← Back to Skills Marketplace
Prism Alerts
by
Next Frontier AI
· GitHub ↗
· v1.1.2
2046
Downloads
1
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install prism-alerts
Description
Real-time Pump.fun token alerts for Solana traders. New launches, graduations, volume spikes. For trading bots, Discord, Telegram, AI agents.
Usage Guidance
This skill appears to do what it says (poll a PRISM API and produce alerts), but exercise caution before supplying bot credentials or trusting the default PRISM endpoint. Things to check before installing or running:
- Verify the PRISM API: the default URL (strykr-prism.up.railway.app) is a third‑party host with no homepage provided; confirm the operator and trustworthiness. Consider self‑hosting or pointing PRISM_URL at a trusted endpoint.
- The package metadata does not declare the TELEGRAM/DISCORD env vars shown in the README. Expect to need your own TELEGRAM_BOT_TOKEN / DISCORD_BOT_TOKEN and channel IDs to send alerts — do not paste tokens into unknown web UIs; run the bot locally or in a controlled environment.
- Inspect and run the included scripts locally or inside a sandbox/container. The script only uses curl/jq and writes a dedupe file under /tmp, but network requests go to the PRISM service so review traffic if you are concerned about data leaving your environment.
- Prefer creating your own messaging bots and supply only those tokens. If you must use an external Prism provider, verify TLS, ownership, and privacy policy; avoid sharing credentials with unknown operators.
If you want a higher assurance verdict, provide: the upstream repository or homepage for the PRISM API and the skill, and confirmation of who operates the strykr-prism endpoint; with that info the assessment can move to benign if the operators are trustworthy.
Capability Analysis
Type: OpenClaw Skill
Name: prism-alerts
Version: 1.1.2
The skill is designed to fetch real-time cryptocurrency alerts from the Strykr PRISM API. The `scripts/alerts.sh` file uses `curl` to query `https://strykr-prism.up.railway.app` and `jq` to parse the JSON output, storing temporary state in `/tmp/prism_seen_tokens.txt`. All network and file system operations are directly aligned with the stated purpose of providing token alerts. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent in `SKILL.md`.
Capability Assessment
Purpose & Capability
Name/description (Pump.fun / Solana token alerts) aligns with the included script and examples: the bash script polls PRISM endpoints and the SKILL.md shows Telegram/Discord integration examples. However, the skill metadata declares no required env vars while SKILL.md documents TELEGRAM_BOT_TOKEN, DISCORD_BOT_TOKEN, channel IDs, and PRISM_URL — an inconsistency in what the package says it needs versus what instructions demonstrate. PRISM_URL defaults to a third‑party Railway app (strykr-prism.up.railway.app); that external service is central to the skill but the source/homepage are unknown.
Instruction Scope
SKILL.md and scripts stay within alerting functionality: polling PRISM API, formatting alerts, and sending to bots. The included watch loop stores seen tokens in /tmp/prism_seen_tokens.txt and polls every 30s. SKILL.md includes code examples that would transmit token data to Telegram/Discord channels (expected for alerts). Instructions do not direct the agent to read unrelated files or other credentials, but they do assume use of external messaging services (which require tokens).
Install Mechanism
No install spec — instruction-only plus a small shell script included. Nothing is downloaded from arbitrary URLs or written to unusual system locations by an installer. Risk from installation mechanism is low.
Credentials
The skill metadata lists no required env vars, but SKILL.md documents PRISM_URL, TELEGRAM_BOT_TOKEN, TELEGRAM_CHANNEL_ID, DISCORD_BOT_TOKEN, and DISCORD_CHANNEL_ID. Requiring messaging bot tokens is expected for integrations, but the metadata failing to declare them reduces transparency. Also the default PRISM_URL points to a third‑party hosted endpoint (Railway) — all alert/request data will flow through that service unless you change PRISM_URL. Requesting or entering bot tokens into code that communicates with an external (unknown) API increases risk of credential exposure if that service or its operator is untrusted.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. The script writes only a temporary /tmp/prism_seen_tokens.txt to deduplicate alerts. It does not modify other skills or system settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install prism-alerts - After installation, invoke the skill by name or use
/prism-alerts - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.2
Rebranded to OpenClaw
v1.1.1
SEO update
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Prism Alerts?
Real-time Pump.fun token alerts for Solana traders. New launches, graduations, volume spikes. For trading bots, Discord, Telegram, AI agents. It is an AI Agent Skill for Claude Code / OpenClaw, with 2046 downloads so far.
How do I install Prism Alerts?
Run "/install prism-alerts" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Prism Alerts free?
Yes, Prism Alerts is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Prism Alerts support?
Prism Alerts is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Prism Alerts?
It is built and maintained by Next Frontier AI (@nextfrontierbuilds); the current version is v1.1.2.
More Skills