← Back to Skills Marketplace
339
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install rbtc
Description
Runs a patched Bitcoin Core node with built-in CPU mining, supporting configurable CPU usage, thread count, and automated secure updates.
Usage Guidance
This skill's intent (run a patched Bitcoin Core and CPU miner) is plausible, but the package is missing the scripts it tells you to run. Before installing or executing anything: 1) Inspect the referenced GitHub repository (https://github.com/happybigmtn/rBTC) and review every install/update script locally — do not run unknown install.sh/updater.sh blindly. 2) Prefer to clone the repo and manually review build/install scripts, patch contents, and the update manifest. 3) Set AUTO_ACCEPT_NETWORK_PATCH_HASH=0 to avoid auto-accepting network/chain identity changes until you've audited patch hashes. 4) Restrict RPC_BIND / RPC_ALLOWIP to localhost and do not expose RPC ports publicly. 5) Be aware CPU mining will consume resources and run potentially long-lived processes; run in an isolated environment (VM/container) if you want to experiment. 6) Additional evidence that would raise confidence to benign: a complete package with the declared scripts included, reproducible build logs, signed upstream manifests, and an explicit, auditable mechanism for fetching upstream releases (e.g., pinned GitHub release URLs and GPG/sha256 verification steps present and verifiable).
Capability Analysis
Type: OpenClaw Skill
Name: rbtc
Version: 1.0.0
The skill is designed to download, build, and execute a Bitcoin Core fork and automatically starts a CPU miner by default (START_MINER=1). While the documentation in SKILL.md and clawhub.json is transparent about its purpose, the automated installation of mining software and the application of custom 'immutable patches' to upstream code are high-risk behaviors frequently associated with resource hijacking and supply chain risks. The inclusion of an automated update mechanism (updater.sh) and the default acceptance of network-provided patches (AUTO_ACCEPT_NETWORK_PATCH_HASH=1) further increase the potential for unauthorized code execution.
Capability Assessment
Purpose & Capability
The name/description match the SKILL.md: it intends to build, run, mine, and update a patched Bitcoin Core. However, the clawhub.json lists an entrypoint (install.sh) and many scripts that are not included in the bundle. That mismatch (metadata claims local scripts, but the package only contains SKILL.md and clawhub.json) is unexpected and reduces coherence: the runtime instructions assume local scripts that don't exist in the package.
Instruction Scope
SKILL.md instructs running install.sh, build scripts, updater.sh, and a CPU miner; these actions involve fetching upstream releases, applying patches, compiling, and swapping runtime symlinks. Those operations legitimately belong to the described purpose, but they require executing code (scripts or downloads) not present in the bundle. The instructions also reference user filesystem paths (~/.rbitcoin) and advise adding seed nodes / IPs; all expected for a node, but they also allow auto-accepting network patch hashes (AUTO_ACCEPT_NETWORK_PATCH_HASH defaults to 1), which could permit automatic acceptance of network-changing patches without strict pinning.
Install Mechanism
There is no install spec and no scripts included. The SKILL.md assumes local scripts (install.sh, scripts/*). Because those files are absent, the actual install mechanism is unclear — the agent or user would likely fetch code from the referenced GitHub repo or another external source at runtime. That implicit download/execution path increases risk: arbitrary code fetched/executed from the network is higher-risk unless provenance is verified.
Credentials
The skill does not request credentials or privileged environment variables. Declared env vars (miner settings, AUTO_ACCEPT_NETWORK_PATCH_HASH) are proportional to a mining/node skill. Still, AUTO_ACCEPT_NETWORK_PATCH_HASH defaulting to 1 is notable because it relaxes strict patch-hash pinning and could lead to accepting upstream/patch differences automatically.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request elevated or persistent platform privileges. Autonomous invocation is allowed (default) but is not combined with other strong red flags here. The main persistence concern is that the skill's updater would perform atomic swaps of runtime symlinks on the host if the user runs the scripts.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install rbtc - After installation, invoke the skill by name or use
/rbtc - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the rBitcoin Agent Skill.
- Provides an immutable patch on top of Bitcoin Core, focusing on chain identity.
- Includes automated scripts for install, verification, build, update, and mining.
- Supports configuration via environment variables for flexible node and miner control.
- Verification tools provided for upstream release integrity, patch scope, and binary provenance.
- Atomic upgrade process with easy rollback included.
Metadata
Frequently Asked Questions
What is rBTC Miner?
Runs a patched Bitcoin Core node with built-in CPU mining, supporting configurable CPU usage, thread count, and automated secure updates. It is an AI Agent Skill for Claude Code / OpenClaw, with 339 downloads so far.
How do I install rBTC Miner?
Run "/install rbtc" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is rBTC Miner free?
Yes, rBTC Miner is completely free (open-source). You can download, install and use it at no cost.
Which platforms does rBTC Miner support?
rBTC Miner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created rBTC Miner?
It is built and maintained by rk (@happybigmtn); the current version is v1.0.0.
More Skills