Security

Marketplace Trust Gate

Your pre-install risk gate for OpenClaw marketplace and community skills. Get a scored INSTALL_OK / REVIEW_BEFORE_INSTALL / DO_NOT_INSTALL verdict with severity-ranked findings and secrets automatically redacted — before untrusted code enters your environment.

Buy Now — $4.99

One-time purchase · Instant download · Yours forever

What it does

Marketplace Trust Gate is a buyer-side pre-install risk gate for OpenClaw marketplace and community skills. Before installing any third-party skill, point it at the local skill folder and get a scored recommendation with severity-ranked findings and secret values automatically redacted from evidence output.

It detects remote-installer-pipe patterns (curl|bash), subprocess execution, destructive commands, prompt-boundary overrides, and network-write patterns — without executing the inspected code. Stdlib-only, read-only, mutated_files: [].

Use cases

What it detects

Example usage

python3 scripts/trust_gate.py --target /path/to/skill-folder --json
python3 scripts/trust_gate.py --self-test --json

Example output

{
  "ok": true,
  "recommendation": "INSTALL_OK",
  "risk_score": 0,
  "findings": [],
  "files_scanned": 4,
  "mutated_files": []
}

Requirements

QA and security

This skill has been reviewed and cleared for release through the GetAgentIQ release pipeline with Viper QA (4/4 scenarios PASS including secret redaction confirmation) and Warlock security sign-off (2026-05-29). Stdlib-only, read-only scanner — never executes inspected code, no network calls, no config or cron mutation, mutated_files: [].

Ready to get started?

One-time purchase. No subscription. Download instantly and use forever.

Buy Now — $4.99
Category: Security Price: $4.99 USD Released: 2026-05-29