← Back to Skills Marketplace
638
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install skill-evidenceops
Description
Forensic media triage with chain of custody. Use when receiving images, videos, audio, PDFs, or documents that need evidence-grade handling, integrity verifi...
Usage Guidance
This package appears to be a legitimate forensic evidence tool, but check these before installing:
- Confirm source integrity: the repository/package owner is not a known homepage; verify the npm package name and publisher, or install from the included code after review.
- Resolve the metadata inconsistency: SKILL.md recommends npm install but registry metadata shows “no install spec.” Ask the publisher which install method to use.
- If you plan to use S3/MinIO: configure AWS credentials via IAM roles or environment in a controlled way (avoid embedding static secrets). The skill itself doesn't declare required env vars because cloud storage is optional.
- Review and test redaction and path-sanitization on non-sensitive test data to ensure they behave as described.
- Review the platform permission grant for “Bash” / shell execution—this is broad and should be restricted to trusted environments.
- For production, follow the SECURITY.md recommendations: channel allowlist, pairing, size limits, audit logging, and object-locked S3 buckets if using cloud storage.
If you want, I can list specific files to inspect (e.g., src/drivers/s3.ts, src/utils/redaction.ts, src/utils/path.ts) or summarize their contents for deeper review.
Capability Analysis
Type: OpenClaw Skill
Name: skill-evidenceops
Version: 1.0.0
The OpenClaw AgentSkills skill bundle 'evidenceops' is classified as benign. It demonstrates a strong security posture with robust input sanitization (path traversal prevention, filename sanitization), cryptographic integrity verification (SHA-256, hash chain), immutability controls (read-only files, S3 Object Lock), and automatic secret/PII redaction in audit logs. The `SKILL.md` actively uses the prompt injection surface to declare security guarantees and 'NEVER' statements, which are consistently supported by the TypeScript code and comprehensive security documentation (`SECURITY.md`, `DESIGN.md`). The CI/CD pipeline (`security.yml`) further reinforces this by including secret scanning, dependency auditing, and SAST tools, indicating a proactive security development approach. There is no evidence of intentional harmful behavior or exploitation.
Capability Assessment
Purpose & Capability
The skill name/description (forensic media triage, chain of custody) aligns with the provided code and docs: a plugin implements ingestion, verification, manifests, exports, filesystem and S3 drivers, hashing, path sanitization, and redaction. The included dependencies (exifreader, archiver, AWS SDK) are consistent with the stated functionality.
Instruction Scope
SKILL.md instructions are scoped to forensic intake: staging files, calculating SHA-256, extracting metadata, generating derivatives, calling evidence.ingest and updating manifests. The instructions explicitly forbid modifying originals, executing untrusted code, or exfiltrating data. They reference only relevant inputs (file content, filename, channel, sender) and expected tools (evidence.*).
Install Mechanism
SKILL.md frontmatter and README recommend installing the plugin via npm (@openclaw/evidence-vault). There is no remote arbitrary-download/install step (good). Small inconsistency: registry metadata earlier said “No install spec — instruction-only”, but the skill and repo include an npm plugin and package files. Confirm which install path the platform will use (manual copy vs npm install).
Credentials
The skill declares no required environment variables, which is reasonable for a local-first tool. However, the plugin contains an S3 driver and lists @aws-sdk/client-s3 in dependencies; if you configure an S3 backend you will need appropriate credentials or IAM roles. The skill does not automatically request/require AWS credentials, which is proportionate provided S3 use is optional and user-configured.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide config changes. It documents use of a vault directory and local manifests; nothing in the repository indicates it would modify other skills or force-enable itself. Permission scoping includes Read/Write/Bash in metadata — Bash access is broad but justified for staging/derivative generation; review platform permission model before granting shell access.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install skill-evidenceops - After installation, invoke the skill by name or use
/skill-evidenceops - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
This is the initial release of EvidenceOps, a forensic-grade evidence management system for OpenClaw. It provides:
1. **Complete Skill for ClawHub** - Ready-to-publish skill with comprehensive documentation
2. **Dual Storage Drivers** - Filesystem (local) and S3/MinIO (cloud) backends
3. **Chain of Custody** - Cryptographic hash chain for evidence integrity
4. **Security-First Design** - Path sanitization, secret redaction, channel controls
5. **Full Test Coverage** - Unit and integration tests for core functionality
The skill teaches OpenClaw agents how to:
- Accept media from any channel
- Create/manage cases with proper IDs
- Stage originals without modification
- Extract metadata (EXIF, duration, pages)
- Generate derivatives in separate folders
- Maintain tamper-evident audit trails
- Return evidence receipts to users
The plugin provides the backend implementation with:
- Pluggable storage architecture
- Deterministic manifest generation
- Channel-based access control
- Comprehensive error handling
Metadata
Frequently Asked Questions
What is EvidenceOps - Forensic Evidence Management?
Forensic media triage with chain of custody. Use when receiving images, videos, audio, PDFs, or documents that need evidence-grade handling, integrity verifi... It is an AI Agent Skill for Claude Code / OpenClaw, with 638 downloads so far.
How do I install EvidenceOps - Forensic Evidence Management?
Run "/install skill-evidenceops" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is EvidenceOps - Forensic Evidence Management free?
Yes, EvidenceOps - Forensic Evidence Management is completely free (open-source). You can download, install and use it at no cost.
Which platforms does EvidenceOps - Forensic Evidence Management support?
EvidenceOps - Forensic Evidence Management is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).
Who created EvidenceOps - Forensic Evidence Management?
It is built and maintained by msrovani (@msrovani); the current version is v1.0.0.
More Skills