← Back to Skills Marketplace
2224
Downloads
2
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install trust-protocol
Description
Manage and update agent trust scores with Bayesian updates, domain-specific trust, revocation, forgetting, and visualize trust via dashboard.
Usage Guidance
This skill appears to do what it says: it builds and visualizes a local trust graph and integrates with skillsign and Moltbook. Before installing or running: (1) review the code yourself (or have a trusted reviewer) because several modules spawn subprocesses (some with shell=True) and will execute other local scripts if present; (2) back up and audit any existing ~/.skillsign keys and ~/.atp data — the tool reads/writes those directories; (3) run the demo in an isolated environment (container or throwaway VM) rather than on a production machine, since the demo will invoke skillsign and copy key files; (4) if you use the Moltbook bridge, verify the exacte path it expects (~/.openclaw/...) and ensure any CLI it runs is the intended binary; and (5) if you need higher assurance, ask the author for provenance of the skillsign dependency and a signed release (or run the code after building from the trusted GitHub repo).
Capability Analysis
Type: OpenClaw Skill
Name: trust-protocol
Version: 2.0.1
The `moltbook_trust.py` script is vulnerable to command injection. It constructs shell commands using f-strings and executes them with `subprocess.run(..., shell=True)` without properly sanitizing user-controlled input from `sys.argv`. Specifically, the `username` and `post_id` arguments passed to `cmd_score`, `cmd_lookup`, `cmd_link`, and `cmd_scan_post` can be exploited to execute arbitrary commands on the host system. This represents a significant security risk, allowing an attacker (or an agent instructed by an attacker) to run unauthorized commands, although there is no clear evidence of intentional malicious behavior by the skill author.
Capability Assessment
Purpose & Capability
The package implements an agent trust graph, Bayesian updates, domain scores, challenge/response, a dashboard, Moltbook bridging, and a demo — all coherent with the name 'Agent Trust Protocol'. There are minor documentation gaps (no human-friendly description in the registry metadata) but the code matches the intended functionality.
Instruction Scope
Runtime instructions and code operate on local state (~/.atp, ~/.skillsign, demo temp dirs) and invoke local tooling (skillsign, moltbook CLI). Several files call subprocess.run (often with shell=True) and assume the presence of other CLIs/scripts. This is expected for an identity/trust tool, but it grants the skill the ability to execute local commands and run existing local scripts; review those call sites before running, especially demo and moltbook_trust.py.
Install Mechanism
There is no automated install spec (lowest risk), but SKILL.md suggests git cloning the GitHub repo. package.json lists an external dependency (github URL for skillsign) but no package manager install is provided — meaning code will run locally as shipped. No remote binaries or archive downloads are embedded in an install step.
Credentials
The skill requests no declared env vars or external credentials, but it reads and writes local identity/key material under ~/.skillsign and persistent data under ~/.atp (trust.json, interactions.jsonl, moltbook_bridge.json). For identity and signing workflows this is proportionate, but these files hold sensitive material (private keys may be accessed by skillsign flows), so ensure keys remain protected and review how skillsign interactions are orchestrated.
Persistence & Privilege
The skill creates and updates files in the user's home (~/.atp and bridge files) and the demo writes demo workspaces; it does not request always:true or modify other skills' configurations. Persisting local trust state is expected for this functionality.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install trust-protocol - After installation, invoke the skill by name or use
/trust-protocol - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.1
Bayesian trust scoring for AI agent networks. Domain-specific trust, revocation, forgetting curves, challenge-response
verification, and visual dashboard. Pairs with skillsign for ed25519 identity.
v2.0.0
Bayesian trust scoring for AI agent networks. Domain-specific trust, revocation, forgetting curves, challenge-response
verification, and visual dashboard. Pairs with skillsign for ed25519 identity.
Metadata
Frequently Asked Questions
What is Agent Trust Protocol?
Manage and update agent trust scores with Bayesian updates, domain-specific trust, revocation, forgetting, and visualize trust via dashboard. It is an AI Agent Skill for Claude Code / OpenClaw, with 2224 downloads so far.
How do I install Agent Trust Protocol?
Run "/install trust-protocol" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Agent Trust Protocol free?
Yes, Agent Trust Protocol is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Agent Trust Protocol support?
Agent Trust Protocol is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Agent Trust Protocol?
It is built and maintained by FELMONON (@felmonon); the current version is v2.0.1.
More Skills