Review a skill before an agent installs it.

`agent-skill-trust-check` reads a SKILL.md file, marketplace listing, or pasted skill text and returns a compact install verdict. It is built for sellers, buyers, and marketplaces that need a clear signal before local access, account access, payment actions, or external destinations enter the runtime.

open repo npm ai skill store paperclip release gate orkai private review

paid API: $0.01
paid skill: $7 / $12 gate
version: 0.1.2

local check

$ npm view agent-skill-trust-check version
$ npx --yes agent-skill-trust-check@latest \
  ./SKILL.md --json
$ node bin/agent-skill-trust-check-stdin.js \
  < ./SKILL.md
$ HOST=https://the402.tateprograms.com
$ curl -i "$HOST/api/x402/skill-trust-check"

signals:
  local access / file changes
  account and payment access
  external destinations / background behavior
  provenance and install notes

signals

A fast verdict on the parts that can hurt a buyer.

source

exec

Runtime power

Flags shell commands, filesystem writes, package install steps, background tasks, and instructions that move a skill beyond read-only guidance.

secrets

Credential pressure

Looks for API keys, wallet phrases, browser cookies, SSH material, private tokens, and vague requests for account access.

network

Outside calls

Separates harmless documentation links from command-driven fetches, webhooks, remote scripts, and services that receive user data.

provenance

Market fit

Checks whether the listing includes author, repo, version, license, install boundary, test notes, and enough evidence to justify trust.

boundary

No execution. No wallet. No account access.

trust boundary

{
  "runsSkillCode": false,
  "signsWalletMessages": false,
  "submitsPaymentHeaders": false,
  "needsPrivateCredentials": false,
  "output": [
    "score",
    "verdict",
    "findings",
    "missingSignals",
    "patchOrder"
  ]
}

fit

Useful before a skill becomes a paid dependency.

send a skill

seller

Before listing

Clean up unclear install steps, unsafe wording, missing versioning, and trust gaps before a marketplace buyer sees the page. The paid release-gate skill turns that into a skill card, permission ledger, and patch checklist.

buyer

Before install

Decide whether a skill is safe to test, needs sandboxing, or should be rejected until the author removes risky behavior.

marketplace

Before promotion

Add a simple intake gate for skills that mention payments, credentials, local code execution, remote scripts, or persistent agents.