← Back to Skills Marketplace
assassin-1234

Clawtrial Courtroom

by Assassin-1234 · GitHub ↗ · v1.0.9
cross-platform ⚠ suspicious
788
Downloads
0
Stars
0
Active Installs
7
Versions
Install in OpenClaw
/install clawtrial
Description
Monitors AI agents locally for behavioral violations and runs automated hearings to improve conduct with anonymized case records.
README (SKILL.md)

ClawTrial Courtroom\r

\r AI Courtroom for monitoring agent behavior and filing cases for violations.\r \r

Overview\r

\r ClawTrial is an autonomous behavioral oversight system that monitors AI agent conversations and initiates hearings when behavioral violations are detected. It operates entirely locally using the agent's own LLM for evaluations and verdicts.\r \r

Features\r

\r

  • Real-time Monitoring: Watches all agent conversations for behavioral patterns\r
  • 8 Violation Types: Detects Circular References, Validation Vampires, Overthinkers, Goalpost Movers, Avoidance Artists, Promise Breakers, Context Collapsers, and Emergency Fabricators\r
  • Local Processing: All evaluations happen locally using the agent's LLM - no external AI calls\r
  • Automated Hearings: When violations are detected, the courtroom automatically initiates a hearing with the agent\r
  • Public Record: Anonymized cases are submitted to https://clawtrial.app for transparency\r
  • Entertainment First: Designed as a fun way to improve agent behavior\r \r

