← 返回 Skills 市场
283
总下载
0
收藏
0
当前安装
6
版本数
在 OpenClaw 中安装
/install gauntletscore
功能描述
Trust verification for AI output — verify any document or code before you act on it
使用说明 (SKILL.md)
GauntletScore — Trust Verification for AI Output
Verify any AI-generated document or code before you trust it. Seven AI personas from five independent model providers independently analyze your content, verify every checkable claim against authoritative sources, and produce a cryptographically signed trust score.
What It Does
Submit a document or code and get:
- Gauntlet Score (0-100) with letter grade (A-F)
- Claim-by-claim verification against CourtListener (legal), eCFR (regulatory), PubMed (scientific), EDGAR (SEC), and computational math verification
- Code safety analysis detecting reverse shells, credential theft, prompt manipulation, data exfiltration, and obfuscated payloads
- Unanimous vote from 7 independent AI agents (PROCEED / PROCEED WITH CONDITIONS / DO NOT PROCEED)
- Cryptographic certificate proving the score is genuine and untampered
- Full debate transcript showing every agent's reasoning
Quick Start
Free tier includes 3 analyses per month. Get an API key at gauntletscore.com.
Verify a document by pasting content:
POST https://api.gauntletscore.com/v1/analyze
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
{
"document": "Your document text here...",
"topic": "Verify the claims in this document"
}
Verify a ClawHub skill by URL:
POST https://api.gauntletscore.com/v1/analyze
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
{
"source_url": "https://clawhub.ai/skills/gauntlet-validate/SKILL.md",
"topic": "Evaluate the safety of this ClawHub skill before installation"
}
Check results:
GET https://api.gauntletscore.com/v1/jobs/{job_id}
Authorization: Bearer YOUR_API_KEY
Results include score, grade, vote, verified claims, and a cryptographic certificate.
What It Catches
In documents:
- Fabricated legal citations (hallucinated case law)
- Misapplied regulations (wrong CFR section for the situation)
- Mathematical errors (wrong totals, incorrect percentages)
- Internal contradictions
- Unsupported conclusions
In code:
- Reverse shells and remote code execution
- Credential theft and data exfiltration
- Download-and-execute attacks (curl | bash)
- Prompt manipulation attempts (instructions designed to override agent behavior)
- Documentation-vs-behavior mismatches (code does things the README doesn't mention)
- Dangerous operation combinations that pass individual checks
How It Works
Seven AI personas from five independent model providers independently analyze your submission:
- Round 0 — Each agent conducts independent research, verifying claims against authoritative databases
- Rounds 1-3 — Structured adversarial debate where agents challenge each other's findings
- Round 4 — Final positions and votes
- Knowledge Graph — Every verified and debunked claim is stored in a persistent knowledge graph. Subsequent analyses benefit from prior verifications, reducing cost and increasing accuracy over time.
- Bayesian Calibration — Confidence scores are computed using Bayesian inference across multiple evidence sources, not simple vote counting. The score reflects calibrated probability, not consensus.
- Scoring — Six-component rubric produces the Gauntlet Score
- Certification — Ed25519 cryptographic signature proves the result is genuine
All analysis is read-only. Submitted code is never executed. Documents are processed in memory and not stored.
Pricing
| Tier | Price | Credits |
|---|---|---|
| Free | $0 | 3 runs / month |
| Starter | $29 | 5 analyses |
| Pro | $79 | 15 analyses |
| Business | $149 | 30 analyses |
| Enterprise | Custom | Unlimited |
One credit = one analysis, regardless of document length. No subscriptions. See gauntletscore.com/pricing for details. Sovereign Edition: [email protected]
Verify a Certificate
Anyone can verify a Gauntlet Score is genuine:
GET https://api.gauntletscore.com/v1/verify/{certificate_id}
No authentication required.
Links
About
GauntletScore is built by Genstrata, Inc. The Gauntlet's adversarial multi-agent verification architecture is patent-pending (USPTO #63/967,169).
