🧪

Vet OpenClaw skill provenance before a community install reaches production

arc-trust-verifier helps review publisher, version, dependency, and attestation signals before installing a ClawHub skill.

Original
Jul 12, 2026
Status & Access
Current access and latest update details.
Access
Free
Updated
Jul 12, 2026, 10:56 AM

What it is

arc-trust-verifier is a community OpenClaw skill for checking trust signals around ClawHub skills before you install or distribute them. Its listing says it analyzes publisher reputation, version consistency, content integrity, dependency chains, and signed attestations.

Who should use it

Use this as an evaluation candidate if you manage shared OpenClaw workspaces, test community skills, or need a repeatable pre-install review step for agents that can touch files, credentials, browsers, or external services.

Setup surface

The public listing shows install commands for OpenClaw CLI and ClawHub CLI, but this item is an editorial candidate only. Do not install it on a production OpenClaw host until you have reviewed the SKILL.md, scripts, dependency behavior, and registry metadata in a disposable environment.

Risk notes

The clawskills.sh page currently shows suspicious security signals from VirusTotal and OpenClaw status fields. Treat that as a reason to inspect the source carefully, not as a recommendation to run it. If you evaluate it, prefer a locked-down test workspace with no secrets and compare its claims against manual checks.

Source links

  • Awesome OpenClaw Skills lists arc-trust-verifier under Git & GitHub as a provenance and trust-score skill.
  • clawskills.sh provides the public skill page, version notes, setup commands, and security status.
  • ClawHub provides the registry page for the publisher and skill slug.
Discussion

Sign in to join the discussion and vote on comments.

No comments yet. Start the discussion.
Keep exploring

More from this topic

More in OpenClaw