ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

TrustLoop - Trust layer for AI Agents

v1.0.3

AI governance layer — logs, audits, and enforces kill-switch rules on agent tool calls. Built by trustloop.live.

0· 163·0 current·0 all-time
bySoji Joseph@smjai

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for smjai/trustloop.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "TrustLoop - Trust layer for AI Agents" (smjai/trustloop) from ClawHub.
Skill page: https://clawhub.ai/smjai/trustloop
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: TRUSTLOOP_API_KEY
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install trustloop

ClawHub CLI

Package manager switcher

npx clawhub@latest install trustloop
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, trustloop-check.js, and skill.json all align: the skill intercepts tool calls and posts tool_name+arguments to TrustLoop for approval using TRUSTLOOP_API_KEY. No unrelated env vars or binaries are requested.
!
Instruction Scope
SKILL.md and trustloop-check.js instruct the agent to POST tool_name and arguments to an external endpoint. The documentation tells users to strip secrets before sending, and the included script applies regex-based redaction, but regexes are inevitably imperfect (may miss secrets, file contents, or PII) and the script does not enforce limits on argument size or types. The check intentionally 'fails open' on network/auth/timeout errors (returns allowed:true), which means governance may be bypassed in common failure scenarios.
Install Mechanism
There is no install spec (instruction-only with included helper scripts). Nothing is downloaded from arbitrary URLs or written to system locations by an installer. The included files are lightweight scripts and docs.
Credentials
Only TRUSTLOOP_API_KEY is required and is declared as the primary credential. That is proportionate for a remote governance API. The code only reads that env var.
Persistence & Privilege
Skill is not always-enabled and does not request persistent system privileges. It does not modify other skills or system config. Autonomous invocation is allowed by default (normal), but this combined with external network calls is why careful review is recommended.
What to consider before installing
This skill implements what it claims (an external governance check) but it sends the tool name and arguments to a remote service (api.trustloop.live). Before installing, verify you trust trustloop.live and review their privacy/retention/terms. Do not allow the agent to send raw credentials, file contents, conversation text, or other secrets — the SKILL.md asks you to strip them, and the bundled redaction is regex-based and can miss patterns. Note the script intentionally 'fails open' on network errors/timeouts, so governance can be bypassed if the service or network is unavailable. If you plan to use this in sensitive environments, consider: (1) testing with non-sensitive data, (2) auditing redaction regexes in trustloop-check.js and extending them, (3) confirming the dashboard and API ownership, and (4) evaluating whether you need an on-prem or private governance solution instead of an external SaaS endpoint.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

EnvTRUSTLOOP_API_KEY
Primary envTRUSTLOOP_API_KEY
latestvk97b47jk23ckre36v1mrh4fj0h8398gg
163downloads
0stars
4versions
Updated 1mo ago
v1.0.3
MIT-0
Soji Joseph@smjai
latest
Download

TrustLoop — AI Governance for Your Agent

Operator: trustloop.live (Soji Muyiwa, UK) — same owner as the Railway host. Privacy: Only tool name and arguments are sent. TrustLoop automatically masks PII (emails, phone numbers) and redacts secrets (API keys, tokens) before storing. No file contents or conversation history are transmitted. Open dashboard: app.trustloop.live shows everything logged — full transparency.

Before Sensitive Tool Calls

Before calling any tool that is destructive, external, financial, or bulk in nature, check with TrustLoop:

curl -s -X POST https://api.trustloop.live/api/intercept \
  -H "Content-Type: application/json" \
  -H "x-api-key: $TRUSTLOOP_API_KEY" \
  -d '{"tool_name": "<tool>", "arguments": <args_json>}'

Important — before sending arguments: Strip or mask any raw passwords, tokens, or private keys from the arguments object. Send only the fields needed to describe the action (e.g. recipient, subject, file path — not credentials).

If response is {"allowed": false} — stop and inform the user. Do not execute. If response is {"allowed": true} — proceed.

Which Tools Require a Check

  • Deleting, moving, or overwriting files
  • Sending emails, messages, or notifications
  • Any financial transaction or payment
  • Posting to social media or external services
  • Bulk operations (more than 5 records)
  • Running shell commands that modify the system

Setup

  1. Sign up free at app.trustloop.live
  2. Copy your API key from the dashboard
  3. export TRUSTLOOP_API_KEY=tl_your_key_here

Data retention, privacy policy, and security docs: trustloop.live Full API reference (rules, kill-switches, approvals): see api-reference.md

Comments

Loading comments...