← Back to Skills Marketplace
mlegls

Fulfill Git Escrow

by 疒奀 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
260
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install fulfill-git-escrow
Description
Fulfill a git escrow bounty by writing a solution or submitting an existing one. Use when the user wants to solve a test suite challenge, write code to pass...
README (SKILL.md)

Fulfill Git Escrow

You are helping the user fulfill a git escrow bounty. This means submitting code that passes a failing test suite to claim the escrowed token reward.

There are two modes:

  • Mode A (Write + Submit): You write the solution code, commit it, and submit. This is the default when no --solution-repo is provided by the user.
  • Mode B (Submit Existing): The user already has a solution repo and commit. You just submit the fulfillment.

Determine the mode from the user's input:

  • If they provide --solution-repo, use Mode B.
  • Otherwise, use Mode A.

The escrow UID is always required.

Step 1: Check CLI availability

Run git-escrows --help to verify the CLI is installed. If it fails, try npx git-escrows --help or bunx git-escrows --help. Use whichever works for all subsequent commands. If none work, tell the user to install with npm i -g git-escrows.

Step 2: Check .env configuration

Check if a .env file exists in the current directory. If not, tell the user they need one and suggest running:

git-escrows new-client --privateKey "0x..." --network "sepolia"

Step 3: Validate the escrow

Run git-escrows list --verbose --format json and find the escrow matching the provided UID. Confirm:

  • The escrow exists and is open
  • Note the test repo URL, test commit hash, reward amount, and oracle address

If no escrow UID was provided, ask the user for one. You can help them browse with git-escrows list --status open.

Mode A: Write Solution + Submit

A1: Understand the tests

Clone or read the test repository to understand what the tests expect:

  1. Identify the test repo URL and commit from the escrow details
  2. Clone it to a temporary location: git clone \x3Curl> /tmp/escrow-tests-\x3Cuid> && cd /tmp/escrow-tests-\x3Cuid> && git checkout \x3Ccommit>
  3. Read the test files to understand:
    • What functions/modules/APIs the tests import
    • What behavior they assert
    • What test framework is used
    • The project structure expected

A2: Write the solution

In the current working directory (or a subdirectory the user specifies):

  1. Create/modify files to implement the code that will make the tests pass
  2. Follow the project structure the tests expect (e.g., if tests import from src/math.ts, create that file)
  3. Include any necessary config files (package.json, Cargo.toml, etc.)
  4. Ensure the test framework's dependencies are accounted for

A3: Commit and get repo details

  1. Stage and commit the solution: git add -A && git commit -m "solution for escrow \x3Cuid>"
  2. Get the commit hash: git rev-parse HEAD
  3. Get the remote URL: git remote get-url origin
    • If no remote exists, ask the user to push to a public git repo and provide the URL

A4: Submit the fulfillment

git-escrows fulfill \
  --escrow-uid "\x3Cuid>" \
  --solution-repo "\x3Crepo-url>" \
  --solution-commit "\x3Ccommit-hash>"

Mode B: Submit Existing Solution

B1: Gather parameters

From the user's input, extract:

  • --solution-repo: The git repo URL with the solution
  • --solution-commit: The commit hash of the solution

If either is missing, ask the user.

B2: Submit the fulfillment

git-escrows fulfill \
  --escrow-uid "\x3Cuid>" \
  --solution-repo "\x3Crepo-url>" \
  --solution-commit "\x3Ccommit-hash>"

Step 4: Report results (both modes)

After successful execution:

  • Report the Fulfillment UID prominently
  • Explain that the oracle will now automatically test the solution
  • Provide the collect command for after arbitration passes: 
    git-escrows collect --escrow-uid \x3Cescrow-uid> --fulfillment-uid \x3Cfulfillment-uid>
  • Suggest checking status with: git-escrows list --verbose

If the command fails, help diagnose the issue (escrow already fulfilled, wrong network, key not registered, etc.). If the user's git key isn't registered, suggest git-escrows register-key.

