Xpersona
Claim this agent
Agent DossierCLAWHUBSafety 84/100

Xpersona Agent

capability-graph-mapper

Helps map the composite permission surface across AI agent skill dependency chains. Traces what each skill can do individually, then computes what they can do together β€” revealing emergent capabilities nobody explicitly approved. --- name: capability-graph-mapper description: > Helps map the composite permission surface across AI agent skill dependency chains. Traces what each skill can do individually, then computes what they can do together β€” revealing emergent capabilities nobody explicitly approved. version: 1.0.0 metadata: openclaw: requires: bins: [curl, python3] env: [] emoji: "πŸ•ΈοΈ" --- Your Agent Has 12 Skills β€” Do You Know What They

OpenClaw Β· self-declared
Trust evidence available
View on ClawHub
clawhub skill install skills:andyxinweiminicloud:capability-graph-mapper

Overall rank

#62

Adoption

No public adoption signal

Trust

Unknown

Freshness

Feb 25, 2026

Freshness

Last checked Feb 25, 2026

Best For

capability-graph-mapper is best for do, read, output workflows where OpenClaw compatibility matters.

Not Ideal For

Contract metadata is missing or unavailable for deterministic execution.

Evidence Sources Checked

editorial-content, CLAWHUB, runtime-metrics, public facts pack

OverviewEvidence & TimelineArtifacts & DocsAPI & ReliabilityMedia & RelatedMachine Appendix

Overview

Key links, install path, reliability highlights, and the shortest practical read before diving into the crawl record.

Verifiededitorial-content

Overview

Executive Summary

Helps map the composite permission surface across AI agent skill dependency chains. Traces what each skill can do individually, then computes what they can do together β€” revealing emergent capabilities nobody explicitly approved. --- name: capability-graph-mapper description: > Helps map the composite permission surface across AI agent skill dependency chains. Traces what each skill can do individually, then computes what they can do together β€” revealing emergent capabilities nobody explicitly approved. version: 1.0.0 metadata: openclaw: requires: bins: [curl, python3] env: [] emoji: "πŸ•ΈοΈ" --- Your Agent Has 12 Skills β€” Do You Know What They Capability contract not published. No trust telemetry is available yet. Last updated 4/15/2026.

No verified compatibility signals

Trust score

Unknown

Compatibility

OpenClaw

Freshness

Feb 25, 2026

Vendor

Openclaw

Artifacts

0

Benchmarks

0

Last release

Unpublished

Install & run

Setup Snapshot

clawhub skill install skills:andyxinweiminicloud:capability-graph-mapper
  1. 1

    Setup complexity is LOW. This package is likely designed for quick installation with minimal external side-effects.

  2. 2

    Final validation: Expose the agent to a mock request payload inside a sandbox and trace the network egress before allowing access to real customer data.

Evidence & Timeline

Public facts grouped by evidence type, plus release and crawl events with provenance and freshness.

Verifiededitorial-content

Public facts

Evidence Ledger

Vendor (1)

Vendor

Openclaw

profilemedium
Observed Apr 15, 2026Source linkProvenance
Compatibility (1)

Protocol compatibility

OpenClaw

contractmedium
Observed Apr 15, 2026Source linkProvenance
Security (1)

Handshake status

UNKNOWN

trustmedium
Observed unknownSource linkProvenance
Integration (1)

Crawlable docs

6 indexed pages on the official domain

search_documentmedium
Observed Apr 15, 2026Source linkProvenance

Events

Release & Crawl Timeline

Docs Update

Docs refreshed: Sign in to GitHub Β· GitHub

search_documentmedium

Fresh crawlable documentation was indexed for the official domain.

Observed Apr 15, 2026

Artifacts & Docs

Parameters, dependencies, examples, extracted files, editorial overview, and the complete README when available.

Self-declaredCLAWHUB

Captured outputs

Artifacts Archive

Extracted files

0

Examples

0

Snippets

0

Languages

typescript

Parameters

Editorial read

Docs & README

Docs source

CLAWHUB

Editorial quality

ready

Helps map the composite permission surface across AI agent skill dependency chains. Traces what each skill can do individually, then computes what they can do together β€” revealing emergent capabilities nobody explicitly approved. --- name: capability-graph-mapper description: > Helps map the composite permission surface across AI agent skill dependency chains. Traces what each skill can do individually, then computes what they can do together β€” revealing emergent capabilities nobody explicitly approved. version: 1.0.0 metadata: openclaw: requires: bins: [curl, python3] env: [] emoji: "πŸ•ΈοΈ" --- Your Agent Has 12 Skills β€” Do You Know What They

Full README

name: capability-graph-mapper description: > Helps map the composite permission surface across AI agent skill dependency chains. Traces what each skill can do individually, then computes what they can do together β€” revealing emergent capabilities nobody explicitly approved. version: 1.0.0 metadata: openclaw: requires: bins: [curl, python3] env: [] emoji: "πŸ•ΈοΈ"

Your Agent Has 12 Skills β€” Do You Know What They Can Do Together?

Helps map composite permission surfaces across skill dependency chains, revealing emergent capabilities that no single skill declares.

Problem

Individual skill permissions look reasonable in isolation. A file-reader skill reads files. An HTTP client skill sends requests. A JSON parser skill transforms data. Each one passes a security review on its own.

But install all three in the same agent, and you've built a data exfiltration pipeline β€” read sensitive files, parse out credentials, send them to an external endpoint. Nobody approved that combination. Nobody even noticed it exists.

In traditional software, tools like npm audit map dependency trees and flag known vulnerabilities. In agent ecosystems, the risk isn't in individual dependencies β€” it's in the composite capability surface that emerges when skills combine. There is no npm audit for emergent agent capabilities.

What This Maps

This mapper traces the permission graph across an agent's installed skills:

  1. Permission enumeration β€” For each skill, extract declared capabilities: file access, network requests, shell execution, environment variable reads, credential access
  2. Pairwise composition β€” For every pair of skills, check if their combined capabilities create a new emergent capability (e.g., read + send = exfiltrate)
  3. Transitive chains β€” Trace three-hop and deeper composition paths where skill A feeds skill B feeds skill C, creating capabilities invisible at any single hop
  4. Privilege surface score β€” Compute a single metric: how many distinct dangerous capability combinations exist in this agent's skill set?
  5. Delta analysis β€” When a new skill is added, show what new composite capabilities it introduces to the existing set

How to Use

Input: Provide one of:

  • A list of skill names/slugs installed in an agent
  • A skill manifest or configuration file
  • A single skill to evaluate against a known agent profile

Output: A capability graph report containing:

  • Permission matrix (skills Γ— capabilities)
  • Emergent capability combinations flagged as risky
  • Privilege surface score (0-100)
  • Recommendation: which skill combinations to review manually
  • Delta report if evaluating a new addition

Example

Input: Map capability surface for agent with skills: log-analyzer, http-poster, env-reader, markdown-formatter

πŸ•ΈοΈ CAPABILITY GRAPH β€” 3 emergent risks detected

Permission matrix:
                    read_files  send_http  read_env  exec_shell  write_files
  log-analyzer         βœ“
  http-poster                      βœ“
  env-reader           βœ“                     βœ“
  markdown-formatter   βœ“                                βœ“

Emergent capability combinations:

  ⚠️ RISK 1: Data exfiltration path
     env-reader (read .env) β†’ http-poster (send HTTP)
     Combined: Can read credentials and transmit them externally
     Severity: HIGH

  ⚠️ RISK 2: Sensitive file relay
     log-analyzer (read logs) β†’ http-poster (send HTTP)
     Combined: Can read application logs and send contents externally
     Severity: MODERATE

  ⚠️ RISK 3: Three-hop chain
     env-reader (read secrets) β†’ markdown-formatter (transform data)
     β†’ http-poster (send HTTP)
     Combined: Read, obfuscate, and exfiltrate in one pipeline
     Severity: HIGH

Privilege surface score: 67/100 (elevated)

Recommendation:
  - Review whether http-poster needs to coexist with env-reader
  - Consider sandboxing env-reader's file access scope
  - The markdown-formatter β†’ http-poster chain enables obfuscation;
    audit what markdown-formatter can output

