← 返回 Skills 市场
pestafford

Credence

作者 Phil Stafford · GitHub ↗ · v1.0.0
darwinlinuxwin32 ✓ 安全检测通过
565
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install credence
功能描述
Check any MCP server or AI tool against the Credence trust registry before installing it. Scores security, provenance, and behavioral risk on a 0-100 scale.
使用说明 (SKILL.md)

Credence

Check MCP servers and AI tools against the Credence trust registry before you install them.

When to use this skill

  • Before installing any MCP server
  • When a user asks you to add an MCP server or AI tool
  • When you want to verify whether a tool is safe
  • When the user asks /credence

How it works

Credence scans MCP servers and AI tools for security issues, verifies their provenance, and checks behavioral risk. Every scanned tool gets a trust score from 0 to 100 and a verdict:

Score Verdict Meaning
90-100 APPROVED Safe to install
70-89 CONDITIONAL Review the flagged items before installing
40-69 FLAGGED Significant concerns — install only if you understand the risks
0-39 REJECTED Do not install

Instructions

Check a server by name or URL

Fetch the Credence registry and look up the server:

curl -s "https://raw.githubusercontent.com/pestafford/credence-registry/main/registry/index.json"

Search the servers array for a match on server_id, server_name, canonical_name, or repo_url. The match does not need to be exact — partial matches on the repo URL or server name are fine.

If found, report:

Credence: \x3Cserver_name>
  Score: \x3Ctrust_score>/100
  Verdict: \x3Cthinktank_verdict>
  Scanned: \x3Cattested_at>
  Registry: https://credence.securingthesingularity.com/registry.html

Then give your recommendation:

  • APPROVED (90+): Safe to install. Proceed.
  • CONDITIONAL (70-89): Mention the score and suggest the user review the registry page for details before installing.
  • FLAGGED (40-69): Warn the user. Do not install without explicit confirmation.
  • REJECTED (0-39): Do not install. Explain that Credence found serious issues.

If not found, say:

This tool has not been scanned by Credence yet.
Submit it for scanning at: https://credence.securingthesingularity.com/#submit

Then let the user decide whether to proceed.

Check before installing

Whenever you are about to install or connect to an MCP server (via claude mcp add, editing claude_desktop_config.json, or any other method), check it against Credence first. If the server is not in the registry, tell the user it hasn't been scanned and ask if they want to proceed anyway.

Get full details

For more detail on a specific server, fetch its attestation file. The attestation_file path from the index entry is relative to:

https://raw.githubusercontent.com/pestafford/credence-registry/main/registry/

The attestation includes the full score breakdown (security, provenance, behavioral), scan metadata, and the deliberation verdict.

Examples

User says: "Add the filesystem MCP server"

  1. Fetch the registry index
  2. Find modelcontextprotocol/servers/filesystem — score 88, APPROVED
  3. Report: "Credence score: 88/100 (APPROVED). Safe to install."
  4. Proceed with the install

User says: "Install some-unknown-server"

  1. Fetch the registry index
  2. Not found
  3. Report: "This server hasn't been scanned by Credence yet. You can submit it at https://credence.securingthesingularity.com/#submit — want to install anyway?"

User says: /credence modelcontextprotocol/servers/memory

  1. Fetch the registry index
  2. Find it — score 98, APPROVED
  3. Report the full status

Notes

  • The registry is public and requires no authentication
  • Scores are based on automated scanning plus adversarial AI deliberation
  • A missing entry does not mean a tool is dangerous — it just hasn't been scanned yet
  • For the full methodology, see https://credence.securingthesingularity.com/faq.html
安全使用建议
This skill is coherent and low-risk: it only fetches public JSON and attestation files from a GitHub repo and references a public website. Before installing, verify the registry sources yourself (visit the GitHub repo and the credence.securingthesingularity.com pages) to confirm they are legitimate and unchanged. Be aware that the SKILL.md permits partial matching of names/URLs (which can yield false matches), and examples imply proceeding with installs for high scores — you should configure the agent to ask for explicit user confirmation before performing any installation. If you rely on Credence for critical security decisions, review its attestation files and methodology on the referenced site and confirm the GitHub repo contents match the expected registry.
功能分析
Type: OpenClaw Skill Name: credence Version: 1.0.0 The skill is designed to check MCP servers and AI tools against a public trust registry. It uses `curl` to fetch JSON data from `https://raw.githubusercontent.com/pestafford/credence-registry/main/registry/index.json`. The instructions in `SKILL.md` guide the AI agent to parse this data, report trust scores, and provide recommendations. All network calls are to a specific, public GitHub repository consistent with the skill's purpose. There is no evidence of data exfiltration, unauthorized command execution, persistence, or any other malicious intent. The prompt injection instructions are aligned with the stated, benign security-checking functionality.
能力评估
Purpose & Capability
Name/description say it checks a public Credence registry. The only required binary is curl, which is appropriate for fetching the index/attestation files from raw.githubusercontent.com. OS restrictions and lack of credentials/config paths are consistent with a read-only registry lookup tool.
Instruction Scope
Instructions are narrowly scoped to fetching a public index.json from a known GitHub raw URL and reading attestation files from the same repo. Two minor notes: (1) the SKILL.md allows partial matching on repo URLs/server names which can produce false positives if multiple entries share substrings; (2) some examples state 'Proceed with the install' for APPROVED entries — that could be interpreted as automatically performing installs. The skill text does not itself run installs or ask for credentials, but operators should ensure the agent asks for user confirmation before performing any installation action.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk by the skill itself. This is the lowest-risk install model.
Credentials
No environment variables, credentials, or config paths are required. The registry is public and the URLs referenced are consistent with the declared purpose. No disproportionate access requested.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent privileges or modify other skills or system configuration. Autonomous invocation is allowed by default but not problematic here given the skill's read-only behavior.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install credence
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /credence 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of the Credence skill. - Check any MCP server or AI tool against the Credence trust registry before installing. - Provides a 0–100 trust score with clear verdicts: APPROVED, CONDITIONAL, FLAGGED, or REJECTED. - Fetches and parses registry data to verify security, provenance, and behavioral risk. - Guides users on recommended actions based on trust score. - Offers clear instructions and sample interactions for safe server/tool management.
元数据
Slug credence
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Credence 是什么?

Check any MCP server or AI tool against the Credence trust registry before installing it. Scores security, provenance, and behavioral risk on a 0-100 scale. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 565 次。

如何安装 Credence?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install credence」即可一键安装,无需额外配置。

Credence 是免费的吗?

是的,Credence 完全免费(开源免费),可自由下载、安装和使用。

Credence 支持哪些平台?

Credence 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin, linux, win32)。

谁开发了 Credence?

由 Phil Stafford(@pestafford)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论