← Back to Skills Marketplace
ice-coldbell

easyclaw

by ColdBell · GitHub ↗ · v0.0.2
cross-platform ⚠ suspicious
514
Downloads
0
Stars
2
Active Installs
2
Versions
Install in OpenClaw
/install easyclaw
Description
Run user-facing EasyClaw DEX actions from a self-contained skill folder. Use when an agent needs to submit user orders or check wallet/margin/order balances...
README (SKILL.md)

EasyClaw User DEX Skill

Run only user workflows:

  • balance and open-order checks
  • order submission (place order)
  • backend position/order/fill/history/orderbook/chart queries
  • authenticated agent/strategy controls and safety kill-switch
  • realtime websocket monitoring and signal-driven auto order execution

Do not run admin/bootstrap/keeper workflows in this skill.

Runtime & Credential Requirements

  • Wallet signer source: KEYPAIR_PATH or ANCHOR_WALLET (fallback ~/.config/solana/id.json).
  • Solana RPC source: SOLANA_RPC_URL or ANCHOR_PROVIDER_URL (fallback http://127.0.0.1:8899).
  • Backend endpoint source: EASYCLAW_API_BASE_URL / EASYCLAW_WS_URL (or alias vars in backend-common.js).
  • Optional API credential: EASYCLAW_API_TOKEN (required for protected backend controls).
  • Local process usage: onboarding probes solana config get and can spawn child Node.js processes for autotrade execution.
  • Local file writes:
    • onboarding persists selected wallet envs into easyclaw-skill/.env
    • strategy onboarding writes files into easyclaw-skill/state/strategies/

Command Interface

Use {baseDir}/scripts/dex-agent.sh:

# toolchain + environment diagnostics
{baseDir}/scripts/dex-agent.sh doctor

# install local skill dependencies
{baseDir}/scripts/dex-agent.sh install

# wallet, USDC, margin, and open orders
{baseDir}/scripts/dex-agent.sh balance
{baseDir}/scripts/dex-agent.sh balance --json

# submit order tx
{baseDir}/scripts/dex-agent.sh order --market-id 1 --side buy --type market --margin 1000000
{baseDir}/scripts/dex-agent.sh order --market-id 2 --side sell --type limit --margin 2000000 --price 3000000000

# backend REST queries
{baseDir}/scripts/dex-agent.sh backend positions --mine --limit 20
{baseDir}/scripts/dex-agent.sh backend position-history --mine --limit 20
{baseDir}/scripts/dex-agent.sh backend chart-candles --market BTCUSDT --timeframe 1m --limit 120
{baseDir}/scripts/dex-agent.sh backend orderbook-heatmap --exchange binance --symbol BTCUSDT --limit 30
{baseDir}/scripts/dex-agent.sh backend portfolio --period 7d
{baseDir}/scripts/dex-agent.sh backend strategy-templates
{baseDir}/scripts/dex-agent.sh backend agent-risk --agent-id agent-001

# realtime WS monitor
{baseDir}/scripts/dex-agent.sh watch --channels "agent.signals,portfolio.updates,market.price.BTCUSDT"

# realtime signal -> auto order execution
{baseDir}/scripts/dex-agent.sh autotrade --market-id 1 --margin 1000000 --min-confidence 0.75

# guided onboarding + strategy capture + autotrade start
{baseDir}/scripts/dex-agent.sh onboard --market-id 1 --margin 1000000

Files

  • scripts/balance.js: user balance and order summary
  • scripts/order-execute.js: user order submission helper
  • scripts/backend.js: backend REST API query helper
  • scripts/ws-watch.js: backend websocket channel subscriber
  • scripts/realtime-agent.js: signal-driven auto-order loop
  • scripts/onboard.js: interactive onboarding flow (wallet selection, registration wait, strategy capture, autotrade kickoff)
  • scripts/backend-common.js: backend endpoint/auth helpers
  • scripts/common.js: PDA, signer, tx, and decode utilities
  • package.json: local runtime dependencies
  • .env.example: required environment keys

Setup

  1. Copy .env.example to .env.
  2. Fill signer and RPC values.
  3. Run dex-agent.sh install.
  4. Run dex-agent.sh balance first to validate access.
  5. Run dex-agent.sh backend doctor and dex-agent.sh watch --channel system.status.
  6. Run dex-agent.sh onboard --market-id \x3Cid> --margin \x3Cu64> for guided onboarding.

For env definitions and option details, read references/dex-env.md.