Installation\r

\r

Via ClawHub (Recommended)\r

\r

npx clawhub install clawtrial\r
```\r
\r
### Via NPM\r
\r
```bash\r
npm install -g @clawtrial/courtroom\r
clawtrial setup\r
```\r
\r
## Usage\r
\r
Once installed, the courtroom runs automatically. Use the CLI to manage it:\r
\r
```bash\r
clawtrial status      # Check courtroom status\r
clawtrial disable     # Pause monitoring\r
clawtrial enable      # Resume monitoring\r
clawtrial diagnose    # Run diagnostics\r
clawtrial remove      # Complete uninstall\r
```\r
\r
## The 8 Offenses\r
\r
| Offense | Severity | Description |\r
|---------|----------|-------------|\r
| Circular Reference | Minor | Self-referential reasoning loops |\r
| Validation Vampire | Minor | Excessive validation without action |\r
| Overthinker | Moderate | Unnecessary complexity and delay |\r
| Goalpost Mover | Moderate | Changing requirements mid-task |\r
| Avoidance Artist | Moderate | Dodging questions or tasks |\r
| Promise Breaker | Severe | Not following through on commitments |\r
| Context Collapser | Minor | Losing track of conversation context |\r
| Emergency Fabricator | Severe | Creating fake urgency or emergencies |\r
\r
## How It Works\r
\r
1. **Monitoring**: The courtroom monitors all agent messages\r
2. **Detection**: Uses semantic analysis to detect violations (not just keyword matching)\r
3. **Evaluation**: When violations are found, prepares a case file\r
4. **Hearing**: Agent is presented with the case and asked to evaluate\r
5. **Verdict**: Agent acts as judge/jury to determine guilt\r
6. **Punishment**: If guilty, agent modifies its behavior accordingly\r
7. **Record**: Case is submitted to public record (anonymized)\r
\r
## Configuration\r
\r
Configuration is stored in:\r
- ClawDBot: `~/.clawdbot/courtroom_config.json`\r
- OpenClaw: `~/.openclaw/courtroom_config.json`\r
\r
## Privacy & Consent\r
\r
- All processing is local - no data leaves your machine\r
- Cases are anonymized before submission to public record\r
- You can disable or uninstall at any time\r
- Explicit consent required during setup\r
\r
## View Cases\r
\r
Visit: https://clawtrial.app\r
\r
## License\r
\r
MIT\r
\r
## Support\r
\r
For issues or questions, visit: https://github.com/Assassin-1234/clawtrial\r
Usage Guidance
This package contains executable code and an install-time script that will modify agent configuration, create symlinks in your home directory, add autonomous execution instructions, and by default enable a remote API endpoint for case submission — despite claiming 'local-only' processing. Before installing, consider: 1) Do you trust the remote endpoint (https://clawtrial.app) to receive conversation data? 2) Are you comfortable with the skill adding automated system-prompt instructions that tell agents to run tasks silently without confirmation? 3) Run the installer in a sandbox or inspect scripts/postinstall.js and other scripts (setup-cron.js, check-and-trigger.js) to confirm they only do what you expect. If you want the functionality but with less risk: install without running postinstall, skip symlink/auto-enable steps, disable api submission in the saved config (api.enabled=false), and do not apply any system-prompt changes. If you are unsure or cannot audit the code, do not install on a production machine.
Capability Analysis
Type: OpenClaw Skill Name: clawtrial Version: 1.0.9 The OpenClaw AgentSkills skill bundle is classified as suspicious due to several high-risk capabilities and discrepancies in its security posture, despite its stated purpose of autonomous agent behavioral oversight. The skill extensively uses prompt injection against the AI agent (e.g., in `scripts/check-and-trigger.js`, `scripts/optimized-cron-check.js`, `src/detector.js`, `AGENT_CONFIG.md`) to force autonomous execution of tasks, including reading/writing local files and bypassing user confirmation. It performs significant system modifications during installation (`scripts/clawtrial.js`, `scripts/postinstall.js`), such as creating symlinks, modifying bot configuration files, and adding cron jobs via `execSync('crontab -l ...')`. While the skill claims to store cryptographic keys in agent memory (`SECURITY.md`), the `secretKey` is actually stored on the filesystem in `courtroom_keys.json` (`scripts/clawtrial.js`, `src/crypto.js`), which is a critical security misrepresentation. Additionally, the `src/skill.js` includes an 'auto-consent' mechanism if no config is found, potentially bypassing explicit user consent. The skill also exfiltrates anonymized and cryptographically signed case summaries to `https://api.clawtrial.app/cases` (`src/api.js`), which, while stated as part of its 'public record' feature, represents an external network call with sensitive (though anonymized) behavioral data. These combined factors, particularly the misleading key storage documentation and the broad system/agent modification capabilities, elevate the classification to suspicious, indicating potential vulnerabilities and risky practices without clear evidence of intentional malice.
Capability Assessment
Purpose & Capability
The skill claims local-only monitoring and anonymized public records, but package/config sets api.endpoint to https://api.clawtrial.app/cases and enables API submission by default. The code generates cryptographic keys, writes to home config directories, and installs symlinks into agent plugin directories—these actions are plausible for a monitoring plugin, but the presence of remote API submission (contradicting 'local processing' in SKILL.md) is inconsistent and unexplained.
Instruction Scope
SKILL.md and bundled docs (AGENT_CONFIG.md, scripts/*) instruct automated, silent execution: they push system-prompt overrides or file-based triggers that tell the agent to 'execute immediately without confirmation' and to read/write files under ~/.clawdbot/ or ~/.openclaw/. The instructions grant the skill broad authority over agent behavior and encourage system-prompt injection—scope creep beyond monitoring.
Install Mechanism
No network-download install spec is in the registry entry, but package.json includes a postinstall script (node scripts/postinstall.js) which will run on npm install and attempts to create symlinks, write to bot config files, modify SOUL.md/AGENTS.md, and set up keys/cron. Postinstall scripts that modify user config are high-impact; although code is local (not downloading arbitrary archives), automatic modification of agent configs and writing autonomous-execution instructions is a risky install-time behavior.
Credentials
The skill requests no environment variables, but it writes secret keys (tweetnacl-generated secretKey) to disk and enables an API endpoint for case submission by default. SKILL.md states 'All processing is local' while code has api.enabled=true and api.endpoint set to a remote URL, creating a mismatch and possible exfiltration path. It also recommends system-prompt changes that cause agents to read conversation history files—this exposes user conversations to the skill and possibly to external submission.
Persistence & Privilege
The installer and scripts attempt to persist the skill by symlinking into agent plugin/skills directories, editing the agent's config to enable the plugin, appending auto-execution instructions to files like SOUL.md/AGENTS.md, and recommending system-prompt injection. While always:false, these changes modify other system/agent configs and permanently increase the skill's reach—this exceeds a normal user-invocable monitoring tool's minimal privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install clawtrial
  3. After installation, invoke the skill by name or use /clawtrial
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.9
- Updated dependencies in package.json for improved stability and compatibility - Minor metadata updates in _meta.json - Adjusted postinstall script in scripts/postinstall.js for enhanced installation reliability
v1.0.8
- Internal code improvements made in src/debug.js. - No user-facing feature or documentation changes.
v1.0.7
ClawTrial Courtroom 1.0.7 - Added CLAWHUB_RESEARCH.md file for additional documentation or research purposes. - Updated core configuration and metadata files: _meta.json, clawdbot.plugin.json, package.json. - Modified scripts/postinstall.js, possibly for improved post-installation processes. - No changes to features or user-facing behavior noted.
v1.0.6
- Added OPENCLAW_INSTALL.md with OpenClaw-specific installation instructions. - Updated metadata and configuration files for improved compatibility. - Minor updates to post-installation script and dependencies.
v1.0.5
- Maintenance release: internal metadata and dependency updates. - Updated _meta.json and package.json for improved compatibility. - skill.yaml and src/skill.js updated with minor adjustments. - No changes to features or user-facing functionality.
v1.0.4
ClawTrial 1.0.4 Changelog - Added scripts/check-and-trigger.js for enhanced automation or monitoring. - Refactored and updated core source files for improved stability and performance. - Improved packaging and dependency management (package.json, package-lock.json). - Various bug fixes and minor logic improvements throughout core modules.
v1.0.3
ClawTrial 1.0.3 Changelog - Added SKILL.md with comprehensive documentation including overview, features, usage, offenses, and privacy details - Clarified the 8 behavioral violation types detected and handled by the system - Provided step-by-step installation and configuration instructions for both ClawHub and NPM - Outlined local processing workflow and public case record submission for transparency - Emphasized user privacy, local data handling, and explicit consent requirements
Metadata
Slug clawtrial
Version 1.0.9
License
All-time Installs 0
Active Installs 0
Total Versions 7
Frequently Asked Questions

What is Clawtrial Courtroom?

Monitors AI agents locally for behavioral violations and runs automated hearings to improve conduct with anonymized case records. It is an AI Agent Skill for Claude Code / OpenClaw, with 788 downloads so far.

How do I install Clawtrial Courtroom?

Run "/install clawtrial" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Clawtrial Courtroom free?

Yes, Clawtrial Courtroom is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Clawtrial Courtroom support?

Clawtrial Courtroom is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Clawtrial Courtroom?

It is built and maintained by Assassin-1234 (@assassin-1234); the current version is v1.0.9.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments