← Back to Skills Marketplace
230
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install substreams-search
Description
Search, inspect, and analyze Substreams packages to discover modules, visualize data flows, and generate sink deployment commands.
Usage Guidance
This skill appears to do what it claims: it scrapes substreams.dev and fetches .spkg files to inspect module graphs and generate sink commands. Before installing/running it:
- Treat it as code that will make outbound HTTP requests to substreams.dev and to any URL you pass in (inspect_package accepts arbitrary URLs). Do not pass internal-only or sensitive endpoints unless you isolate the process or run it in a safe network environment (SSRF risk).
- Running via npx will pull the package from npm — verify the npm package and GitHub repository (author: PaulieB14) if you care about supply-chain provenance.
- If running the server with HTTP/SSE enabled, avoid exposing it to untrusted networks without authentication.
- If you need stronger assurance, run the provided code in a sandbox/container, review the full package on npm/github, or audit the @substreams/core and @modelcontextprotocol/sdk dependency versions used.
Capability Analysis
Package: (mcp)
Version:
Description:
The package is a Model Context Protocol (MCP) server designed to search, inspect, and analyze Substreams packages from the substreams.dev registry. It provides tools to search the registry via web scraping, introspect .spkg files (protobuf-encoded blockchain data streams) using the @substreams/core library, and generate deployment commands for various data sinks. The codebase contains both a Python implementation (server.py) and a TypeScript implementation (src/index.ts), both of which perform legitimate operations consistent with the package's description. No malicious logic, unauthorized data exfiltration, or suspicious obfuscation was found.
Capability Assessment
Purpose & Capability
Name, description, SKILL.md, README, and code all consistently implement searching the substreams.dev registry, parsing package cards, fetching .spkg files, inspecting module graphs, and generating sink deployment commands. The declared dependencies (HTML parser, @substreams/core, MCP SDK) and scripts in package.json match the described capabilities.
Instruction Scope
The tools accept arbitrary URLs for .spkg files and the server will fetch them and parse their contents. That behavior is necessary for inspection, but it means a user/agent could request the server fetch internal or otherwise sensitive endpoints (SSRF). The server also paginates and scrapes substreams.dev (up to MAX_PAGES=50) which results in many outbound requests — expected for its purpose but potentially abusive in some contexts.
Install Mechanism
The skill is instruction-only in the registry (no enforced install spec) but the bundle contains a standard Node package (package.json, package-lock.json, ts sources) and a Python MCP helper. The README instructs running via `npx substreams-search-mcp`, which is a normal distribution method. No remote, untrusted download URLs or extract steps were used in the provided files.
Credentials
No environment variables, credentials, or config paths are required or requested. The code does perform network I/O (scraping the registry and fetching user-provided .spkg URLs), which is proportional to the skill's function but worth noting because it can access arbitrary network targets if given arbitrary URLs.
Persistence & Privilege
always is false and there are no signs the skill attempts to alter other skills or system-wide agent config. It runs as an MCP server (stdio / SSE) when launched — normal behaviour for MCP servers and not privileged by itself.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install substreams-search - After installation, invoke the skill by name or use
/substreams-search - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.0
- Added detailed documentation in SKILL.md, outlining key features, tools, install steps, and practical use cases.
- Highlights new and existing tools: search_substreams, inspect_package, list_package_modules, and get_sink_config.
- Improved clarity for searching packages, inspecting module graphs, analyzing sink configs, and deploying Substreams across multiple blockchains.
- Expanded use case descriptions to illustrate how the skill aids discovery, inspection, and deployment.
Metadata
Frequently Asked Questions
What is Substreams Search?
Search, inspect, and analyze Substreams packages to discover modules, visualize data flows, and generate sink deployment commands. It is an AI Agent Skill for Claude Code / OpenClaw, with 230 downloads so far.
How do I install Substreams Search?
Run "/install substreams-search" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Substreams Search free?
Yes, Substreams Search is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Substreams Search support?
Substreams Search is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Substreams Search?
It is built and maintained by PaulieB14 (@paulieb14); the current version is v1.3.0.
More Skills