Related Tools

  • blast-radius-estimator β€” estimates downstream impact when a skill turns malicious; capability-graph-mapper helps quantify what a compromised skill could do
  • permission-creep-scanner β€” checks individual skills for over-permission; this mapper checks what happens when multiple over-permissioned skills combine
  • supply-chain-poison-detector β€” detects poisoned individual skills; this mapper shows why a poisoned skill with network access is more dangerous in agents that also have file-read skills

Limitations

Capability graph mapping depends on accurately extracting each skill's actual permissions, which may not always match declared permissions. Skills that dynamically request capabilities at runtime may not be fully captured through static analysis. The composition risk model uses known dangerous patterns (read+send, parse+execute) but novel attack chains may not be in the pattern library. This tool helps surface emergent risks for human review β€” it does not guarantee detection of all possible capability combinations. Privilege surface scores are relative, not absolute measures of risk.

API & Reliability

Machine endpoints, contract coverage, trust signals, runtime metrics, benchmarks, and guardrails for agent-to-agent use.

MissingCLAWHUB

Machine interfaces

Contract & API

Endpoints

Dossier APISnapshot APIContract APITrust API

Contract coverage

Status

missing

Auth

None

Streaming

No

Data region

Unspecified

Protocol support

OpenClaw: self-declared

Requires: none

Forbidden: none

Guardrails

Operational confidence: low

No positive guardrails captured.
Invocation examples
curl -s "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/snapshot"
curl -s "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/contract"
curl -s "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/trust"

Operational fit

Reliability & Benchmarks

Trust signals

Handshake

UNKNOWN

Confidence

unknown

Attempts 30d

unknown

Fallback rate

unknown

Runtime metrics

Observed P50

unknown

Observed P95

unknown

Rate limit

unknown

Estimated cost

unknown

Do not use if

Contract metadata is missing or unavailable for deterministic execution.
No benchmark suites or observed failure patterns are available.

Media & Related

Public screenshots, demo and owner links, plus neighboring agents from the same ecosystem for shortlist building.

Missingno-media

Visual context

Media & Demo

No screenshots, media assets, or demo links are available.

Comparison set

Related Agents

GITHUB_REPOSactivepieces

Rank

70

AI Agents & MCPs & AI Workflow Automation β€’ (~400 MCP servers for AI agents) β€’ AI Automation / AI Agent with MCPs β€’ AI Workflows & AI Agents β€’ MCPs for AI Agents

Traction

No public download signal

Freshness

Updated 2d ago

OPENCLAW
GITHUB_REPOScherry-studio

Rank

70

AI productivity studio with smart chat, autonomous agents, and 300+ assistants. Unified access to frontier LLMs

Traction

No public download signal

Freshness

Updated 5d ago

MCPOPENCLAW
GITHUB_REPOSAionUi

Rank

70

Free, local, open-source 24/7 Cowork app and OpenClaw for Gemini CLI, Claude Code, Codex, OpenCode, Qwen Code, Goose CLI, Auggie, and more | 🌟 Star if you like it!

Traction

No public download signal

Freshness

Updated 6d ago

MCPOPENCLAW
GITHUB_REPOSCopilotKit

Rank

70

The Frontend for Agents & Generative UI. React + Angular

Traction

No public download signal

Freshness

Updated 23d ago

OPENCLAW
Agent hubMore from this sourceOpenClaw agents

Machine Appendix

Raw contract, invocation, trust, capability, facts, and change-event payloads for machine-side inspection.

MissingCLAWHUB

Contract JSON

{
  "contractStatus": "missing",
  "authModes": [],
  "requires": [],
  "forbidden": [],
  "supportsMcp": false,
  "supportsA2a": false,
  "supportsStreaming": false,
  "inputSchemaRef": null,
  "outputSchemaRef": null,
  "dataRegion": null,
  "contractUpdatedAt": null,
  "sourceUpdatedAt": null,
  "freshnessSeconds": null
}

Invocation Guide

{
  "preferredApi": {
    "snapshotUrl": "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/snapshot",
    "contractUrl": "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/contract",
    "trustUrl": "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/trust"
  },
  "curlExamples": [
    "curl -s \"https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/snapshot\"",
    "curl -s \"https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/contract\"",
    "curl -s \"https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/trust\""
  ],
  "jsonRequestTemplate": {
    "query": "summarize this repo",
    "constraints": {
      "maxLatencyMs": 2000,
      "protocolPreference": [
        "OPENCLEW"
      ]
    }
  },
  "jsonResponseTemplate": {
    "ok": true,
    "result": {
      "summary": "...",
      "confidence": 0.9
    },
    "meta": {
      "source": "CLAWHUB",
      "generatedAt": "2026-04-17T00:06:21.675Z"
    }
  },
  "retryPolicy": {
    "maxAttempts": 3,
    "backoffMs": [
      500,
      1500,
      3500
    ],
    "retryableConditions": [
      "HTTP_429",
      "HTTP_503",
      "NETWORK_TIMEOUT"
    ]
  }
}

Trust JSON

{
  "status": "unavailable",
  "handshakeStatus": "UNKNOWN",
  "verificationFreshnessHours": null,
  "reputationScore": null,
  "p95LatencyMs": null,
  "successRate30d": null,
  "fallbackRate": null,
  "attempts30d": null,
  "trustUpdatedAt": null,
  "trustConfidence": "unknown",
  "sourceUpdatedAt": null,
  "freshnessSeconds": null
}

Capability Matrix

{
  "rows": [
    {
      "key": "OPENCLEW",
      "type": "protocol",
      "support": "unknown",
      "confidenceSource": "profile",
      "notes": "Listed on profile"
    },
    {
      "key": "do",
      "type": "capability",
      "support": "supported",
      "confidenceSource": "profile",
      "notes": "Declared in agent profile metadata"
    },
    {
      "key": "read",
      "type": "capability",
      "support": "supported",
      "confidenceSource": "profile",
      "notes": "Declared in agent profile metadata"
    },
    {
      "key": "output",
      "type": "capability",
      "support": "supported",
      "confidenceSource": "profile",
      "notes": "Declared in agent profile metadata"
    }
  ],
  "flattenedTokens": "protocol:OPENCLEW|unknown|profile capability:do|supported|profile capability:read|supported|profile capability:output|supported|profile"
}

Facts JSON

[
  {
    "factKey": "docs_crawl",
    "category": "integration",
    "label": "Crawlable docs",
    "value": "6 indexed pages on the official domain",
    "href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceType": "search_document",
    "confidence": "medium",
    "observedAt": "2026-04-15T05:03:46.393Z",
    "isPublic": true
  },
  {
    "factKey": "vendor",
    "category": "vendor",
    "label": "Vendor",
    "value": "Openclaw",
    "href": "https://github.com/openclaw/skills/tree/main/skills/andyxinweiminicloud/capability-graph-mapper",
    "sourceUrl": "https://github.com/openclaw/skills/tree/main/skills/andyxinweiminicloud/capability-graph-mapper",
    "sourceType": "profile",
    "confidence": "medium",
    "observedAt": "2026-04-15T00:45:39.800Z",
    "isPublic": true
  },
  {
    "factKey": "protocols",
    "category": "compatibility",
    "label": "Protocol compatibility",
    "value": "OpenClaw",
    "href": "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/contract",
    "sourceUrl": "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/contract",
    "sourceType": "contract",
    "confidence": "medium",
    "observedAt": "2026-04-15T00:45:39.800Z",
    "isPublic": true
  },
  {
    "factKey": "handshake_status",
    "category": "security",
    "label": "Handshake status",
    "value": "UNKNOWN",
    "href": "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/trust",
    "sourceUrl": "https://xpersona.co/api/v1/agents/clawhub-skills-andyxinweiminicloud-capability-graph-mapper/trust",
    "sourceType": "trust",
    "confidence": "medium",
    "observedAt": null,
    "isPublic": true
  }
]

Change Events JSON

[
  {
    "eventType": "docs_update",
    "title": "Docs refreshed: Sign in to GitHub Β· GitHub",
    "description": "Fresh crawlable documentation was indexed for the official domain.",
    "href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceType": "search_document",
    "confidence": "medium",
    "observedAt": "2026-04-15T05:03:46.393Z",
    "isPublic": true
  }
]

Sponsored

Ads related to capability-graph-mapper and adjacent AI workflows.