ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ProofTrail MCP Skill

v0.1.1

Teach an agent to install ProofTrail's governed stdio MCP server, use the safest read and proof tools first, and keep future package or listing claims honest.

0· 105·0 current·0 all-time
byYifeng[Terry] Yu@xiaojiou176

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for xiaojiou176/prooftrail-mcp.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "ProofTrail MCP Skill" (xiaojiou176/prooftrail-mcp) from ClawHub.
Skill page: https://clawhub.ai/xiaojiou176/prooftrail-mcp
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install prooftrail-mcp

ClawHub CLI

Package manager switcher

npx clawhub@latest install prooftrail-mcp
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name and description (install and use a repo-local ProofTrail stdio MCP server and prefer read/proof tools first) match the instructions and included reference files. The manifest, CAPABILITIES.md, and demo all align with that stated purpose. Nothing in the package asks for unrelated capabilities.
Instruction Scope
SKILL.md and the reference docs focus on cloning the ProofTrail repo, running pnpm commands, attaching a repo-local stdio MCP server, and using safe-first tooling. The instructions do not ask the agent to read arbitrary host files, exfiltrate data, or contact unknown endpoints; they only note optional backend reads (UIQ_MCP_API_BASE_URL and 'any required token env vars') when live backend access is explicitly needed.
Install Mechanism
This is an instruction-only skill (no install spec or code included). The recommended install is to git clone https://github.com/xiaojiou176-open/prooftrail.git and run pnpm install / pnpm mcp:start. That is coherent with the purpose, but cloning and running a third-party repo executes code from an external source—normal for this use case but a security consideration the user must evaluate separately.
Credentials
The package declares no required env vars or credentials. The docs responsibly call out that if a real backend is needed the operator may set UIQ_MCP_API_BASE_URL and any backend token env vars; those are optional and consistent with the documented 'local-with-optional-backend-token' auth.
Persistence & Privilege
always is false and there is no install-time code or hooks that would modify other skills or system-wide settings. The skill is an instruction packet only and does not request elevated persistence or privileges.
Assessment
This packet is internally consistent and appears to do what it claims: guide you to attach a repo-local ProofTrail stdio MCP server and prefer read/proof tools first. Before running anything: (1) inspect the GitHub repo (https://github.com/xiaojiou176-open/prooftrail.git) and review package.json scripts and pnpm install effects; (2) substitute the correct local cwd path in the provided config snippets; (3) only set UIQ_MCP_API_BASE_URL and any token env vars if you trust the backend and need live reads; (4) treat 'publish-ready' npm/Docker names as unpublished until you verify they exist. The skill contains no declared secrets or hidden endpoints, but cloning and running a third‑party repo can execute arbitrary code—review the repo before use.

Like a lobster shell, security has layers — review code before you run it.

browser-evidencevk9740m4m29mbept3qqm769sbr584h7q6latestvk9740m4m29mbept3qqm769sbr584h7q6mcpvk9740m4m29mbept3qqm769sbr584h7q6prooftrailvk9740m4m29mbept3qqm769sbr584h7q6recoveryvk9740m4m29mbept3qqm769sbr584h7q6
105downloads
0stars
1versions
Updated 2w ago
v0.1.1
MIT-0
Yifeng[Terry] Yu@xiaojiou176
browser-evidencelatestmcpprooftrailrecovery
Download

ProofTrail MCP Skill

Teach the agent how to install, connect, and use ProofTrail's governed MCP surface as a browser-evidence and recovery layer.

Use this skill when

  • the host can attach a local stdio MCP server from a repo checkout
  • the user needs governed browser-evidence reads before broad automation
  • the operator wants a truthful packet that separates current repo-native MCP from future package or Docker publication

What this package teaches

  • how to launch ProofTrail's current repo-native MCP server
  • how to choose the safest ProofTrail tool families first
  • how to move from catalog and read tools into governed run or proof tools
  • how to talk about future npm, Docker, or registry surfaces without overclaiming publication

What ProofTrail is

ProofTrail is an evidence-first browser automation and recovery layer.

It helps AI agents and human operators:

  • run browser workflows through a governed path
  • inspect retained evidence after each run
  • recover from failures without pretending the browser layer is a generic bot

Start here

  1. Read references/INSTALL.md
  2. Load the right host config from:
  3. Skim the tool surface in references/CAPABILITIES.md
  4. Run the first-success path in references/DEMO.md

Safe-first workflow

  1. uiq_catalog
  2. uiq_read
  3. uiq_quality_read
  4. uiq_proof
  5. only then widen into:
    • uiq_run
    • uiq_run_and_report
    • uiq_api_workflow
    • uiq_api_automation

Suggested first prompt

Use ProofTrail as a governed browser-evidence layer. Start with uiq_catalog to confirm the MCP surface is attached. Then use uiq_read or uiq_quality_read to inspect one existing run or failure surface. If a real run is already present, follow with uiq_proof or uiq_run_and_report to show the retained evidence and summarize the most important next action.

Current / usable today

Current install path:

  1. clone the ProofTrail repo
  2. run pnpm install
  3. point your MCP client at the repo-local stdio command
  4. start the MCP bridge with pnpm mcp:start

Protocol and auth truth:

  • auth = local-with-optional-backend-token

Publish-ready but not yet published

The following install surfaces are planned and not yet published:

  • npm package: @prooftrail/mcp-server
  • Docker image: ghcr.io/xiaojiou176-open/prooftrail-mcp-server:0.1.1

Do not describe either surface as live until the package or image is actually published.

Success checks

  • the host attaches the repo-native MCP server successfully
  • the agent cites a real run, artifact, or proof bundle instead of describing a generic browser story
  • the answer stays grounded in evidence instead of free-writing from memory

Boundaries

  • this packet is not an official plugin
  • ProofTrail is not a hosted service
  • ProofTrail is not a hosted SaaS service
  • ProofTrail is not a hosted MCP endpoint
  • this packet does not claim a live OpenHands or ClawHub listing
  • future npm or Docker shapes are publish-ready but not yet published

Local references

Comments

Loading comments...