← Back to Skills Marketplace
Solanaprox
by
unixlamadev-spec
· GitHub ↗
· v2.0.0
612
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install solanaprox
Description
Pay-per-request AI model access via Solana/USDC using a Phantom wallet address. Query Claude and GPT models without API keys. Wallet-native authentication wi...
Usage Guidance
This skill appears to do what it says (send your wallet address to solanaprox.com and pay per call), but take precautions before using it:
- Do NOT put private keys, seed phrases, or secret keys into SOLANA_WALLET. The SKILL.md intends SOLANA_WALLET to be a public wallet address, but the variable name is ambiguous and a mistake could expose secrets.
- Be aware that all prompts and responses are routed through a third-party proxy (solanaprox.com). Do not send sensitive data or private information unless you trust that service.
- The doc suggests running `npx solanaprox-mcp` (optional). Running npx will download and execute code from npm — review the package source (npm page and GitHub) before running.
- The SKILL.md metadata references a GitHub repo and an npm package; the registry record lacked a homepage. Verify those links independently (inspect repository and package) before trusting the service.
- If you want to try it, use a dedicated Solana wallet with minimal funds (e.g., <$5) rather than your main wallet.
If you want a firmer benign/malicious determination, provide the package source (GitHub repo or the npm package contents) or clarify exactly what value users are expected to set in SOLANA_WALLET (address vs. key).
Capability Analysis
Type: OpenClaw Skill
Name: solanaprox
Version: 2.0.0
The skill is classified as suspicious due to several high-risk behaviors and a transparency issue. Firstly, the `SKILL.md` instructs the agent to execute `curl` commands that directly embed the `$SOLANA_WALLET` environment variable into shell commands without apparent sanitization, creating a shell injection vulnerability (RCE risk) if the agent's execution environment doesn't properly escape inputs. Secondly, the skill instructs the agent to run `npx solanaprox-mcp`, which allows arbitrary code execution by downloading and running an npm package, posing a significant supply chain risk. Lastly, the 'Security Manifest' in `SKILL.md` falsely claims that `https://solanaprox.com/` is the 'only' external endpoint called, while later sections explicitly provide a `curl` command to `https://aiprox.dev`, indicating a lack of transparency.
Capability Assessment
Purpose & Capability
The name/description (Solana pay-per-request proxy) aligns with the declared runtime actions: check balance and POST requests to solanaprox.com with the wallet address in a header. Requiring SOLANA_WALLET (a wallet identifier) is expected for the stated purpose.
Instruction Scope
SKILL.md confines runtime actions to calls to https://solanaprox.com and reading the SOLANA_WALLET env var. It clearly states prompts/responses flow through a third-party proxy (privacy risk) and instructs the agent to extract only clean text. However, it also recommends running `npx solanaprox-mcp` (which would fetch and execute remote npm code) and includes registry/registration curl examples that interact with other endpoints — these expand the surface beyond simple HTTP proxy calls.
Install Mechanism
There is no install spec (lower risk), but the doc references an npm package and an npx command. If followed, that would pull and execute remote code from npm at runtime, which is a moderate risk and not accounted for in an explicit install step.
Credentials
Only one env var is required (SOLANA_WALLET), which is proportionate if it is strictly a public wallet address. The documentation asserts private keys are never accessed, but the variable name is ambiguous — a less-technical user might place a private key or seed there. That ambiguity could lead to accidental secret exposure. No other unrelated secrets are requested.
Persistence & Privilege
The skill is instruction-only, has no install that makes persistent changes, and does not request always:true. Autonomous invocation is allowed by default but not combined with other strong privilege escalation indicators.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install solanaprox - After installation, invoke the skill by name or use
/solanaprox - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.0
Added AIProx ecosystem links, registration curl command, MCP npm package, autonomous agent demo reference
v1.0.0
- Initial release of SolanaProx skill for AI access via Solana/USDC and Phantom wallet authentication.
- Enables pay-per-request queries to Claude and GPT models without API keys.
- Implements wallet-native authentication and real-time deposit/balance detection.
- Supports stateless operation, model auto-selection, and user guidance for balance management.
- Includes clear instructions for balance checks, making requests, viewing available models, and depositing funds.
Metadata
Frequently Asked Questions
What is Solanaprox?
Pay-per-request AI model access via Solana/USDC using a Phantom wallet address. Query Claude and GPT models without API keys. Wallet-native authentication wi... It is an AI Agent Skill for Claude Code / OpenClaw, with 612 downloads so far.
How do I install Solanaprox?
Run "/install solanaprox" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Solanaprox free?
Yes, Solanaprox is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Solanaprox support?
Solanaprox is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Solanaprox?
It is built and maintained by unixlamadev-spec (@unixlamadev-spec); the current version is v2.0.0.
More Skills