Safety

  • Keep KEYPAIR_PATH and private keys local.
  • Use devnet/localnet unless explicitly instructed otherwise.
  • Confirm ORDER_ENGINE_PROGRAM_ID and MARKET_REGISTRY_PROGRAM_ID before placing orders.
Usage Guidance
This skill appears to do what it says: interact with EasyClaw and submit Solana orders. Before installing: 1) Do NOT point KEYPAIR_PATH at a mainnet/private wallet you cannot afford to risk; prefer a devnet/localnet keypair or a throwaway wallet for testing. 2) Review and confirm EASYCLAW_API_BASE_URL / EASYCLAW_WS_URL and ORDER_ENGINE_PROGRAM_ID / MARKET_REGISTRY_PROGRAM_ID are correct and expected for the network you intend to use. 3) Note that onboarding will read your local keypair file, run `solana config get`, and write the selection into easyclaw-skill/.env; strategy prompts are written to state/strategies/. 4) The skill can autonomously execute orders (autotrade/realtime) — test with --dry-run and small amounts first and consider running in an isolated environment. 5) If you need stronger protection, avoid exposing your primary keypair file and consider using a signing mechanism (hardware or remote signer) instead of a plain filesystem keypair. 6) If you have low trust in the source, review the scripts (already included) and run dex-agent.sh doctor and dex-agent.sh balance on devnet before enabling autonomous operations.
Capability Analysis
Type: OpenClaw Skill Name: easyclaw Version: 0.0.2 The skill is classified as suspicious due to its inherent high-risk capabilities, including reading and using Solana private keys (`KEYPAIR_PATH` in `scripts/common.js`), signing and sending financial transactions on-chain (`scripts/order-execute.js`), making external API calls to configurable endpoints (`scripts/backend-common.js`), and spawning child processes (`scripts/onboard.js`, `scripts/realtime-agent.js`). While these actions align with the stated purpose of a DEX trading agent, they represent significant attack surfaces. There is no clear evidence of intentional malicious behavior such as unauthorized data exfiltration or backdoor installation within the provided code, nor are there prompt injection attempts against the OpenClaw agent in `SKILL.md` or `agents/openai.yaml`. However, the broad permissions and sensitive operations, particularly the handling of private keys and execution of child processes based on user-controlled inputs, elevate the risk beyond benign, classifying it as suspicious due to the potential for exploitation if inputs or environment variables are compromised.
Capability Assessment
Purpose & Capability
Name/description match what the files implement: Node scripts to query EasyClaw backend, subscribe to websocket channels, and submit Solana DEX orders. Required binaries (node, npm), Solana RPC env vars, program IDs, and a KEYPAIR_PATH or ANCHOR_WALLET are expected for signing transactions and interacting with on-chain programs. Some env var names are duplicated/aliased (EASYCLAW_API_TOKEN / API_AUTH_TOKEN / API_TOKEN) but this is a convenience, not an incoherence.
Instruction Scope
SKILL.md and the scripts instruct the agent to read local wallet keypair files, run `solana config get`, persist selected wallet settings into easyclaw-skill/.env, write strategy files to easyclaw-skill/state/strategies/, spawn child Node.js processes, subscribe to backend websockets, and can run an autotrade loop that will place real orders. All of those behaviors are within the described purpose, but they include local file reads/writes and autonomous order submission (sensitive actions) and so should be explicitly acknowledged before use.
Install Mechanism
No remote arbitrary download/install is embedded in the skill. The provided dex-agent.sh runs `npm install` (standard) and package.json lists typical npm packages (@solana/web3.js, dotenv, ws). npm install will fetch packages from the public registry (normal risk for Node projects). There are no obscure download URLs or extract steps in the manifest.
Credentials
The skill requires direct access to a local Solana keypair file (KEYPAIR_PATH / ANCHOR_WALLET and ~/.config/solana/id.json) and backend API tokens (EASYCLAW_API_TOKEN / aliases). These are necessary to sign transactions and call protected backend endpoints, so the requested credentials are proportional to the trading purpose — but they are highly sensitive. The skill will write the chosen wallet path into a local .env and persist strategy files, increasing persistence of that information on disk.
Persistence & Privilege
always is false and the skill is user-invocable; model invocation is enabled (default). The skill persists a .env file and strategy files under its folder and spawns child processes to execute orders. While it does not request system-wide privileges or modify other skills, its ability to autonomously place orders (realtime autotrade) combined with wallet access is a significant operational privilege — use caution and prefer devnet/localnet or dry-run when testing.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install easyclaw
  3. After installation, invoke the skill by name or use /easyclaw
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.0.2
Version 0.1.0 of easyclaw-skill - Added `.env.example` file providing sample environment variable keys for required configuration. - Updated skill metadata with version, homepage, and detailed environment/bin/config requirements. - Expanded documentation to clarify wallet, RPC, and backend credential sources, as well as local file-write behavior. - No changes to command interface or user workflows. - Setup and safety instructions remain unchanged.
v0.0.1
Initial release of easyclaw-skill – a self-contained user DEX toolkit for EasyClaw. - Enables order submission, balance and open-order checks, and backend queries via local scripts. - Provides realtime websocket monitoring and signal-driven auto order execution. - Supports guided onboarding and strategy capture. - All commands accessible through a single `dex-agent.sh` interface. - Designed for user workflows only; does not include admin or keeper operations. - Includes scripts for balance, order, backend API, websocket, and onboarding functions with local environment safety guidelines.
Metadata
Slug easyclaw
Version 0.0.2
License
All-time Installs 2
Active Installs 2
Total Versions 2
Frequently Asked Questions

What is easyclaw?

Run user-facing EasyClaw DEX actions from a self-contained skill folder. Use when an agent needs to submit user orders or check wallet/margin/order balances... It is an AI Agent Skill for Claude Code / OpenClaw, with 514 downloads so far.

How do I install easyclaw?

Run "/install easyclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is easyclaw free?

Yes, easyclaw is completely free (open-source). You can download, install and use it at no cost.

Which platforms does easyclaw support?

easyclaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created easyclaw?

It is built and maintained by ColdBell (@ice-coldbell); the current version is v0.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments