domain-trust-check
URL safety scanner and domain reputation checker. Use when: checking if a URL is safe before visiting, scanning links in emails/messages, verifying domains for phishing/malware/scam. NOT for: submitting malicious domains for bounty rewards (use outtake-bounty-network).
Why use this skill?
Enhance your AI agent's security with domain-trust-check. Instantly scan URLs for phishing, malware, and scams using the Outtake Trust API.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/jamesouttake/domain-trust-checkWhat This Skill Does
The domain-trust-check skill is an essential security layer for your AI agent, designed to evaluate the safety and legitimacy of any URL before your agent interacts with it. By leveraging the comprehensive Outtake Trust API, this skill identifies phishing attempts, malware distribution points, brand impersonation, and other malicious online activities. It acts as a gatekeeper, providing an objective 'verdict' and 'safe_to_visit' status, ensuring that your agent's interactions remain secure and compliant with modern web safety standards.
Installation
To integrate this capability into your workflow, use the command: clawhub install openclaw/skills/skills/jamesouttake/domain-trust-check. Before beginning, ensure you have registered your agent with the Outtake service via the /api/v1/agent/register endpoint. Once you receive your api_key, export it as OUTTAKE_API_KEY in your environment. Remember that the API key is provided only once during registration, so store it securely.
Use Cases
This skill is highly versatile for any agent handling external content. Use it to scan links embedded in incoming emails to prevent social engineering attacks. It is ideal for vetting third-party URLs shared in group chats or documents before a user clicks them. Developers can integrate it into automated research agents to ensure they only scrape or summarize content from reputable, safe domains, effectively protecting the local infrastructure from malicious payloads.
Example Prompts
- 'I just received this link in an email: https://verify-your-account-now.com. Can you check if it is safe for me to click?'
- 'Please scan the following list of URLs for potential phishing or malware risks: [https://site-a.com, https://site-b.net, https://site-c.org].'
- 'Before I browse to this domain for my research project, can you perform a reputation check to ensure it doesn't have a history of brand abuse?'
Tips & Limitations
For efficiency, always prioritize the batch checking endpoint when analyzing more than two URLs simultaneously, as it significantly reduces latency and API overhead. Note that while ML-based classifications are highly effective, confidence scores ranging from 0.7 to 0.99 should be interpreted as indicators rather than guarantees. Always treat 'unknown' results with caution—lack of data does not equate to confirmed safety. Finally, do not use this skill for reporting malicious sites to receive bounties; instead, use the dedicated outtake-bounty-network skill for that purpose to ensure your submissions follow the correct protocol.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-jamesouttake-domain-trust-check": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: external-api
Related Skills
outtake-bounty-network
Earn $5 USDC per verified malicious domain. Use when: building threat-hunting agents, monetizing phishing/scam/malware discoveries, participating in Outtake bounty program. NOT for: checking if a URL is safe (use domain-trust-check).
skill-guard
Scan ClawHub skills for security vulnerabilities BEFORE installing. Use when installing new skills from ClawHub to detect prompt injections, malware payloads, hardcoded secrets, and other threats. Wraps clawhub install with mcp-scan pre-flight checks.