← Back to Skills Marketplace
harrylabsj

Defi Protocol Risk Map

by haidong · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
17
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install defi-protocol-risk-map
Description
Maps the risk layers of a DeFi protocol - smart contract, oracle, governance, liquidity, and counterparty risk - from user-provided protocol information.
README (SKILL.md)

DeFi Protocol Risk Map

Overview

DeFi Protocol Risk Map is a descriptive Web3 education skill. It helps users reason through a specific Web3 decision, risk surface, or participation workflow using only the information they provide.

Maps the risk layers of a DeFi protocol - smart contract, oracle, governance, liquidity, and counterparty risk - from user-provided protocol information.

The core user problem: Users evaluate DeFi on TVL/APY alone. They don't understand the risk stack and what can break.

This skill does not connect to wallets, query blockchains, inspect smart contracts, retrieve market data, or verify external claims. It turns user-provided context into a structured reasoning aid.

When to Use This Skill

Use this skill when the user asks about:

  • DeFi risk
  • protocol safety
  • smart contract risk
  • oracle risk
  • where can this break
  • protocol audit
  • lending risk

It is especially useful when the user has a whitepaper excerpt, proposal summary, protocol page, transaction context, community description, or personal decision note and wants a clear framework before acting.

Inputs to Request

Ask for only non-sensitive information:

  • The project, protocol, proposal, collection, or decision being evaluated.
  • The user's goal and time horizon.
  • Any pasted public documentation, proposal text, marketing claims, or personal notes.
  • What the user already believes and what they are unsure about.
  • Constraints such as budget, risk tolerance, jurisdictional concerns, or operational complexity when relevant.

Never ask for seed phrases, private keys, wallet passwords, secret recovery shares, unpublished identity documents, or private signing material.

Core Workflow

  1. Restate the user's goal and the exact information they provided.
  2. Separate facts, claims, assumptions, and missing information.
  3. Build the protocol summary section from user-provided information only.
  4. Build the 5-layer risk breakdown section from user-provided information only.
  5. Build the information gaps section from user-provided information only.
  6. Build the qualitative risk scoring section from user-provided information only.
  7. Add the pre-deposit questions sections where relevant.
  8. Highlight unknowns that require independent verification.
  9. Close with a conservative checklist the user can apply before taking action.

Output Format

Each response should include:

  • Protocol summary - explained in plain language with assumptions and gaps separated from conclusions
  • 5-layer risk breakdown - explained in plain language with assumptions and gaps separated from conclusions
  • information gaps - explained in plain language with assumptions and gaps separated from conclusions
  • qualitative risk scoring - explained in plain language with assumptions and gaps separated from conclusions
  • pre-deposit questions - explained in plain language with assumptions and gaps separated from conclusions
  • Information gaps - what cannot be concluded from the provided material
  • Verification checklist - sources or questions the user should independently check
  • Plain-English takeaway - a short, non-advisory summary of the decision quality

Safety Boundaries

This skill cannot and will not:

  • Execute code, connect to wallets, sign transactions, or interact with any dapp.
  • Query live on-chain data, price feeds, TVL, APY, holder distributions, governance vote counts, or bridge status.
  • Verify contract addresses, audits, custody claims, legal structures, identities, or protocol solvency.
  • Guarantee safety, returns, legality, anonymity, or future outcomes.
  • Provide financial, legal, tax, securities, or investment advice.

Specific boundary for this skill: Cannot inspect contracts or verify audits. Cannot confirm TVL, APY, or pool health. Cannot guarantee protocol safety.

Refusal example: "I cannot verify that this project, address, vote, bridge, token, or collection is safe or legitimate. I can help you structure the risks and questions to verify independently."

Response Style

  • Use clear English and avoid hype.
  • Distinguish confirmed user-provided facts from assumptions.
  • Use qualitative language instead of false precision.
  • Prefer checklists, comparison tables, and decision worksheets.
  • Warn when the user is relying on marketing language, screenshots, social proof, or incomplete documentation.

Acceptance Criteria

  • Uses only user-provided information and clearly labels assumptions.
  • Produces the requested structured output sections.
  • Includes safety boundaries and independent verification prompts.
  • Refuses requests to verify safety, predict returns, provide legal advice, or handle secrets.
  • Does not include code execution, wallet integration, API calls, or live chain queries.
  • All user-facing documentation is English-first.
Usage Guidance
The written skill appears safe and educational, but the wallet/signing/credential capability signals are a serious mismatch. Before installing, verify that no wallet connection, transaction signing, or sensitive credential permission will be granted. If the skill asks for secrets or presents a signing prompt, stop.
Capability Analysis
Type: OpenClaw Skill Name: defi-protocol-risk-map Version: 1.0.0 The DeFi Protocol Risk Map skill is a purely descriptive, educational tool designed to analyze user-provided text for risk factors. It contains no executable code, explicitly sets 'no_code_execution' to true in skill.json, and includes robust safety boundaries in SKILL.md that prohibit requesting sensitive information like private keys or connecting to external wallets/blockchains.
Capability Tags
cryptorequires-walletcan-sign-transactionsrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The stated purpose is an instruction-only DeFi risk-mapping worksheet using user-provided information, but the provided capability signals list wallet/signing/credential capabilities that are not needed for that purpose.
Instruction Scope
SKILL.md clearly instructs the agent to use only user-provided information, label assumptions, avoid secrets, and refuse claims of verified safety or investment advice.
Install Mechanism
There is no install spec, no code, no dependencies, and skill.json declares no_code_execution: true.
Credentials
If the capability signals translate into actual platform permissions, wallet/signing/credential access would be disproportionate for a no-code educational risk-mapping skill.
Persistence & Privilege
The artifacts show no background process, persistence mechanism, memory store, or ongoing autonomous behavior.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install defi-protocol-risk-map
  3. After installation, invoke the skill by name or use /defi-protocol-risk-map
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of DeFi Protocol Risk Map skill. - Provides a structured, plain-English framework for analyzing DeFi protocol risk using only user-supplied information. - Breaks down risk into five layers: smart contract, oracle, governance, liquidity, and counterparty risk. - Outputs clear sections: protocol summary, 5-layer risk breakdown, identified information gaps, qualitative risk scoring, pre-deposit questions, verification checklist, and a plain-English takeaway. - Enforces strict safety boundaries: does not verify on-chain data or audits, cannot guarantee safety, never handles sensitive or private user data. - Helps users reason through Web3 risks with checklists and prompts for independent verification.
Metadata
Slug defi-protocol-risk-map
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Defi Protocol Risk Map?

Maps the risk layers of a DeFi protocol - smart contract, oracle, governance, liquidity, and counterparty risk - from user-provided protocol information. It is an AI Agent Skill for Claude Code / OpenClaw, with 17 downloads so far.

How do I install Defi Protocol Risk Map?

Run "/install defi-protocol-risk-map" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Defi Protocol Risk Map free?

Yes, Defi Protocol Risk Map is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Defi Protocol Risk Map support?

Defi Protocol Risk Map is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Defi Protocol Risk Map?

It is built and maintained by haidong (@harrylabsj); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments