← Back to Skills Marketplace
241
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install stove-taker-api
Description
使用 Stove Protocol 的 Taker API 进行锁单、成交、撤单响应以及成交记录与订单查询,基于 API Key 认证访问。
Usage Guidance
This skill implements CLI calls to the Stove Taker API and will send whatever API Key you provide to the configured base_url (default https://proto.stove.finance). Before installing or using it: 1) Verify whether the actual Stove API requires an API Secret and HMAC signature — the included docs say a Secret/signature is required but the script does not implement signing; if the API does require signing, this tool may not work and you should not supply a secret to an untrusted skill. 2) Treat the API Key as sensitive: provide it only via the skill's secret config (do not paste into chat) and consider using a scoped key for testing. 3) Prefer using the test environment (use_test_env or --env test) when trying the skill. 4) If you rely on this in production, review the Python script source locally to ensure it meets your security and signing requirements or extend it to implement the documented HMAC signing flow. 5) The metadata omission (registry showing no required creds) is a red flag: confirm with the provider/maintainer why the documentation and runtime arguments differ before trusting this skill with real credentials.
Capability Analysis
Type: OpenClaw Skill
Name: stove-taker-api
Version: 0.1.0
The skill bundle provides a standard interface for interacting with the Stove Protocol Taker API. The core logic in `scripts/taker_api.py` uses the Python standard library to wrap HTTP requests for order management tasks like locking, filling, and querying orders. While there is a discrepancy between the script's simple API key header implementation and the HMAC signature requirements described in `references/API Authorization.md`, this appears to be a functional oversight or an environmental difference rather than a malicious indicator. The bundle lacks any signs of data exfiltration, unauthorized command execution, or prompt injection attempts.
Capability Assessment
Purpose & Capability
Name, description, docs and script all target the Stove Protocol Taker API and the provided CLI covers validate/lock/unlock/fill/query operations — those capabilities align with the stated purpose. However, the reference docs describe an API Key + Secret HMAC signature flow, while the runtime script and SKILL.md only use a single X-API-Key header (no signature/timestamp). This is an inconsistency between documentation and implementation.
Instruction Scope
SKILL.md instructs the agent to run the included Python script which only performs HTTP(S) requests to the configured base_url and prints JSON. The instructions and script do not read local filesystem paths or environment variables outside the declared config, nor do they send data to unexpected endpoints.
Install Mechanism
This is an instruction-only skill with no install spec; the script is included in the bundle and will be executed directly. No external downloads or package installs are performed by the skill itself.
Credentials
SKILL.md/config requires an API Key (secret) passed as a skill config parameter — reasonable for this API. But registry metadata earlier listed no required credentials, which is inconsistent with the skill's runtime config. More importantly, the reference docs describe an API Secret and signature headers (X-API-Signature, X-API-Timestamp), yet the script does not accept or generate a signature or timestamp — if the real Stove API requires an API Secret, this script will fail or the user may be prompted to provide a secret elsewhere. The skill will transmit the provided API Key in requests to the configured base_url (defaulting to proto.stove.finance).
Persistence & Privilege
always is false, and the skill does not request elevated persistent privileges or modify other skills/config. It requires network permission (declared) to contact the API, which is appropriate for its purpose.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install stove-taker-api - After installation, invoke the skill by name or use
/stove-taker-api - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of the Stove Taker API skill.
- Provides shell-based access to Stove Protocol Taker API for order validation, locking/unlocking, filling, rejecting, and querying orders/trades.
- Supports environment selection (production/test) and custom base URL, with API key authentication.
- Includes detailed usage documentation and robust Python command-line interface examples.
- Covers handling of order/trade list responses and recommends best practices for API usage and pagination.
- Offers guidance for subscribing to Taker WebSocket push notifications.
Metadata
Frequently Asked Questions
What is Stove Taker Api?
使用 Stove Protocol 的 Taker API 进行锁单、成交、撤单响应以及成交记录与订单查询,基于 API Key 认证访问。 It is an AI Agent Skill for Claude Code / OpenClaw, with 241 downloads so far.
How do I install Stove Taker Api?
Run "/install stove-taker-api" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Stove Taker Api free?
Yes, Stove Taker Api is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Stove Taker Api support?
Stove Taker Api is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Stove Taker Api?
It is built and maintained by zschen211 (@zschen211); the current version is v0.1.0.
More Skills