← 返回 Skills 市场
andyxinweiminicloud

Trust Decay Monitor

作者 andyxinweiminicloud · GitHub ↗ · v1.0.0
cross-platform ✓ 安全检测通过
518
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install trust-decay-monitor
功能描述
Helps track how AI skill verification results decay over time. A "verified" badge from 18 months ago may be meaningless today — dependencies updated, new att...
安全使用建议
This skill is internally coherent and lightweight: it only needs curl and python3 and is instruction-only. Before installing, consider: (1) the skill will fetch external resources (CVE feeds, marketplaces, endpoints) — if you don't want the agent making network calls, restrict network egress or run checks in a controlled environment; (2) the skill does not request credentials, but if you later ask it to check private marketplace profiles you will need to provide appropriate read-only API keys — prefer scoped, short-lived credentials; (3) trust scores are heuristic: use them to prioritize re-audits, not as definitive evidence of compromise; (4) because the skill can be invoked autonomously, be aware it may perform queries automatically if allowed — limit autonomous execution if you want to control when network checks occur.
功能分析
Type: OpenClaw Skill Name: trust-decay-monitor Version: 1.0.0 The skill's stated purpose is to monitor the decay of trust in AI skill verifications, which is a legitimate security-focused function. The `SKILL.md` file clearly describes this purpose, its inputs, outputs, and methodology without any evidence of prompt injection attempts, malicious instructions, or intent to subvert the agent. The required binaries (`curl`, `python3`) are general-purpose and plausibly needed for a security monitoring tool that would interact with various data sources, and their mere presence does not indicate malicious intent in this context. No other files suggest any harmful behavior.
能力评估
Purpose & Capability
The name/description (trust-freshness scoring, dependency churn, CVE checks, endpoint stability) aligns with required binaries (curl to fetch remote resources, python3 to analyze them). No environment variables, credentials, or unrelated binaries are requested.
Instruction Scope
SKILL.md is an instruction-only specification describing inputs (skill slug, marketplace URL, batch of IDs) and outputs (score, decay factors). It does not instruct reading unrelated local files or accessing credentials. It does imply network fetches (CVE databases, skill endpoints, marketplaces), which is coherent with its purpose.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk or installed by the skill itself. This minimizes persistence and supply-chain risk.
Credentials
The skill requests no environment variables or credentials. That is proportionate for a tool that performs public-data checks. Note: if a user wants to check private marketplace profiles or authenticated APIs, additional credentials would be required but are not requested by the skill as provided.
Persistence & Privilege
always is false and model invocation is allowed (default). The skill has no install-time persistence or requests to modify other skills. Autonomous invocation will permit network activity, which is expected for this monitoring function.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install trust-decay-monitor
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /trust-decay-monitor 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of trust-decay-monitor. - Tracks the freshness of AI skill verification audits, alerting when certifications may no longer be trustworthy. - Computes a trust freshness score based on time since audit, dependency changes, ecosystem shifts, endpoint stability, and time since last re-verification. - Outputs a detailed decay report with urgency recommendations for re-audit. - Supports both single skill and batch portfolio assessment. - Designed to help prioritize re-verification across changing security landscapes.
元数据
Slug trust-decay-monitor
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Trust Decay Monitor 是什么?

Helps track how AI skill verification results decay over time. A "verified" badge from 18 months ago may be meaningless today — dependencies updated, new att... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 518 次。

如何安装 Trust Decay Monitor?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install trust-decay-monitor」即可一键安装,无需额外配置。

Trust Decay Monitor 是免费的吗?

是的,Trust Decay Monitor 完全免费(开源免费),可自由下载、安装和使用。

Trust Decay Monitor 支持哪些平台?

Trust Decay Monitor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Trust Decay Monitor?

由 andyxinweiminicloud(@andyxinweiminicloud)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463952 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259891 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200743 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191405 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190379 · by oswalpalash

💬 留言讨论