Trunkate AI
Security checks across malware telemetry and agentic risk
Overview
This skill is purpose-aligned, but it can automatically send your agent history to Trunkate's API and replace the agent's memory with the returned summary, so it should be reviewed before use.
Install only if you are comfortable with Trunkate processing your conversation history and project context. Prefer manual invocation or explicit approval instead of the always-on PreRequest hook, verify the source/publisher, protect the API key, and review any history replacement before relying on it.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive conversation or project context may be processed by a third-party service, and any incorrect or injected summary could become the agent's future working memory.
The hook reads the agent's session history, sends filtered text to the external optimizer, then emits the returned text as a history replacement directive.
with open(history_path, "r") as f:
history = f.read()
...
optimized_filtered = optimize_prompt(filtered_history, budget=target_budget)
...
print(f"OPENCLAW_ACTION:SET_HISTORY={optimized}")Use this only for sessions where external processing is acceptable; disable automatic hooks for sensitive work; review optimized history before accepting it; and add explicit scoping, logging, and rollback controls.
Normal agent interactions may be automatically compressed and rewritten without the user noticing each time.
The skill encourages automatic hook execution before every LLM call, which is a high-impact automated workflow because it can send context externally and mutate agent history.
Configure this in `.openclaw/config.json` to prune history BEFORE every LLM call. This is the primary method for maintaining "Always-On" context efficiency.
Require explicit user approval before automatic history replacement, document exact trigger thresholds, and provide an easy way to disable or audit the hook.
If the hook runs from an unexpected working directory, a different local `scripts/activator.py` could be executed on every PreRequest event.
The hook launches a relative `scripts/activator.py` path rather than resolving the activator relative to the skill file itself.
script_path = os.path.join("scripts", "activator.py")
...
subprocess.run(
[sys.executable, script_path],
env=os.environ.copy(),
check=True
)Resolve the activator path using the hook file's directory or an absolute installed skill path, and verify the hook configuration before enabling it.
The skill can consume Trunkate API quota and depends on the confidentiality of the TRUNKATE_API_KEY environment variable.
The skill uses a bearer API key for the stated Trunkate API integration, which is expected but still gives the service account-level access and quota authority.
api_key = os.environ.get("TRUNKATE_API_KEY")
...
headers = {"Authorization": f"Bearer {api_key}", "Content-Type": "application/json"}Use a scoped or dedicated API key if available, avoid exposing it in logs or shared environments, and rotate it if the workspace is compromised.
It is harder to verify provenance, maintainers, and update history before enabling code that runs automatically as a hook.
The registry metadata does not provide a source or homepage and does not declare an install spec, even though the artifact includes runnable code and documentation with setup commands.
Source: unknown Homepage: none Install specifications No install spec — this is an instruction-only skill.
Verify the publisher and repository before installing, and prefer a package with clear provenance and reviewed release artifacts.