{ "schemaVersion": "1.0", "item": { "slug": "meerkat-governance", "name": "Meerkat Governance", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/7789996399/meerkat-governance", "canonicalUrl": "https://clawhub.ai/7789996399/meerkat-governance", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/meerkat-governance", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=meerkat-governance", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "_meta.json" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/meerkat-governance" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/meerkat-governance", "agentPageUrl": "https://openagent3.xyz/skills/meerkat-governance/agent", "manifestUrl": "https://openagent3.xyz/skills/meerkat-governance/agent.json", "briefUrl": "https://openagent3.xyz/skills/meerkat-governance/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Meerkat Governance", "body": "Scope: This skill provides two API endpoints your agent can call. It does not auto-activate, does not run in the background, and does not access content unless explicitly called by the agent. The developer controls what content is sent to Meerkat.\n\nPrivacy and data handling: https://meerkatplatform.com/privacy\nMeerkat processes content in memory and discards it after the response. Only trust scores and metadata are stored. No raw content is retained. No data is shared with third parties. All processing stays in Canada.\n\nSecurity: Your API key authenticates requests to Meerkat's API. Rotate keys via the dashboard if compromised. All communication is TLS 1.2+ encrypted. Meerkat endpoints are hosted on Azure Container Apps with managed SSL certificates. Verify the endpoint hostname (api.meerkatplatform.com) matches the TLS certificate before sending data." }, { "title": "Ingress Shield", "body": "The /v1/shield endpoint scans content for prompt injection, jailbreaks, data exfiltration, and social engineering. The agent can call this before processing content the developer designates as untrusted. Common examples include external emails, web-scraped content, and user-uploaded documents. Developers can optionally configure their agent to shield skill descriptions before installation.\n\ncurl -s -X POST https://api.meerkatplatform.com/v1/shield \\\n -H \"Authorization: Bearer $MEERKAT_API_KEY\" \\\n -H \"Content-Type: application/json\" \\\n -d \"{\\\"input\\\": \\\"\\\"}\"\n\nResponse fields:\n\nsafe (boolean): Whether the content passed scanning\nthreat_level: NONE, LOW, MEDIUM, HIGH, or CRITICAL\nattack_type: Category of detected threat (if any)\ndetail: Human-readable description\nsanitized_input: Content with threats removed (when available)\naudit_id: Unique identifier for the audit record\n\nThe agent can use the response to decide how to proceed. For example, content flagged HIGH or CRITICAL could be blocked, while MEDIUM could prompt user confirmation. If sanitized_input is returned, the agent can use the cleaned version." }, { "title": "Egress Verify", "body": "The /v1/verify endpoint checks AI-generated output against source data using up to five ML checks: entailment (DeBERTa NLI), numerical verification, semantic entropy, implicit preference detection, and claim extraction.\n\ncurl -s -X POST https://api.meerkatplatform.com/v1/verify \\\n -H \"Authorization: Bearer $MEERKAT_API_KEY\" \\\n -H \"Content-Type: application/json\" \\\n -d \"{\\\"input\\\": \\\"\\\", \\\"output\\\": \\\"\\\", \\\"context\\\": \\\"\\\", \\\"domain\\\": \\\"\\\"}\"\n\nThe domain field applies domain-specific rules. Supported values: healthcare, financial, legal, general.