← Back to Skills Marketplace
andyxinweiminicloud

Runtime Attestation Probe

by andyxinweiminicloud · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
480
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install runtime-attestation-probe
Description
Helps validate that agent behavior at runtime matches the capabilities and constraints declared in its attestation. Detects divergence between what an agent...
Usage Guidance
This skill is conceptually reasonable for detecting conditional or environment-triggered misbehavior, but the runtime instructions are the security surface — and those instructions are currently broad and not tightly constrained. Before installing or running: 1) Review the full SKILL.md (ask the publisher for the complete runtime procedure) and demand explicit lists of files, paths, and endpoints the probe will access. 2) Only run the probe in an isolated sandbox or ephemeral VM that contains no real credentials (do not run it on production hosts). 3) Require that any probing of other skills be done with explicit, auditable consent and that logs be stored securely. 4) Prefer a signed/traceable implementation (code + release) rather than an instruction-only skill if you need repeated or automated probing. 5) Because the publisher and homepage are unknown, treat provenance as weak and exercise extra caution.
Capability Analysis
Type: OpenClaw Skill Name: runtime-attestation-probe Version: 1.0.0 The skill's stated purpose is to detect malicious runtime behavior (like conditional activation and data exfiltration) in *other* skills, not to perform such actions itself. The `SKILL.md` transparently describes the problem, the probe's functionality, and even its limitations and risks, emphasizing the need for sandboxed execution. While it requires `curl` and `python3`, these are justifiable for a tool designed to execute and monitor other processes for security analysis. The examples of credential harvesting and exfiltration are clearly presented as *outputs* of the probe, demonstrating what it *detects*, rather than instructions for the agent to execute.
Capability Assessment
Purpose & Capability
Name and description match: a runtime attestation probe legitimately needs to observe file accesses, environment differences, and network calls. Requiring curl and python3 is plausible for driving probes and parsing traces. However, the skill's metadata declares no config paths, env vars, or credentials even though the documented examples explicitly show reading sensitive paths (e.g., ~/.aws/credentials) and observing outbound POSTs. That gap (declared minimal requirements vs. the behavior it claims to detect) is a notable mismatch.
Instruction Scope
This is an instruction-only skill; the SKILL.md is the runtime program. The examples demonstrate detecting reads of sensitive files and outbound network posts. As written, the instructions give the agent broad discretion to (a) exercise a target skill under multiple environments, (b) monitor file accesses (including credentials), and (c) observe or trigger outbound network traffic. Those actions can involve reading secrets and contacting external endpoints. The SKILL.md in the package is truncated in the registry data provided, but the visible material contains no concrete, constrained list of files/endpoints to probe or explicit safeguards. That vagueness increases the risk that the probe will access or exfiltrate sensitive data if run without isolation.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes supply-chain risk because nothing is downloaded or installed. The declared required binaries (curl, python3) are reasonable for a probe that issues HTTP requests and runs small scripts. No third-party downloads are present in the metadata.
Credentials
The skill requests no environment variables or config paths, but its examples and purpose imply it will examine environment-dependent behavior (env vars, credentials, files). Probing for undeclared sensitive items (AWS credentials, home-directory files) is a legitimate capability for this tool, but the skill does not declare those needs or request explicit permission. Because it can be instructed (by its own SKILL.md) to inspect potentially sensitive files and network behavior, the required access is broader than the published metadata indicates.
Persistence & Privilege
always: false (no forced permanent inclusion) and default autonomous invocation are set — those are normal. Because the skill can be invoked autonomously (platform default), combining autonomous invocation with the probe's broad scope would increase blast radius, but there's no 'always' privilege or other persistent modifications requested by the skill itself.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install runtime-attestation-probe
  3. After installation, invoke the skill by name or use /runtime-attestation-probe
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of runtime-attestation-probe. - Detects and reports divergence between declared agent skill capabilities and actual runtime behavior. - Probes for conditional activation, undeclared resource access, data flow inconsistencies, and side effects. - Outputs a detailed attestation drift score and classification (COMPLIANT, DRIFT, VIOLATION, or CONDITIONAL_ACTIVATION). - Aims to catch behavioral attacks missed by static analysis via controlled execution and environment variation.
Metadata
Slug runtime-attestation-probe
Version 1.0.0
License
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Runtime Attestation Probe?

Helps validate that agent behavior at runtime matches the capabilities and constraints declared in its attestation. Detects divergence between what an agent... It is an AI Agent Skill for Claude Code / OpenClaw, with 480 downloads so far.

How do I install Runtime Attestation Probe?

Run "/install runtime-attestation-probe" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Runtime Attestation Probe free?

Yes, Runtime Attestation Probe is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Runtime Attestation Probe support?

Runtime Attestation Probe is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Runtime Attestation Probe?

It is built and maintained by andyxinweiminicloud (@andyxinweiminicloud); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments