Assess your Agent deployment against security risks using Trent.
Security Analysis
high confidenceThe skill's code, instructions, and requested credential (TRENT_API_KEY) are coherent with an OpenClaw security-audit tool that uploads redacted skill/config packages to a Trent service — nothing requested appears disproportionate to that purpose.
Name/description match the code and runtime instructions. The package collects OpenClaw metadata, packages workspace/skills, redacts common secret patterns, and uploads packages to Trent using a single API key (TRENT_API_KEY), which is expected for an external analysis service.
SKILL.md explicitly describes three phases (collect metadata, scan/package skills, upload with user confirmation, then deep analysis). The code limits reads to ~/.openclaw (or OPENCLAW_WORKSPACE), excludes .env/key files, redacts secrets, and observes size/symlink limits. Note: the skill relies on the agent/automation to obey the 'wait for user confirmation' step — if an agent ignores that instruction the tool can upload packaged code.
Instruction-only install (no external installer). All required functionality is bundled in the skill files; no downloads or external install steps are performed by the skill itself.
Only TRENT_API_KEY is required (primary credential), plus optional endpoint/workspace overrides. No unrelated credentials or system secrets are requested. The code explicitly excludes common secret file types and applies regex-based redaction before uploading.
always:false (normal). The skill can be invoked autonomously (platform default). Combined with its ability to package and upload workspace code, autonomous invocation increases risk if the agent acts without user approval — SKILL.md asks to prompt the user before uploading, but the platform does not enforce that.
Guidance
This skill appears to do what it says: collect OpenClaw metadata, package workspace skills (with redaction), and upload them to Trent for analysis using TRENT_API_KEY. Before installing or running: 1) Only provide a TRENT_API_KEY you trust (the key gives the remote service ability to accept uploads and run analyses). 2) Review and confirm the upload step when prompted — the code asks you to confirm before uploading, but an automated agent could bypass that prompt. 3) Be aware redaction is regex-based and may miss custom secret formats; remove or move any highly sensitive files (private keys, proprietary data) out of the workspace or keep them in environment variables rather than in files. 4) The client writes streaming output to temp files (tempfile.mktemp is used) — consider specifying output_file or cleaning temp files if you are concerned about local exposure. 5) If you don't want any code leaving your environment, do not confirm uploads; the local metadata-only Phase 1 and the system_analysis output functions can be used for limited local inspection. If you need more assurance, review the code yourself or run it in an isolated environment before granting the TRENT_API_KEY.
Latest Release
v1.2.0
- Phase 2 workflow improved: skill scanning now occurs before upload, with a clear preview of what will be sent and explicit user confirmation required. - User messaging updated to clarify the exact data being uploaded and how secrets are redacted, including warnings about custom secret formats. - Presentation of skill scan results enhanced with examples and tabular summaries. - Initial phase summary and upload prompts adjusted to be more transparent and user-friendly. - No code or functionality outside documentation changed.
Popular Skills
Published by @trent-ai-release on ClawHub
