ClawHub CLI

Package manager switcher

npx clawhub@latest install agent-attestation
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (attestation, Ed25519, handoff KV) align with the included code: key management, signing/verification, input validation, and a simple on-disk KV are implemented. Minor inconsistency: registry metadata described the skill as instruction-only yet the package contains multiple Python source files implementing the features; this is likely just an author packaging choice rather than malicious misdirection.
Instruction Scope
SKILL.md and the example usage clearly require Python and the 'cryptography' library and warn about filesystem access. Runtime code only performs local file I/O (keys, attestations, manifest) and canonical signing/verification and input checks. There are no network calls or references to unrelated system paths or environment variables in the provided files.
Install Mechanism
No install spec or remote downloads are present; this is a code-bundle you run locally. The only external dependency is the Python 'cryptography' library (imported), which must be installed in your environment; there are no opaque third-party download URLs or extract steps.
!
Credentials
The skill requests no environment variables or external credentials, which is proportionate to its purpose. However, it generates and writes Ed25519 private keys to disk in PEM form unencrypted (KeyManager.generate_keypair) and stores identity/reputation data in an on-disk KV in cleartext by default. Default relative paths (./keys, ./attestation_kv) increase risk in shared or cloud/workspace environments. This is a storage/operational security concern (not an evidence of exfiltration).
Persistence & Privilege
The skill does not request forced persistent inclusion (always: false) nor does it modify other skills. It writes persistent files to configurable directories and thus can provide long-lived identity/reputation state; ensure those directories are chosen and permissioned appropriately. Autonomous invocation (disable-model-invocation: false) is the platform default and not a unique red flag here.
Assessment
This package appears to implement what it claims (local attestation, Ed25519 signing, and a handoff KV) and contains no network calls or requests for unrelated credentials, but it stores private keys and identity/reputation data unencrypted in default relative directories. Before installing or running: 1) review and run the code in a sandbox/isolated environment; 2) set keys_dir and KV directory to a secure absolute path outside any shared workspace; 3) restrict filesystem permissions (e.g., chmod 600 on private key files); 4) consider adding encryption at rest or protecting private keys with a passphrase or OS keyring; 5) install a vetted version of the 'cryptography' library from PyPI and review dependency versions; 6) audit the code yourself (or ask the author) if you need assurance there are no network endpoints beyond the included files. If you cannot ensure secure storage for the generated keys, treat the skill as risky for production use.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📜 Clawdis
latestvk97crc7xj65896t65kkb8skkr1826crw
455downloads
0stars
13versions
Updated 13h ago
v3.0.2
MIT-0
Ivan Cetta@nantes
latest
Download
Loading README...

Comments

Loading comments...