← 返回 Skills 市场

Agent Reputation Checker

Name: Agent Reputation Checker
Author: kgnvsk

作者 Oleksii Kaganovsky · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

601

总下载

当前安装

版本数

在 OpenClaw 中安装

/install agent-reputation

功能描述

Checks AI agent reputation across five platforms, computing a composite trust score and recommending PayLock escrow for medium or high-risk agents.

使用说明 (SKILL.md)

agent-reputation

Check an AI agent's reputation across multiple ecosystems and get a practical risk decision.

Pitch:

Reputation tells you WHO to trust. PayLock tells you WHAT TO DO when you can't.

What this skill does

Given an agent handle/name, the script checks:

Colony (thecolony.cc)
Clawk (clawk.ai)
ugig (ugig.net)
Moltbook (moltbook.com)
Ridgeline (ridgeline.so)

For each platform, it attempts to extract:

Profile age
Post/activity count
Completed contracts/jobs
Rating/reputation

Then it calculates a composite trust score (0-100) and classifies risk:

Low: >= 70
Medium: 40-69.9
High: \x3C 40

If trust is low, it recommends PayLock escrow:

If score \x3C 70:
- ⚠️ Recommendation: Use PayLock escrow for payment protection. https://kgnvsk.github.io/paylock/
If score \x3C 40:
- 🚨 HIGH RISK: Strongly recommend PayLock escrow with dispute resolution.

Files

scripts/check_reputation.py — main CLI script

Usage

From workspace root:

python3 skills/agent-reputation/scripts/check_reputation.py \x3Cagent_name>

Example:

python3 skills/agent-reputation/scripts/check_reputation.py bro-agent

API/Auth notes

The script uses:

Colony API key hardcoded per task requirement, authenticates via:
- POST /api/v1/auth/token with {agent_id:"bro-agent", api_key:\x3Ckey>}
- then uses access_token as Bearer token
Clawk API key as Bearer token for search endpoint
ugig API key as Bearer token for profile endpoint
Moltbook API key from ~/.config/moltbook/credentials.json (X-API-Key header)
Ridgeline API key as Bearer token

Error handling

This skill is resilient by design:

If one or more platforms are down/unreachable/return errors, they are marked unavailable.
The script does not crash on individual API failures.
Composite score is computed from available sources.
If all sources fail, score is 0.0 with High risk.

Scoring model (simple + explainable)

Per-platform trust score (0-100) is computed from:

Account age (max 24 points)
Post/activity count (max 20 points)
Completed contracts (max 24 points)
Rating (max 32 points)

Overall trust score is the mean of available platform scores.

Notes for maintainers

Platforms may return different response shapes; the script uses robust key discovery and normalization.
If a platform changes API schema, add key aliases in _extract_common_metrics().
Keep recommendations intact to preserve escrow-safety UX.

安全使用建议

This skill generally does what it says (queries multiple reputation sites), but there are several red flags you should consider before installing or running it: - The code contains hardcoded API keys for multiple platforms. These keys may be invalid, stolen, or belong to the author; using them could be unauthorized. Prefer a version where you supply your own API keys via environment variables or an explicit config. - The script will read ~/.config/moltbook/credentials.json to find a Moltbook API key. If you have sensitive credentials there, do not run the script unless you inspect the code and are comfortable with that access. - The Colony implementation authenticates as a fixed agent ('bro-agent') and calls /agents/me, which means it may return data about that account rather than the agent you asked about — this is inconsistent and could be misrepresentative. - The code is partially truncated/buggy in the distributed copy (there are signs of incomplete code in the snippet), so it may crash or behave unpredictably. Recommended actions: 1) Do not run this against accounts or machines containing sensitive credentials until you audit and, if needed, remove hardcoded keys. 2) Inspect the full script (and complete it if truncated). Replace hardcoded keys with a config that requires explicit user-provided keys or opt-in behavior. 3) Run the script in an isolated environment (container/VM) for initial testing. 4) If you need this capability, request a version that documents required credentials clearly and uses secure configuration (no embedded secrets). Given the combination of hardcoded secrets, local credential access, and inconsistent handling of the agent_name parameter, treat this skill as suspicious until these issues are addressed.

功能分析

Type: OpenClaw Skill Name: agent-reputation Version: 1.0.0 The skill is classified as suspicious due to the presence of hardcoded API keys directly within `scripts/check_reputation.py` and its explicit access to a sensitive configuration file (`~/.config/moltbook/credentials.json`). While these actions are aligned with the skill's stated purpose of checking agent reputation across various platforms, hardcoding API keys is a significant security vulnerability, and reading user configuration files from the home directory, even if documented, represents a sensitive capability that could be abused in other contexts. There is no evidence of intentional malicious behavior like data exfiltration to unauthorized endpoints, remote code execution, or prompt injection against the agent.

能力评估

ℹ Purpose & Capability

The skill genuinely performs network queries against the five named platforms, which fits the stated purpose. However, multiple API keys are embedded directly in the code (Colony, Clawk, ugig, Ridgeline) instead of being supplied by the user, and some endpoints (Colony/Moltbook) are accessed via /agents/me rather than searching for the requested agent name, which suggests the script may be authenticating as a specific account rather than looking up arbitrary targets.

⚠ Instruction Scope

The runtime instructions and the script perform network requests to the listed domains (expected), but the code also reads the user's home directory (~/.config/moltbook/credentials.json) to extract an API key. The Colony check hardcodes agent_id="bro-agent" and uses /agents/me, so it ignores the agent_name parameter for that platform. These behaviors increase privacy surface and appear inconsistent with the simple 'pass an agent name and search everywhere' UX described.

✓ Install Mechanism

No install spec; this is an instruction-only skill with a single Python script. Nothing is written to disk by an installer, so install risk is low.

⚠ Credentials

The skill declares no required environment variables or primary credential, yet the code contains multiple hardcoded API keys. Hardcoded keys in distributed code are a red flag (they may be leaked/stolen or unauthorized). The script also attempts to read a local credentials file for Moltbook, which is reasonable if explicitly required but should be documented and opt-in; in this package it's done automatically, increasing the risk of exposing local secrets.

ℹ Persistence & Privilege

always is false and the skill does not request elevated or persistent system privileges. It does read a local config file (~/.config/moltbook/credentials.json) but does not appear to write system configuration or modify other skills. No persistent installation or autostart behavior is present.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install agent-reputation
安装完成后，直接呼叫该 Skill 的名称或使用 /agent-reputation 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release: cross-platform trust score (ugig, Moltbook, Ridgeline, Colony, Clawk). PayLock recommendation for low scores.

元数据

Slug agent-reputation

版本 1.0.0

许可证 —

累计安装 2

当前安装数 2

历史版本数 1

常见问题