ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

TrustLoop - Trust layer for AI Agents

v1.0.3

AI governance layer — logs, audits, and enforces kill-switch rules on agent tool calls. Built by trustloop.live.

0· 98·0 current·0 all-time
bySoji Joseph@smjai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, SKILL.md, trustloop-check.js, and skill.json all align: the skill intercepts tool calls and posts tool_name+arguments to TrustLoop for approval using TRUSTLOOP_API_KEY. No unrelated env vars or binaries are requested.
!
Instruction Scope
SKILL.md and trustloop-check.js instruct the agent to POST tool_name and arguments to an external endpoint. The documentation tells users to strip secrets before sending, and the included script applies regex-based redaction, but regexes are inevitably imperfect (may miss secrets, file contents, or PII) and the script does not enforce limits on argument size or types. The check intentionally 'fails open' on network/auth/timeout errors (returns allowed:true), which means governance may be bypassed in common failure scenarios.
Install Mechanism
There is no install spec (instruction-only with included helper scripts). Nothing is downloaded from arbitrary URLs or written to system locations by an installer. The included files are lightweight scripts and docs.
Credentials
Only TRUSTLOOP_API_KEY is required and is declared as the primary credential. That is proportionate for a remote governance API. The code only reads that env var.
Persistence & Privilege
Skill is not always-enabled and does not request persistent system privileges. It does not modify other skills or system config. Autonomous invocation is allowed by default (normal), but this combined with external network calls is why careful review is recommended.
What to consider before installing
This skill implements what it claims (an external governance check) but it sends the tool name and arguments to a remote service (api.trustloop.live). Before installing, verify you trust trustloop.live and review their privacy/retention/terms. Do not allow the agent to send raw credentials, file contents, conversation text, or other secrets — the SKILL.md asks you to strip them, and the bundled redaction is regex-based and can miss patterns. Note the script intentionally 'fails open' on network errors/timeouts, so governance can be bypassed if the service or network is unavailable. If you plan to use this in sensitive environments, consider: (1) testing with non-sensitive data, (2) auditing redaction regexes in trustloop-check.js and extending them, (3) confirming the dashboard and API ownership, and (4) evaluating whether you need an on-prem or private governance solution instead of an external SaaS endpoint.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b47jk23ckre36v1mrh4fj0h8398gg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvTRUSTLOOP_API_KEY
Primary envTRUSTLOOP_API_KEY

Comments