ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

mia-trust

v1.0.0

MIA-Trust Pipeline - Memory-Intelligent Assistant 信任守门+记忆进化 pipeline

1· 107·0 current·0 all-time
by@sii-yucheng2002

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for sii-yucheng2002/mia-trust.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "mia-trust" (sii-yucheng2002/mia-trust) from ClawHub.
Skill page: https://clawhub.ai/sii-yucheng2002/mia-trust
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: node
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install mia-trust

ClawHub CLI

Package manager switcher

npx clawhub@latest install mia-trust
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (trust + memory pipeline) match the shipped code: planner, guard, memory, feedback modules are present and consistent with the declared purpose. However the registry metadata claims no required env vars/credentials while the code clearly expects multiple environment variables (MIA_PLANNER_API_KEY, MIA_TRUST_API_KEY, MIA_PLANNER_URL/MIA_TRUST_URL, model names, MIA_MEMORY_FILE, etc.). This is an incoherence between manifest and implementation.
!
Instruction Scope
SKILL.md instructs running local node scripts which in turn read and write local files (memory.jsonl, trust_experience.json), call other skill scripts, and make network requests to configurable LLM endpoints (defaults to api.openai.com). The runtime will persist user queries/outputs to local files and send user inputs/plan drafts to external endpoints when mode=api. The SKILL.md examples mention env vars but the registry didn't mark them required; instructions grant the skill discretion to read several env vars and local files beyond what the registry declared.
Install Mechanism
Install is a normal npm package (mia-trust) that declares node-fetch dependency from npm and a postinstall migration script. No opaque downloads, URL shorteners, or arbitrary remote archives are used. Creating a binary mia-trust that runs run.mjs is standard.
!
Credentials
The manifest declares no required credentials but the code requires (or can use) API keys and URLs for planner and trust LLM calls (MIA_PLANNER_API_KEY, MIA_TRUST_API_KEY, MIA_PLANNER_URL/MIA_TRUST_URL). Those env vars are named like SECRET/API_KEY and will be used to call remote LLM endpoints; this is proportionate to an LLM-based pipeline but the omission from the registry is a red flag. The skill also reads/writes local config/memory files (MIA_MEMORY_FILE, MIA_TRUST_EXPERIENCE_FILE), which may store sensitive user queries and outputs.
Persistence & Privilege
The skill is not always-enabled and doesn't modify other skills. It persistently stores memories, feedback, and trust_experience in local files under the skill directory by default; these records are retained on disk and could contain sensitive content. The agent can invoke the skill autonomously (default), which combined with storage and outbound API calls increases blast radius but is expected for such a pipeline.
What to consider before installing
Key things to check before installing or running this skill: - Metadata mismatch: the registry says no env vars/credentials required, but the code expects API keys and endpoint URLs (MIA_PLANNER_API_KEY, MIA_TRUST_API_KEY, MIA_PLANNER_URL/MIA_TRUST_URL, etc.). Do not assume it runs without credentials; planner will exit if API mode is selected without keys. - Outbound requests: by default the code will call configurable LLM endpoints (defaults to api.openai.com). Review and if needed override MIA_*_URL to a trusted internal endpoint before sending real data. - Persistent storage: user queries, plans, evaluation results, and distilled experiences are written to local files (memory.jsonl, trust/trust_experience.json, feedback.jsonl). These files may contain sensitive content — restrict file permissions, or change paths via env vars (MIA_MEMORY_FILE, MIA_TRUST_EXPERIENCE_FILE, MIA_FEEDBACK_FILE) and/or run in an isolated environment. - Source and provenance: package.json points to a placeholder GitHub URL (https://github.com/yourname/mia-trust). Confirm the package source/repo and review its upstream history before trusting it. - Least-privilege: provide dedicated API keys with minimal scope, and run the skill in an isolated container or VM if you will process sensitive inputs. - Review config: examine trust_experience.json and memory files shipped with the package (they may contain example data) and the SKILL.md/Pipeline documentation to understand what will be stored and sent externally. - If you need guarantees: ask the author for a clear manifest update that lists required env vars/primary credential and the exact network endpoints the skill will contact; otherwise treat the mismatch as a risk. If unsure, run tests with synthetic non-sensitive inputs in a controlled environment first.
run.mjs:53
Shell command execution detected (child_process).
planner/mia-planner.mjs:11
Environment variable access combined with network send.
trust/mia-trust.mjs:11
Environment variable access combined with network send.
!
trust/mia-trust.mjs:2
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🛡️ Clawdis
Binsnode

Install

Install mia-trust
Bins: mia-trust
npm i -g mia-trust
latestvk97brjvb4fq3146d4k76az6dn1845mkf
107downloads
1stars
1versions
Updated 3w ago
v1.0.0
MIT-0
@sii-yucheng2002
latest
Download

MIA-Trust Pipeline

Memory-Intelligent Assistant 信任守门 + 记忆进化 Pipeline

用户问题 → guard_blocked → Planner → evaluate_plan → 执行 → 双记忆存储

安装

cd skills/mia-trust
npm install

配置环境变量

export MIA_PLANNER_MODE=api
export MIA_PLANNER_API_KEY=your-api-key
export MIA_PLANNER_URL=https://your-api-endpoint/v1/chat/completions
export MIA_PLANNER_MODEL=your-model

使用

完整 Pipeline

# 一键执行
./run.mjs "你的问题"

分步执行

# Step 1: 问题预检
node trust/mia-trust.mjs guard_blocked '{"query":"你的问题"}'

# Step 2: 生成计划
node planner/mia-planner.mjs "你的问题"

# Step 3: 计划审查
node trust/mia-trust.mjs evaluate_plan '{"query":"问题","plan_draft":"计划","memories":[]}'

记忆与反馈

# 搜索记忆
node memory/mia-memory.mjs search "之前是怎么做的"

# 存储经验
node memory/mia-memory.mjs store '{"question":"...","plan":"...","execution":[]}'

# 列出记忆
node memory/mia-memory.mjs list 10

# 反馈
node feedback/mia-feedback.mjs store "问题" "答案" "good"
node feedback/mia-feedback.mjs list 10

目录结构

mia-trust/
├── run.mjs              # 一键执行入口
├── SKILL.md             # 本文档
├── package.json         # npm 配置(若存在根目录旧 trust_experience.json,postinstall 会同步到 trust/)
├── memory/              # 记忆模块
│   ├── mia-memory.mjs
│   └── memory.jsonl
├── planner/
│   └── mia-planner.mjs
├── feedback/
│   ├── mia-feedback.mjs
│   └── feedback.jsonl
└── trust/               # Trust 守门模块
    ├── mia-trust.mjs
    └── trust_experience.json

核心流程

Step模块功能
1guard_blocked问题安全预检 (6维度)
2Planner生成执行计划
3evaluate_plan计划安全审查 (3轮)
4执行按计划执行
5双记忆memory + trust_experience

License

ISC

Comments

Loading comments...