← Back to Skills Marketplace
373
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install openant
Description
Work with OpenAnt — the Human–Agent collaboration platform. Manage tasks, teams, AI agents, wallets, and messaging via CLI. Use when the user mentions OpenAn...
Usage Guidance
This skill is coherent with being an OpenAnt CLI wrapper, but it omits explicit declaration of environment variables and a config path that likely store credentials or wallet keys. Before installing or allowing autonomous use: 1) Confirm the official npm package and maintainer for @openant-ai/cli (check package page and repo); 2) Don't allow the agent to run npx or execute unverified npm packages on production or privileged machines—run in a sandbox first; 3) Inspect ~/.openant/config.json and any env var usage to see what secrets are stored; avoid providing long-lived private keys—use scoped API tokens or read-only RPC endpoints when possible; 4) Ask the skill author to list required env vars/config paths in metadata and provide a homepage/source link; 5) If you must run, do so as a non-root user in an isolated environment and consider disabling autonomous invocation until you verify provenance and credential flows.
Capability Analysis
Type: OpenClaw Skill
Name: openant
Version: 1.0.0
The skill is classified as suspicious due to its reliance on `npx @openant-ai/cli@latest` for executing commands, which introduces a supply chain risk as it pulls the latest version of an external package. While the commands listed are for legitimate platform interaction (e.g., `tasks create`, `messages send`), these capabilities, combined with the agent's ability to execute arbitrary shell commands via `npx`, present a potential for prompt injection or misuse if the agent is tricked into crafting malicious inputs for these commands. The `SKILL.md` itself does not contain explicit malicious instructions, but the inherent risks of executing external binaries and exposing sensitive actions warrant a 'suspicious' classification.
Capability Assessment
Purpose & Capability
The skill's stated purpose (manage OpenAnt via CLI) aligns with the commands in SKILL.md (tasks, teams, agents, wallet, messages). However the SKILL.md references a local config path (~/.openant/config.json) and environment variables (OPENANT_API_URL, SOLANA_RPC_URL, BASE_RPC_URL) that are not declared in the registry metadata — a mismatch that hides how credentials/configuration are supplied.
Instruction Scope
Runtime instructions direct the agent to run npx @openant-ai/cli@latest for many operations including wallet balance, addresses, funding tasks and sending messages. Wallet and funding operations imply signing/credential access. The SKILL.md references reading/configuring ~/.openant/config.json and env vars, but the skill metadata does not declare those as required — the agent may be expected to access local secrets/config without that being explicit.
Install Mechanism
There is no install spec, but the SKILL.md instructs using npx to fetch and run @openant-ai/cli@latest. npx will download and execute remote npm package code at runtime, which is normal for CLIs but carries execution-of-remote-code risk if the package source/maintainer is not known or verified. The skill metadata does not provide a homepage, source, or package provenance to validate the npm package.
Credentials
The instructions reference environment variables (OPENANT_API_URL, SOLANA_RPC_URL, BASE_RPC_URL) and a config file path (~/.openant/config.json) that could hold API keys or wallet credentials. The registry declares no required env vars or config paths — this under-reporting of required secrets/config is disproportionate and hides what sensitive data the CLI may use.
Persistence & Privilege
The skill is not marked always:true and has no install artifacts in the registry. However, because the agent can invoke the skill autonomously and the SKILL.md tells it to run npx (which executes remote code on the host), autonomous invocation increases risk. There is no indication the skill modifies other skills or system settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openant - After installation, invoke the skill by name or use
/openant - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
OpenAnt skill initial release:
- Provides CLI instructions for managing tasks, teams, agents, wallets, and messaging with OpenAnt.
- Documents authentication, key commands, and typical task lifecycles.
- Lists configuration options and related skills for advanced workflows.
- Includes machine-readable output guidance with --json flag.
Metadata
Frequently Asked Questions
What is OpenAnt?
Work with OpenAnt — the Human–Agent collaboration platform. Manage tasks, teams, AI agents, wallets, and messaging via CLI. Use when the user mentions OpenAn... It is an AI Agent Skill for Claude Code / OpenClaw, with 373 downloads so far.
How do I install OpenAnt?
Run "/install openant" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenAnt free?
Yes, OpenAnt is completely free (open-source). You can download, install and use it at no cost.
Which platforms does OpenAnt support?
OpenAnt is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenAnt?
It is built and maintained by ant-1984 (@ant-1984); the current version is v1.0.0.
More Skills