← Back to Skills Marketplace
Wise Read Only
by
cianweeresinghe-sudo
· GitHub ↗
· v1.0.3
305
Downloads
0
Stars
1
Active Installs
4
Versions
Install in OpenClaw
/install wise-readonly
Description
Read-only Wise API operations for account inspection, FX lookups, recipients, and transfer history. Use when asked to list profiles, balances, recipients, tr...
Usage Guidance
This skill appears to be what it claims: a read-only Wise API client. Before installing, verify the registry metadata mismatch (the skill requires WISE_API_TOKEN despite an earlier header saying none). Provide a least-privilege Wise API token (read-only if Wise supports scoped tokens), avoid using a highly privileged/production token for testing, and confirm the platform's UI prevents implicit invocation if you want manual control. If you ever suspect the token was exposed, revoke it immediately. If you need deeper assurance, review the script yourself (scripts/wise_readonly.mjs is included and small) or run it in a sandboxed environment first.
Capability Analysis
Type: OpenClaw Skill
Name: wise-readonly
Version: 1.0.3
The skill provides read-only access to the Wise API for account inspection, balance checks, and FX rate lookups. The implementation in `scripts/wise_readonly.mjs` strictly uses GET requests to the official Wise API (api.wise.com), includes a robust PII redaction mechanism for sensitive fields like account numbers and names, and lacks any write-capable operations or suspicious network activity.
Capability Assessment
Purpose & Capability
The skill's name, description, SKILL.md, .clawhub/config.toml, and the script all align: it is a read-only Wise API client. However, the top-level registry metadata (in the evaluation header) stated 'Required env vars: none' and 'Primary credential: none', which contradicts the skill files that require WISE_API_TOKEN. This appears to be a metadata mismatch (outdated or erroneous registry metadata), not a functional mismatch in the code.
Instruction Scope
The SKILL.md and the script limit behavior to GET requests against https://api.wise.com and explicitly state read-only operations and PII redaction. The script only reads command-line args and the WISE_API_TOKEN env var, formats requests, redacts certain PII fields by default, and prints JSON. There are no instructions to read arbitrary local files or send data to third-party endpoints outside api.wise.com.
Install Mechanism
No install spec is provided (instruction-only skill) and the included script is self-contained Node.js. Nothing is downloaded from external/untrusted URLs and no archives are extracted. Risk from install mechanism is low.
Credentials
The skill requires a single credential, WISE_API_TOKEN, which is appropriate for a Wise API client. Again, the only inconsistency is the registry header claiming no required env vars while .clawhub/config.toml and SKILL.md declare WISE_API_TOKEN as required and primary. No unrelated secrets or broad system credentials are requested.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system configuration. The agents/openai.yaml sets allow_implicit_invocation: false (UI policy to disable implicit invocation by default), so it is not granted forced/global presence. The normal platform behavior allowing autonomous invocation is not a special privilege of this skill and is not combined with other worrying indicators.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install wise-readonly - After installation, invoke the skill by name or use
/wise-readonly - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
Version 1.0.3
- Expanded supported commands to include recipients, transfers, quote lookup, delivery estimate, and historical exchange rates.
- Added commands for fetching individual balances, temporary quotes, account requirements, and transfer/recipient details (all PII-redacted by default).
- Updated description and documentation for clarity and broader API coverage.
- Continued strict no-write policy—still no create, fund, cancel, or delete actions.
- Improved metadata for smoother ClawHub and OpenClaw UI integration.
v1.0.2
- Updated .clawhub/config.toml configuration.
- No changes to skill features, documentation, or functionality.
v1.0.1
Initial project configuration files added.
- Added .clawhub/config.toml configuration file.
- Added agents/openai.yaml agent definition.
v1.0.0
Initial release: Provides read-only Wise API access for account and FX inspection.
- Supports listing profiles and fetching profile details (PII is redacted by default).
- Allows viewing balances for a given profile.
- Can check exchange rates between currencies.
- Does not allow any write, transfer, recipient, or quote operations.
- Ensures privacy and safety by redacting sensitive information and disallowing mutations.
Metadata
Frequently Asked Questions
What is Wise Read Only?
Read-only Wise API operations for account inspection, FX lookups, recipients, and transfer history. Use when asked to list profiles, balances, recipients, tr... It is an AI Agent Skill for Claude Code / OpenClaw, with 305 downloads so far.
How do I install Wise Read Only?
Run "/install wise-readonly" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Wise Read Only free?
Yes, Wise Read Only is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Wise Read Only support?
Wise Read Only is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Wise Read Only?
It is built and maintained by cianweeresinghe-sudo (@cianweeresinghe-sudo); the current version is v1.0.3.
More Skills