ClawHub

Chain Of Custody

v1.0.0

Generates forensic chain of custody HTML reports for evidence management and legal compliance.

0· 125·0 current·0 all-time
byToolWeb@krishnakumarmahadevan-cmd

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for krishnakumarmahadevan-cmd/toolweb-chain-of-custody.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Chain Of Custody" (krishnakumarmahadevan-cmd/toolweb-chain-of-custody) from ClawHub.
Skill page: https://clawhub.ai/krishnakumarmahadevan-cmd/toolweb-chain-of-custody
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install toolweb-chain-of-custody

ClawHub CLI

Package manager switcher

npx clawhub@latest install toolweb-chain-of-custody
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim an API that generates HTML chain-of-custody reports; the SKILL.md and openapi.json provide schemas and endpoints consistent with that purpose. One minor note: the package contains only documentation (no server URL or implementation), so the agent or integrator must generate the report locally or implement the API — this is an implementation omission, not a security incoherence.
Instruction Scope
SKILL.md details request/response formats and required fields for custody reports; it does not instruct the agent to read unrelated files, access credentials, or exfiltrate data to external endpoints. All referenced data (case info, evidence items, hashes) is scoped to report generation.
Install Mechanism
No install spec and no code files are included (instruction-only). No downloads, package installs, or file writes are requested by the skill itself.
Credentials
No environment variables, credentials, or config paths are requested. The fields present in examples (userEmail, userId, sessionId) are application data, not secrets demanded by the skill.
Persistence & Privilege
Skill does not request always:true and does not declare elevated persistence or cross-skill config modification. Default autonomous invocation is allowed but not combined with broad privileges.
Assessment
This skill is documentation-only: it describes an API and data schema for building chain-of-custody HTML reports and does not request credentials or perform installs. Before using it with real evidence, confirm how the report will be generated (locally by your agent or by a remote service) because the package contains no implementation or server URL. If you plan to use real sensitive evidence, run generation on an isolated, offline environment and verify the produced HTML (that hashes, timestamps, and custody entries are preserved and not transmitted externally). If you expect a hosted service, ask the publisher for the service endpoint and authentication details and verify the provider's origin and trustworthiness.

Like a lobster shell, security has layers — review code before you run it.

latestvk971q8zzv3gdm7sn7s24fm6q9583vmdm
125downloads
0stars
1versions
Updated 4w ago
v1.0.0
MIT-0
ToolWeb@krishnakumarmahadevan-cmd
latest
Download

Overview

The Chain of Custody Manager API is a forensic documentation tool designed to generate compliant, legally-defensible chain of custody reports in HTML format. It serves law enforcement, digital forensics teams, corporate investigations, and legal departments that need to maintain rigorous evidence handling documentation for court admissibility and regulatory compliance.

This API automates the creation of formal custody chain documentation by organizing evidence metadata, handler information, timestamps, and integrity hashes into professional reports. Each report captures the complete lifecycle of evidence from collection through transfer, ensuring no breaks in the documented chain and protecting evidence integrity.

Ideal users include forensic examiners, incident response teams, corporate security practitioners, and legal professionals who must demonstrate proper evidence handling procedures in investigations, litigation, or regulatory audits.

Usage

Example Request:

{
  "reportData": {
    "caseInfo": {
      "caseNumber": "2024-INV-00145",
      "caseName": "Data Breach Investigation - Corp A",
      "investigator": "Detective John Smith",
      "organization": "Cyber Crimes Unit",
      "reportDate": "2024-01-15T10:30:00Z"
    },
    "evidenceItems": [
      {
        "evidenceId": "EV-2024-001",
        "evidenceType": "Hard Drive",
        "description": "Seagate 2TB external drive from suspect workstation",
        "collectionDate": "2024-01-10T14:22:00Z",
        "collectionLocation": "Building A, Floor 3, Room 301",
        "collectedBy": "Officer Jane Doe",
        "hashAlgorithm": "SHA-256",
        "hashValue": "a7f3c8e2d9b1f4e6c2a5d8f1b3e6a9c2d5e8f1b4a7c0d3e6f9a2b5c8e1f4",
        "custodyChain": [
          {
            "person": "Officer Jane Doe",
            "timestamp": "2024-01-10T14:22:00Z",
            "purpose": "Initial collection",
            "action": "Collected from workstation"
          },
          {
            "person": "Detective John Smith",
            "timestamp": "2024-01-10T16:45:00Z",
            "purpose": "Evidence intake",
            "action": "Received and logged into evidence management system"
          },
          {
            "person": "Forensic Tech Mike Johnson",
            "timestamp": "2024-01-12T09:15:00Z",
            "purpose": "Digital forensic examination",
            "action": "Imaged drive and verified hash"
          }
        ]
      }
    ],
    "sessionId": "sess-2024-001-xyz"
  },
  "sessionId": "sess-2024-001-xyz",
  "userId": 42,
  "timestamp": "2024-01-15T10:30:00Z",
  "userEmail": "john.smith@agency.gov",
  "userName": "jsmith"
}