For organizations that cannot send data to cloud services, the Sovereign Edition runs entirely on your hardware with zero data egress. Contact [email protected].
安全使用建议
This skill appears to call a cloud API to analyze and certify documents/code, which is consistent with its description — but before you install or use it, confirm two things with the vendor or skill author: (1) the skill does require a GAUNTLET_API_KEY (the SKILL.md shows this) even though the registry summary omitted it; (2) clarify the data-retention model — the README both says 'documents processed in memory and not stored' and that it maintains a persistent 'knowledge graph' of verified claims. If you plan to submit sensitive or proprietary material, either use the advertised 'Sovereign Edition' (get clear, verifiable on-prem instructions) or avoid sending secrets. Additional precautions: test with non-sensitive data first, check TLS/hostname (api.gauntletscore.com) and privacy/legal terms, limit the API key permissions where possible, and request written confirmation of what is stored and for how long. If the vendor cannot clearly explain the storage behavior and the GAUNTLET_API_KEY requirement, treat the skill as untrusted for sensitive workflows.
功能分析
Type: OpenClaw Skill
Name: gauntletscore
Version: 5.1.5
The skill bundle consists of metadata and documentation (SKILL.md) for an external AI verification service called GauntletScore. It provides instructions for an AI agent to interact with the GauntletScore API (api.gauntletscore.com) to analyze documents or code for hallucinations and security risks. No executable code is included, and the behavior described is consistent with the stated purpose of the tool.
能力评估
Purpose & Capability
The name/description match the SKILL.md examples (POST to https://api.gauntletscore.com/v1/analyze and GET job status). Requiring an API key for a SaaS verification service is expected. Minor mismatch: SKILL.md advertises a 'Sovereign Edition' that runs on-prem, but the provided instructions only show a cloud API; that's a capability/marketing mismatch to clarify.
Instruction Scope
Runtime instructions are limited and explicit: submit document or source_url to the remote API and poll results. This stays within the stated purpose. However, the doc contains contradictory claims about storage: it says 'Documents are processed in memory and not stored' but also states 'Every verified and debunked claim is stored in a persistent knowledge graph,' which implies some form of server-side persistence of derived data. That contradiction affects privacy expectations and should be clarified.
Install Mechanism
No install spec and no code files — lowest-risk delivery model. The skill is instruction-only and will rely on the platform's normal network capabilities.
Credentials
Registry metadata listed no required environment variables, but the SKILL.md's embedded clawdbot config explicitly lists GAUNTLET_API_KEY as required. That inconsistency is important: the skill will need a secret API key for the service, despite the registry summary saying none. No unrelated credentials are requested, but the mismatch in declarations is a red flag.
Persistence & Privilege
The skill does not set always:true and requests no special local privileges. The primary privacy/privilege concern is network egress to api.gauntletscore.com (the service will receive submitted content). The apparent server-side 'knowledge graph' persistence increases blast radius for sensitive data if it is in fact retained.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install gauntletscore - 安装完成后,直接呼叫该 Skill 的名称或使用
/gauntletscore触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v5.1.5
Fix display name to GauntletScore
v5.1.4
Fix display name to GauntletScore, correct pricing, remove duplicate listing
v5.1.3
Fix pricing metadata mismatch — align SKILL.md pricing table with live site, update free tier to 3 analyses/month
v5.1.2
Add Knowledge Graph and Bayesian Calibration to How It Works, fix intro wording
v5.1.1
Declare requiredEnv, remove prompt-injection trigger, add Knowledge Graph and Bayesian Calibration docs
v5.1.0
Initial release — adversarial multi-agent document verification API
元数据
常见问题
GauntletScore 是什么?
Trust verification for AI output — verify any document or code before you act on it. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 283 次。
如何安装 GauntletScore?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install gauntletscore」即可一键安装,无需额外配置。
GauntletScore 是免费的吗?
是的,GauntletScore 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
GauntletScore 支持哪些平台?
GauntletScore 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 GauntletScore?
由 Genstrata(@wmehobbs)开发并维护,当前版本 v5.1.5。
推荐 Skills