← Back to Skills Marketplace
lai3d

Qfc Openclaw Skill

by Larry Lai · GitHub ↗ · v3.4.0 · MIT-0
cross-platform ⚠ suspicious
473
Downloads
0
Stars
3
Active Installs
14
Versions
Install in OpenClaw
/install qfc
Description
QFC blockchain interaction — wallet, faucet, chain queries, staking, epoch & finality, AI inference
Usage Guidance
This skill is largely coherent with its stated purpose (a full QFC wallet/chain + inference toolkit), but it has several items you should consider before installing or running: - Protect private keys: demo scripts ask you to export OWNER_PRIVATE_KEY; do not set or expose your mainnet private keys unless you fully trust and have audited the code. Prefer testnet keys and isolated wallets. - Keystore files: the skill saves encrypted keystores to ~/.openclaw/qfc-wallets/ (not declared in registry metadata). Verify the code that creates/reads these files and confirm the directory/permissions before use. - Avoid the global CLI patch: CLAUDE.md suggests editing a globally installed ClawHub JS file to 'work around' publishing behavior — do not apply that patch unless you understand and trust it; modifying global packages is risky. - Autonomous agent power: demos show issuing session keys and registering agents with Transfer permissions. If you enable autonomous invocation for this skill, limit permissions, use session keys with strict TTLs/daily caps, and test on testnet only. - Review network endpoints: the skill targets https://rpc.testnet.qfc.network and https://explorer.testnet.qfc.network; confirm these endpoints are legitimate and available to you. - Recommended steps before use: (1) review the keystore, agent-wallet, and demo scripts in src/ for any unexpected network endpoints or phone-home behavior; (2) run npm install and builds in a sandbox/container; (3) test only on testnet with throwaway wallets; (4) do not follow the global ClawHub patch unless you audit it. If you want, I can: (a) list the exact files that create/modify the keystore and show the code paths that write to ~/.openclaw, (b) extract the lines that instruct patching the ClawHub file, or (c) search the repo for any hard-coded external endpoints or 'eval'/'child_process' usage to give you a more concrete risk map.
Capability Analysis
Type: OpenClaw Skill Name: qfc Version: 3.4.0 The QFC OpenClaw Skill is a comprehensive blockchain interaction toolkit for the QFC network, providing features for wallet management, token/NFT deployment, and AI inference. It includes a robust security framework (src/security.ts) that enforces daily spending limits, transaction confirmations for large amounts, and address validation. While the skill handles sensitive operations like local encrypted wallet persistence (src/keystore.ts) and uses hardcoded bytecodes for contract deployments (src/token.ts, src/nft.ts), these actions are well-documented, aligned with the stated purpose, and include defensive instructions for the AI agent to prevent the exposure of private keys or unauthorized transactions.
Capability Assessment
Purpose & Capability
The code and SKILL.md match the declared purpose (wallet, faucet, chain queries, staking, token/NFT, DEX, AI inference). Required binary (node) is appropriate. However the skill persists keystore files to ~/.openclaw/qfc-wallets/ and expects to read/write local keystore metadata, but the registry metadata did not declare any required config paths or storage access — a discrepancy the user should be aware of (the skill will create/read files in the user's home directory).
Instruction Scope
SKILL.md / CLAUDE.md and included docs instruct the user/agent to run setup scripts and even to patch a global ClawHub CLI file (edit $(npm root -g)/clawhub/.../publish.js) to work around an 'acceptLicenseTerms' issue. That instruction to modify a globally installed tool is unexpected for a chain interaction skill and expands the scope to system-wide modifications. Demo scripts also directly read OWNER_PRIVATE_KEY from environment and show registering session keys with transfer permissions — legitimate for an autonomous agent demo but high-risk if run against mainnet or without understanding permissioning.
Install Mechanism
There is no automated install spec (no arbitrary URL downloads). The project uses standard npm build flows (package.json deps: ethers, dev typescript) and a small setup.sh that runs npm install + tsc. No external, obscure URLs or archive extraction were found in the manifest. Building/running will pull npm packages (traceable) — still run in a controlled environment if you decide to build it.
Credentials
Registry metadata lists no required env vars, but multiple demo scripts and examples expect OWNER_PRIVATE_KEY (and optional Discord bot integration would need a token). The skill legitimately needs access to private keys or signer objects to send transactions, but the lack of explicit declared env vars/config requirements (and the presence of examples that require sensitive env vars) is a gap: users may be prompted to expose secrets after install. This is proportional to the wallet capability but should be explicitly declared.
Persistence & Privilege
The skill persists encrypted keystores to ~/.openclaw/qfc-wallets/ (keystore format, scrypt). Persistent disk storage is expected for a wallet skill, but the manifest did not declare config paths. The skill does not set always:true; however the included agent/session registration demos show workflows that create session keys with Transfer permissions (capable of spending funds). Combined with autonomous invocation, that capability increases blast radius if misconfigured — it's expected for 'autonomous agent' demos but requires careful operator controls.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install qfc
  3. After installation, invoke the skill by name or use /qfc
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.4.0
Add AgentWalletClient for session-key-aware inference, demo scenarios (trader, content generator, AI oracle)
v3.2.0
v3.2.0: QFCMinerMonitor for earnings notifications + !miner Discord command
v3.0.3
IPFS large result support (fetchIpfsResult + getResult), estimateFee fix (#12)
v3.0.2
Fix submitTask payload: model→modelId, input→inputData (base64), add taskType param (fixes #10)
v3.0.1
Marketplace V2: configurable platform fee (feeBps + feeRecipient), owner fee controls, fee query
v3.0.0
v3.0 DeFi infrastructure: WQFC wrapper, token launchpad, NFT marketplace, multicall batch reads, event subscriptions
v2.6.0
Token Swap / DEX — constant-product AMM with LP tokens, 0.3% fee, slippage protection, auto-approve
v2.5.0
Airdrop smart contract — deploy once, batch-transfer any ERC-20 in a single tx (saves gas vs sequential transfers)
v2.4.1
Add pre-compiled ERC-721 bytecode — NFT deploy() now works without external solc
v2.4.0
Batch transfers, NFT support, Discord bot
v2.3.0
Token portfolio and transfer history
v2.2.0
Token creation & explorer verification: one-click ERC-20 deployment, mint/burn support, auto source code verification on explorer
v2.1.0
AI inference, smart contracts, ERC-20 tokens, reference docs
v0.1.0
Initial release of the QFC OpenClaw skill for comprehensive QFC blockchain interactions: - Create, import, and manage QFC wallets with secure keystore storage - Testnet faucet integration for requesting test QFC tokens - Detailed chain queries: balance, blocks, transactions, and receipts - Staking, validator data, and contribution score queries - Epoch and finality information access - Built-in security rules for managing keys, networks, and transaction limits - Configurable network and RPC setup for testnet/mainnet
Metadata
Slug qfc
Version 3.4.0
License MIT-0
All-time Installs 3
Active Installs 3
Total Versions 14
Frequently Asked Questions

What is Qfc Openclaw Skill?

QFC blockchain interaction — wallet, faucet, chain queries, staking, epoch & finality, AI inference. It is an AI Agent Skill for Claude Code / OpenClaw, with 473 downloads so far.

How do I install Qfc Openclaw Skill?

Run "/install qfc" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Qfc Openclaw Skill free?

Yes, Qfc Openclaw Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Qfc Openclaw Skill support?

Qfc Openclaw Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Qfc Openclaw Skill?

It is built and maintained by Larry Lai (@lai3d); the current version is v3.4.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments