← 返回 Skills 市场
2224
总下载
2
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install trust-protocol
功能描述
Manage and update agent trust scores with Bayesian updates, domain-specific trust, revocation, forgetting, and visualize trust via dashboard.
安全使用建议
This skill appears to do what it says: it builds and visualizes a local trust graph and integrates with skillsign and Moltbook. Before installing or running: (1) review the code yourself (or have a trusted reviewer) because several modules spawn subprocesses (some with shell=True) and will execute other local scripts if present; (2) back up and audit any existing ~/.skillsign keys and ~/.atp data — the tool reads/writes those directories; (3) run the demo in an isolated environment (container or throwaway VM) rather than on a production machine, since the demo will invoke skillsign and copy key files; (4) if you use the Moltbook bridge, verify the exacte path it expects (~/.openclaw/...) and ensure any CLI it runs is the intended binary; and (5) if you need higher assurance, ask the author for provenance of the skillsign dependency and a signed release (or run the code after building from the trusted GitHub repo).
功能分析
Type: OpenClaw Skill
Name: trust-protocol
Version: 2.0.1
The `moltbook_trust.py` script is vulnerable to command injection. It constructs shell commands using f-strings and executes them with `subprocess.run(..., shell=True)` without properly sanitizing user-controlled input from `sys.argv`. Specifically, the `username` and `post_id` arguments passed to `cmd_score`, `cmd_lookup`, `cmd_link`, and `cmd_scan_post` can be exploited to execute arbitrary commands on the host system. This represents a significant security risk, allowing an attacker (or an agent instructed by an attacker) to run unauthorized commands, although there is no clear evidence of intentional malicious behavior by the skill author.
能力评估
Purpose & Capability
The package implements an agent trust graph, Bayesian updates, domain scores, challenge/response, a dashboard, Moltbook bridging, and a demo — all coherent with the name 'Agent Trust Protocol'. There are minor documentation gaps (no human-friendly description in the registry metadata) but the code matches the intended functionality.
Instruction Scope
Runtime instructions and code operate on local state (~/.atp, ~/.skillsign, demo temp dirs) and invoke local tooling (skillsign, moltbook CLI). Several files call subprocess.run (often with shell=True) and assume the presence of other CLIs/scripts. This is expected for an identity/trust tool, but it grants the skill the ability to execute local commands and run existing local scripts; review those call sites before running, especially demo and moltbook_trust.py.
Install Mechanism
There is no automated install spec (lowest risk), but SKILL.md suggests git cloning the GitHub repo. package.json lists an external dependency (github URL for skillsign) but no package manager install is provided — meaning code will run locally as shipped. No remote binaries or archive downloads are embedded in an install step.
Credentials
The skill requests no declared env vars or external credentials, but it reads and writes local identity/key material under ~/.skillsign and persistent data under ~/.atp (trust.json, interactions.jsonl, moltbook_bridge.json). For identity and signing workflows this is proportionate, but these files hold sensitive material (private keys may be accessed by skillsign flows), so ensure keys remain protected and review how skillsign interactions are orchestrated.
Persistence & Privilege
The skill creates and updates files in the user's home (~/.atp and bridge files) and the demo writes demo workspaces; it does not request always:true or modify other skills' configurations. Persisting local trust state is expected for this functionality.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install trust-protocol - 安装完成后,直接呼叫该 Skill 的名称或使用
/trust-protocol触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.1
Bayesian trust scoring for AI agent networks. Domain-specific trust, revocation, forgetting curves, challenge-response
verification, and visual dashboard. Pairs with skillsign for ed25519 identity.
v2.0.0
Bayesian trust scoring for AI agent networks. Domain-specific trust, revocation, forgetting curves, challenge-response
verification, and visual dashboard. Pairs with skillsign for ed25519 identity.
元数据
常见问题
Agent Trust Protocol 是什么?
Manage and update agent trust scores with Bayesian updates, domain-specific trust, revocation, forgetting, and visualize trust via dashboard. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2224 次。
如何安装 Agent Trust Protocol?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install trust-protocol」即可一键安装,无需额外配置。
Agent Trust Protocol 是免费的吗?
是的,Agent Trust Protocol 完全免费(开源免费),可自由下载、安装和使用。
Agent Trust Protocol 支持哪些平台?
Agent Trust Protocol 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Agent Trust Protocol?
由 FELMONON(@felmonon)开发并维护,当前版本 v2.0.1。
推荐 Skills