\n\nResponse fields:\n\ntrust_score (0-100): Weighted composite score across all checks\nstatus: PASS or FLAG (severity communicated via trust_score and remediation.severity)\nchecks: Per-check scores, flags, and details\nremediation: Corrections and agent instructions (when status is not PASS)\naudit_id: Unique identifier for the audit record\nsession_id: Session identifier for linking retry attempts\n\nThe agent can use the status and trust score to decide whether to proceed. When remediation is present, the agent_instruction field contains guidance for self-correction, and corrections lists specific errors (e.g., found value vs expected value). The agent can regenerate output with corrections applied and resubmit using the same session_id to link attempts." }, { "title": "Observation Mode", "body": "When no context field is provided, Meerkat runs in observation mode: it checks semantic entropy and implicit preference but skips source-grounded checks. The context_mode field in the response will be observation. This is useful for checking open-ended generation where no source document exists." }, { "title": "Audit Trail", "body": "Every shield and verify call is logged with an audit ID. The /v1/audit/ endpoint retrieves the full record. Add ?include_session=true to see all linked attempts in a retry session.\n\ncurl -s https://api.meerkatplatform.com/v1/audit/ \\\n -H \"Authorization: Bearer $MEERKAT_API_KEY\"" }, { "title": "Setup", "body": "Get a free API key at https://meerkatplatform.com (10,000 verifications/month, no credit card)\nSet the environment variable: MEERKAT_API_KEY=mk_live_your_key_here\nThe developer controls which content is sent to Meerkat through their agent configuration. The agent calls the shield endpoint before processing untrusted external content, and the verify endpoint before executing high-impact actions." }, { "title": "Detection Capabilities", "body": "See https://meerkatplatform.com/docs for example payloads and response formats.\n\nIngress detects: prompt injection, indirect injection, data exfiltration attempts, jailbreak and role-hijacking patterns, credential harvesting, and social engineering.\n\nEgress detects: hallucinated facts, numerical distortions (medication doses, financial figures, legal terms), fabricated entities and citations, confident confabulation, bias and implicit preference, and ungrounded numbers." }, { "title": "Usage Headers", "body": "Every API response includes usage headers:\n\nX-Meerkat-Usage: Current verification count\nX-Meerkat-Limit: Monthly limit (or \"unlimited\")\nX-Meerkat-Remaining: Verifications remaining\nX-Meerkat-Warning: Warning when approaching limit (80%+)" }, { "title": "Privacy", "body": "Meerkat processes content for security scanning only. Content is not stored beyond the audit trail retention period. Your API key is scoped to your organization. See https://meerkatplatform.com/privacy for details." } ], "body": "Meerkat Governance\n\nScope: This skill provides two API endpoints your agent can call. It does not auto-activate, does not run in the background, and does not access content unless explicitly called by the agent. The developer controls what content is sent to Meerkat.\n\nPrivacy and data handling: https://meerkatplatform.com/privacy Meerkat processes content in memory and discards it after the response. Only trust scores and metadata are stored. No raw content is retained. No data is shared with third parties. All processing stays in Canada.\n\nSecurity: Your API key authenticates requests to Meerkat's API. Rotate keys via the dashboard if compromised. All communication is TLS 1.2+ encrypted. Meerkat endpoints are hosted on Azure Container Apps with managed SSL certificates. Verify the endpoint hostname (api.meerkatplatform.com) matches the TLS certificate before sending data.\n\nIngress Shield\n\nThe /v1/shield endpoint scans content for prompt injection, jailbreaks, data exfiltration, and social engineering. The agent can call this before processing content the developer designates as untrusted. Common examples include external emails, web-scraped content, and user-uploaded documents. Developers can optionally configure their agent to shield skill descriptions before installation.\n\ncurl -s -X POST https://api.meerkatplatform.com/v1/shield \\\n -H \"Authorization: Bearer $MEERKAT_API_KEY\" \\\n -H \"Content-Type: application/json\" \\\n -d \"{\\\"input\\\": \\\"\\\"}\"\n\n\nResponse fields:\n\nsafe (boolean): Whether the content passed scanning\nthreat_level: NONE, LOW, MEDIUM, HIGH, or CRITICAL\nattack_type: Category of detected threat (if any)\ndetail: Human-readable description\nsanitized_input: Content with threats removed (when available)\naudit_id: Unique identifier for the audit record\n\nThe agent can use the response to decide how to proceed. For example, content flagged HIGH or CRITICAL could be blocked, while MEDIUM could prompt user confirmation. If sanitized_input is returned, the agent can use the cleaned version.\n\nEgress Verify\n\nThe /v1/verify endpoint checks AI-generated output against source data using up to five ML checks: entailment (DeBERTa NLI), numerical verification, semantic entropy, implicit preference detection, and claim extraction.\n\ncurl -s -X POST https://api.meerkatplatform.com/v1/verify \\\n -H \"Authorization: Bearer $MEERKAT_API_KEY\" \\\n -H \"Content-Type: application/json\" \\\n -d \"{\\\"input\\\": \\\"\\\", \\\"output\\\": \\\"\\\", \\\"context\\\": \\\"\\\", \\\"domain\\\": \\\"\\\"}\"\n\n\nThe domain field applies domain-specific rules. Supported values: healthcare, financial, legal, general.\n\nResponse fields:\n\ntrust_score (0-100): Weighted composite score across all checks\nstatus: PASS or FLAG (severity communicated via trust_score and remediation.severity)\nchecks: Per-check scores, flags, and details\nremediation: Corrections and agent instructions (when status is not PASS)\naudit_id: Unique identifier for the audit record\nsession_id: Session identifier for linking retry attempts\n\nThe agent can use the status and trust score to decide whether to proceed. When remediation is present, the agent_instruction field contains guidance for self-correction, and corrections lists specific errors (e.g., found value vs expected value). The agent can regenerate output with corrections applied and resubmit using the same session_id to link attempts.\n\nObservation Mode\n\nWhen no context field is provided, Meerkat runs in observation mode: it checks semantic entropy and implicit preference but skips source-grounded checks. The context_mode field in the response will be observation. This is useful for checking open-ended generation where no source document exists.\n\nAudit Trail\n\nEvery shield and verify call is logged with an audit ID. The /v1/audit/ endpoint retrieves the full record. Add ?include_session=true to see all linked attempts in a retry session.\n\ncurl -s https://api.meerkatplatform.com/v1/audit/ \\\n -H \"Authorization: Bearer $MEERKAT_API_KEY\"\n\nSetup\nGet a free API key at https://meerkatplatform.com (10,000 verifications/month, no credit card)\nSet the environment variable: MEERKAT_API_KEY=mk_live_your_key_here\nThe developer controls which content is sent to Meerkat through their agent configuration. The agent calls the shield endpoint before processing untrusted external content, and the verify endpoint before executing high-impact actions.\nDetection Capabilities\n\nSee https://meerkatplatform.com/docs for example payloads and response formats.\n\nIngress detects: prompt injection, indirect injection, data exfiltration attempts, jailbreak and role-hijacking patterns, credential harvesting, and social engineering.\n\nEgress detects: hallucinated facts, numerical distortions (medication doses, financial figures, legal terms), fabricated entities and citations, confident confabulation, bias and implicit preference, and ungrounded numbers.\n\nUsage Headers\n\nEvery API response includes usage headers:\n\nX-Meerkat-Usage: Current verification count\nX-Meerkat-Limit: Monthly limit (or \"unlimited\")\nX-Meerkat-Remaining: Verifications remaining\nX-Meerkat-Warning: Warning when approaching limit (80%+)\nPrivacy\n\nMeerkat processes content for security scanning only. Content is not stored beyond the audit trail retention period. Your API key is scoped to your organization. See https://meerkatplatform.com/privacy for details." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/7789996399/meerkat-governance", "publisherUrl": "https://clawhub.ai/7789996399/meerkat-governance", "owner": "7789996399", "version": "1.0.4", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/meerkat-governance", "downloadUrl": "https://openagent3.xyz/downloads/meerkat-governance", "agentUrl": "https://openagent3.xyz/skills/meerkat-governance/agent", "manifestUrl": "https://openagent3.xyz/skills/meerkat-governance/agent.json", "briefUrl": "https://openagent3.xyz/skills/meerkat-governance/agent.md" } }