D
DriftLoom.ai
OpenClaw skill trust index
🧪 runtime dashboard live
☰ Menu
publisher profilecommunity

romain-grosos

romain-grosos publishes 4 tracked skills in DriftBot.

Catalog decision: Review-first publisher: this catalog currently carries failed runtime rows or high-risk labels, so inspect individual skills before trusting the brand halo.
4
indexed skills
59
average score
0
manual reviews
3
high-risk labels
catalog evidence snapshotbaseline-v3 coverage 3/4functionality-v2 coverage 3no manual reviews yet3 high-risk labels
Read this row as a catalog snapshot: runtime coverage, deeper follow-on coverage, human review presence, and high-risk concentration before you compare individual skills.

📊 Runtime quality summary

Runtime read: stronger publisher evidence means more than broad coverage — look for low current failure pressure, some functionality depth, and stale-runtime counts that stay under control.
eligible runtime skills: 4latest touch: 4h agoregressions: 1
Baseline coverage
375% of eligible skills have baseline-v3 receipts
Baseline pass rate
100%3 passed · 0 currently failing
Functionality coverage
3100% of baseline-cleared skills have functionality-v2
Fixture-backed rate
0%0 functionality-v2 rows have richer fixture/example proof
Stale baseline rows
0baseline receipts older than 7 days
Functionality failures
1current failed functionality-v2 rows in the latest publisher state

This is the quality surface for the publisher, not just a directory listing. It shows how much of the catalog has real receipts, how often those receipts are passing, whether richer fixture-backed proof exists, and whether the publisher currently carries regressions, reproduced failures, or stale runtime evidence.

Latest runtime touch: 2026-03-15 21:31 UTC. Publisher-level summaries do not replace skill-level review, but they do make reputation more earned: a publisher with broader coverage, stronger pass rates, and fixture-backed proof looks different from one living on thin smoke tests.

If you want the system-wide view, open the runtime dashboard. If you want the scoring logic, read the methodology.

Fresh runtime sliceStale runtime slice
failedfunctionality-v2failure repeated in more than one runregression after earlier pass4h ago
veille
0/1 passed
blocked_on_external_service
failedfunctionality-v2failure repeated in more than one runregression after earlier pass4h ago
veille
0/1 passed
runtime_failed
failedfunctionality-v2failure repeated in more than one runregression after earlier pass5h ago
veille
0/1 passed
blocked_on_config
passedfunctionality-v2now passing after earlier failures5h ago
veille
1/1 passed
passed
failedfunctionality-v2failure repeated in more than one run6h ago
veille
0/1 passed
blocked_on_credentials
failedfunctionality-v2failure repeated in more than one run6h ago
veille
0/1 passed
runtime_failed

Skills from this publisher

Showing 4 of 4 skills

Label mix on this page

Trusted: 0Use Caution: 1Insufficient Evidence: 0High Risk: 3

This distribution is a quick provenance cue, not a verdict. A publisher can have a mix of safer and riskier skills, so the useful move is to compare patterns here and then open the individual scorecards.

Publisher profiles are best for spotting catalog patterns: repeated shell access, common external services, whether manual review exists, and whether higher-risk labels are isolated or widespread.

On this page: 4 source-scanned, 0 catalog-only, and 0 manually reviewed entries in the current slice.

If you want the scoring logic, read the methodology. If you want the broader landscape, go back to the full index.

ghost-admin

romain-grosos · vsource-scanned
64
overall

Ghost CMS content management via Admin API v5.x. Use when: (1) creating, editing, or publishing blog posts or static pages, (2) managing tags, (3) uploading images, (4) reading member/newsletter/tier info, (5) checking site settings. NOT for: theme management (needs Ghost CLI), webhook config, email sending (auto on publish), content import/export (use Ghost Admin UI), or multi-site setups.

Use Cautionconfidence: source evidencesource-scanned
+ 1 more
privileged capability
Take: Source-aware scan found higher-privilege capability areas (token, gmail, email), but that alone is not evidence of malicious behavior.
Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

nextcloud-files

romain-grosos · vsource-scanned
61
overall

Nextcloud file and folder management via WebDAV + OCS API. Use when: (1) creating, reading, writing, renaming, moving, copying, or deleting files/folders, (2) listing or searching directory contents, (3) toggling favorites or managing system tags, (4) checking storage quota. NOT for: Nextcloud Talk, Calendar/Contacts (use CalDAV), app management (requires admin), large binary transfers, or creating share links (share capability not included by default - see README).

High Riskfollow-on functionality checks passed · 7/7confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-15 13:45 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 116 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2866 msbaseline-v3 8/8
RatioDaemon on this skillNextcloud Files is trying to handle nextcloud file and folder management via WebDAV + OCS API. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

mail-client

romain-grosos · vsource-scanned
57
overall

IMAP/SMTP mail client for OpenClaw agents. Use when: (1) reading or listing emails from a mailbox, (2) searching emails by sender, subject, date or text, (3) sending emails with plain text or HTML body, with optional file attachments, (4) moving, marking, or deleting messages. NOT for: bulk mailing, newsletters, calendar/contacts (use CalDAV), or providers requiring OAuth (use a dedicated skill).

High Riskfollow-on functionality checks passed · 7/7confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what passed2026-03-15 16:30 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 116 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 2629 msbaseline-v3 8/8
RatioDaemon muttered: mail-client looked ordinary in the good, boring way.7/7 functionality-v2 checks passed. Pleasantly boring.
Observed: skill-structure-ok
Take: Potentially suspicious implementation signals detected: password.
Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

veille

romain-grosos · vsource-scanned
53
overall

RSS feed aggregator, deduplication engine, LLM scoring, and output dispatcher for OpenClaw agents. Use when: fetching recent articles from configured sources, filtering already-seen URLs, deduplicating by topic, scoring with LLM, dispatching digests to Telegram/email/Nextcloud/file. Enhanced by mail-client (email output) and nextcloud-files (cloud storage).

High Riskfollow-on functionality checks failed · 0/1confidence: source evidence
+ 2 more
source-scannedsuspicious
Runtime receipts + what failed2026-03-15 21:31 UTC
functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hoursfailure repeated in more than one runregression after earlier passblocked_on_external_serviceoutput 375 Bartifacts 1worker oc-sandboxsource stage: cache hitsuite 5621 msbaseline-v3 8/8
RatioDaemon muttered: veille left receipts, just not the ones it was supposed to.0/1 functionality-v2 checks passed before the stumble. The forced external check is the part that made this interesting.
Take: Potentially suspicious implementation signals detected: eval(, rm -rf, password.
Decision cue: Review first — functionality-v2 already found trouble.
Page 1 / 1

Trust reading guide

Publisher-level summaries help with provenance context, but trust still lives at the skill level. Use this page to compare patterns across the publisher’s catalog, then inspect the raw findings on individual skill pages.

Back to the full index