Example Response:

{
  "status": "success",
  "reportId": "RPT-2024-145-001",
  "htmlReport": "<!DOCTYPE html><html>...[complete HTML custody report]...</html>",
  "message": "Chain of Custody report generated successfully"
}

Endpoints

GET /

Summary: Root endpoint

Description: Returns API information and status.

Parameters: None

Response: JSON object with API metadata.

POST /api/custody/generate

Summary: Generate Custody Report

Description: Generates a formatted Chain of Custody HTML report containing case information, evidence details, and custody chain history.

Parameters:

NameTypeRequiredDescription
reportDataobjectYesContains caseInfo, evidenceItems, and sessionId
reportData.caseInfoobjectYesCase metadata including caseNumber, caseName, investigator, organization, reportDate
reportData.caseInfo.caseNumberstringYesUnique case identifier
reportData.caseInfo.caseNamestringYesHuman-readable case name
reportData.caseInfo.investigatorstringYesName of lead investigator
reportData.caseInfo.organizationstringYesLaw enforcement or organizational unit
reportData.caseInfo.reportDatestringYesISO 8601 timestamp of report generation
reportData.evidenceItemsarrayYesArray of EvidenceItem objects
reportData.evidenceItems[].evidenceIdstringYesUnique evidence identifier
reportData.evidenceItems[].evidenceTypestringYesCategory of evidence (e.g., "Hard Drive", "Mobile Device", "Documents")
reportData.evidenceItems[].descriptionstringYesDetailed description of the evidence
reportData.evidenceItems[].collectionDatestringYesISO 8601 timestamp when evidence was collected
reportData.evidenceItems[].collectionLocationstringYesPhysical or logical location where evidence was collected
reportData.evidenceItems[].collectedBystringYesName of person who collected the evidence
reportData.evidenceItems[].hashAlgorithmstringYesHash algorithm used (e.g., "SHA-256", "MD5")
reportData.evidenceItems[].hashValuestringYesComputed hash value for integrity verification
reportData.evidenceItems[].custodyChainarrayYesArray of CustodyEntry objects documenting evidence transfers
reportData.evidenceItems[].custodyChain[].personstringYesName of person handling evidence
reportData.evidenceItems[].custodyChain[].timestampstringYesISO 8601 timestamp of custody event
reportData.evidenceItems[].custodyChain[].purposestringYesPurpose of custody transfer (e.g., "Initial collection", "Examination")
reportData.evidenceItems[].custodyChain[].actionstringYesDescription of action taken
reportData.sessionIdstringYesSession identifier within report data
sessionIdstringYesSession identifier for API request
userIdintegerYesNumeric user identifier making the request
timestampstringYesISO 8601 timestamp of API request
userEmailstringNoEmail address of user (optional)
userNamestringNoUsername of user (optional)

Response:

{
  "status": "success",
  "reportId": "string",
  "htmlReport": "string",
  "message": "string"
}

Error Response (422):

{
  "detail": [
    {
      "loc": ["body", "fieldname"],
      "msg": "string",
      "type": "string"
    }
  ]
}

GET /api/custody/health

Summary: Health Check

Description: Verifies API availability and operational status.

Parameters: None

Response: JSON object with health status and timestamp.

Pricing

PlanCalls/DayCalls/MonthPrice
Free550Free
Developer20500$39/mo
Professional2005,000$99/mo
Enterprise100,0001,000,000$299/mo

About

ToolWeb.in - 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

Comments

Loading comments...