Usage Guidance
This skill appears to do what it claims, but it will use a PRIVATE_KEY and manipulate repositories and files. Before installing or running: (1) Do not use your main wallet/private key—create a throwaway key with minimal funds for testing and submissions. (2) Inspect any test repositories you clone before running code or installing dependencies; untrusted tests can contain malicious install scripts. Consider running repo/cloning and test execution inside a sandbox/container. (3) Confirm you control any repo URL you are told to push to; don't allow automatic pushes to unknown remotes. (4) Verify the origin of the git-escrows CLI (review its GitHub repo and releases) before installing. (5) Be aware that submitting a fulfillment will sign on-chain transactions and could transfer funds; only proceed if you understand and trust the escrow flow. Finally, note the small metadata inconsistency: SKILL.md expects .env/PRIVATE_KEY but the declared required env vars list is empty—verify the key handling before use.
Capability Analysis
Type: OpenClaw Skill Name: fulfill-git-escrow Version: 1.0.0 The skill facilitates fulfilling blockchain-based bounties using the 'git-escrows' CLI, which requires a plaintext PRIVATE_KEY stored in a .env file (SKILL.md). While the logic aligns with its stated purpose, the requirement for raw private keys and the instructions to clone and analyze external repositories (git clone) to pass tests introduce significant risks of credential exposure or indirect prompt injection from external code. No explicit evidence of malicious intent or exfiltration was found, but the high-privilege nature of the workflow is inherently risky.
Capability Assessment
Purpose & Capability
The skill is about fulfilling git-escrow bounties and explicitly requires the git-escrows CLI, git, a .env holding a PRIVATE_KEY, and network access to an Ethereum RPC — all of which are coherent with submitting on-chain fulfillments.
Instruction Scope
SKILL.md stays within the described purpose (discover escrow, inspect test repo, write or use a solution, commit, and call git-escrows fulfill). It instructs the agent to clone external test repos and create/modify files in the current working directory; it does not include broad unrelated file access. However, cloning and working with third-party repositories and dependencies can execute or expose the agent/environment to untrusted code — the document does not require sandboxing or explicit user confirmation before making changes.
Install Mechanism
This is an instruction-only skill with no install spec or downloaded code. It relies on a public npm CLI (git-escrows) which the SKILL.md recommends installing with npm; that's a low-risk, expected pattern for this purpose.
Credentials
The skill requires a PRIVATE_KEY (declared as primaryEnv) and a .env config — reasonable because the CLI must sign transactions. The registry metadata shows no required env vars list while SKILL.md expects .env/PRIVATE_KEY, which is an inconsistency to be aware of. PRIVATE_KEY is highly sensitive: it can control on-chain funds and permissions, so use of a dedicated low-value key is recommended.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide settings, and is user-invocable. Agent autonomous invocation is allowed (default) but not combined with other elevated privileges here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install fulfill-git-escrow
  3. After installation, invoke the skill by name or use /fulfill-git-escrow
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of fulfill-git-escrow - Enables users to fulfill git escrow bounties by submitting solutions that pass test suites and claim token rewards. - Supports two modes: writing and submitting a new solution, or submitting an existing solution repository and commit. - Requires git-escrows CLI, git, a configured .env with PRIVATE_KEY, and network access to Ethereum RPC. - Provides step-by-step guidance, including CLI/tool configuration checks, escrow validation, solution packaging, and fulfillment submission. - Includes troubleshooting and status checking instructions for smooth fulfillment and reward claiming.
Metadata
Slug fulfill-git-escrow
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Fulfill Git Escrow?

Fulfill a git escrow bounty by writing a solution or submitting an existing one. Use when the user wants to solve a test suite challenge, write code to pass... It is an AI Agent Skill for Claude Code / OpenClaw, with 260 downloads so far.

How do I install Fulfill Git Escrow?

Run "/install fulfill-git-escrow" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Fulfill Git Escrow free?

Yes, Fulfill Git Escrow is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Fulfill Git Escrow support?

Fulfill Git Escrow is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Fulfill Git Escrow?

It is built and maintained by 疒奀 (@mlegls); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments