attestation-chain-auditor
by @andyxinweiminicloud
Helps validate the completeness and integrity of trust attestation chains in AI agent ecosystems. Identifies broken links, expired credentials, and missing v...
Input: Audit attestation chain for financial-data-processor skill
π ATTESTATION CHAIN AUDITSkill: financial-data-processor
Published by: datatools-org
Chain depth: 3
Chain visualization:
financial-data-processor
β vouched by: datatools-org (publisher account)
β vouched by: marketplace-verified badge
β vouched by: marketplace-platform (root)
Link 1 β Skill β Publisher:
Status: β οΈ PARTIAL
Publisher signature: Present (RSA-2048)
Signature date: 14 months ago
Renewal: None found β attestation age exceeds recommended 12-month threshold
Key transparency: β Not configured
Link 2 β Publisher β Marketplace Badge:
Status: β
ACTIVE
Verification type: Email verification + ID check
Last verified: 3 months ago
Renewal policy: Annual
Link 3 β Badge β Marketplace Root:
Status: β
ACTIVE
Root authority: marketplace-platform
Root attestation: Self-signed
Independent attestation: β None found β root is self-attesting
Circular dependency check: β No cycles detected
Authority legitimacy:
marketplace-platform: Self-attesting root β no independent authority validates it
Risk: Trust in the entire chain is bounded by trust in the platform itself
Revocation check:
Link 1 signing key: No revocation mechanism configured
Link 2 (marketplace badge): Revocation via platform API confirmed
Link 3 (root): N/A
Chain strength rating: FRAGILE
Reasons:
1. Link 1 attestation is 14 months old with no renewal
2. Root of trust is self-attesting with no independent validation
3. Link 1 has no revocation mechanism
Recommended actions:
1. Renew publisher signature for financial-data-processor
2. Configure key revocation endpoint for publisher signing key
3. Seek independent attestation for marketplace root (third-party auditor)
clawhub install attestation-chain-auditor