← Back to Skills Marketplace
hastodev

MuHaven RWA Portfolio

by Hasto · GitHub ↗ · v0.1.2 · MIT-0
cross-platform ⚠ suspicious
57
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install muhaven-rwa-skill
Description
Confidential real-world-asset (RWA) portfolio agent built on MuHaven's Fhenix-CoFHE-encrypted token primitives. Read your encrypted balances, stage yield cla...
README (SKILL.md)

MuHaven RWA Portfolio — OpenClaw skill

This skill bundles a curated subset of @muhaven/mcp plus an OpenClaw-shaped config bundle. It runs in OpenClaw's NemoClaw runtime (or any MCP host that honours the manifest's permissions block) and connects to the live MuHaven backend at https://api.muhaven.app.

What it does

  • Reads your encrypted RWA portfolio — balances stay encrypted with Fhenix CoFHE; the skill never sees plaintext.
  • Stages buy + claim intents for the OpenClaw surface — the skill never auto-submits. Every intent emits a structured confirmation request to one of three tiers based on amount.
  • Surfaces audit log for compliance / forensics.
  • /pause kill-switch uninstalls the on-chain @zerodev/permissions validator within one Arb block.

What it intentionally cannot do

  • Move funds without your passkey. The skill issues unsigned UserOp envelopes; signing happens in the muhaven-broker daemon (≤$200 inline callback) or in your dashboard / Mini App (>$200 tiers).
  • Speak to anything outside the egress allowlist. manifest.json's network.deny_default: true means a tampered binary cannot exfiltrate to a third party.
  • Read or write your filesystem. permissions.filesystem.{read,write}: [].
  • Spawn child processes. permissions.process.spawn: [].
  • Store any secret. JWT lives in muhaven-broker's OS-keychain entry; the skill calls the broker over Unix-socket / named-pipe IPC.

How to install

  1. Install plain OpenClaw + ClawHub CLI globally: 
    npm install -g openclaw@latest clawhub
openclaw --version    # confirm install
clawhub --version
    (Runtime decision 2026-05-11: plain OpenClaw under sandbox.fallback: host_native. NemoClaw remains the preferred runtime claim in manifest.json for forward-compat; today's deploy targets plain OpenClaw.)
  2. Install the broker daemon separately as a global so its bin lands on $PATH regardless of ClawHub's bin-handling: 
    npm install -g @muhaven/[email protected]
muhaven-broker --version    # sanity check
    (The skill itself bundles @muhaven/mcp inline since 0.1.1 via tsup noExternal, so no separate npm install --omit=dev is needed after clawhub install. The global install of @muhaven/mcp is still useful because it puts the muhaven-broker daemon bin on $PATH — the skill's bundled copy of @muhaven/mcp only exposes the MCP server, not the daemon CLI.)
  3. Install the skill: 
    clawhub install [email protected]
  4. Start the broker daemon: muhaven-broker (see @muhaven/mcp README).
  5. Authenticate: muhaven-broker login — opens browser to https://muhaven.app/link?code=XXXX-XXXX, complete passkey.
  6. Optional: link your Telegram account for the /agent/openclaw/* confirmation surface. From the dashboard /agent page → Telegram tab → "Link Telegram" → message the bot at @muhaven_bot with the one-time link code.

Confirmation tiers

The skill never executes a state-mutating action without a confirmation. Three tiers based on intent notional (USDC):

Range Surface Why
≤ $200 Telegram inline keyboard "Confirm" button Low blast radius. Same trust model as a $200 mobile wallet payment — single-tap inline.
$200 – $5,000 Mini App with 6-digit OTP sent via separate Telegram message Defends against a chat-stuffing attack where the LLM emits a Confirm button users tap on autopilot. OTP is out-of-band.
> $5,000 Deep-link to dashboard https://muhaven.app/agent/confirm?intent=… for passkey signature Phishing-resistant by construction — WebAuthn RP-ID is bound to the dashboard origin; a Telegram-based MITM cannot complete passkey.

Tier boundaries are audit-logged in agent_audit_events with the amount-bucket the intent fell into. Investors can lower the boundaries in the dashboard /agent policy tab; they cannot raise them above the hardcoded ceilings (regulatory + Reg BI Care Obligation).

Hardening invariants (do NOT relax without audit)

  • permissions.network.deny_default: true — every new endpoint requires a manifest update + signed re-publish.
  • permissions.secrets.storage: os_keychain — paste-token UX is forbidden.
  • runtime.type: node — no shell, no Python, no JIT-compiled blob.
  • mcp.toolset_subset is the only set of tools the skill will dispatch to — additions require an ADR + signed re-publish.
  • Sigstore signing + GitHub OIDC trusted publishing — long-lived ClawHub tokens are not used. ClawHavoc (Feb 2026) precedent.
  • required_reviewers: 2 — single-maintainer publish is rejected at the policy gate. Two-maintainer release is the lesson from the Anthropic MCP SDK STDIO arbitrary-command CVEs (Apr 2026).

Tool inventory (subset of @muhaven/mcp)

See manifest.json and the upstream descriptors in @muhaven/mcp/src/tools/descriptions.ts. The skill only re-advertises the mcp.toolset_subset listed in this frontmatter; descriptor SHA-256 hashes are pinned in tool-hashes.json and verified on every skill load (mcp-context-protector pattern, post-MCPoison).

Reference docs

  • ADR-C in development/research-docs/WAVE_4_AGENTIC_RESEARCH_RESULT.md
  • development/DEV_WAVE_4/TOOL_NAMESPACE.md for the full naming surface
  • development/DEV_WAVE_4/THREAT_MODEL_P0.md for OWASP LLM + Agentic mappings

License

MIT. See LICENSE in the repository root.

Usage Guidance
Install only if you trust MuHaven and understand the wallet/account implications. Prefer an enforced sandbox runtime or read-only mode, keep the broker and dependencies updated, and manually review every buy, claim, or pause confirmation before approving it.
Capability Tags
cryptorequires-walletcan-make-purchasesrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The portfolio, buy-intent, claim-intent, and pause capabilities fit the stated MuHaven RWA purpose, but they are financially sensitive actions.
Instruction Scope
The artifacts repeatedly state that buy, claim, and pause actions emit intents and require human confirmation; users should still verify each confirmation before approving.
Install Mechanism
There is no separate install spec, but the documentation uses global npm-installed tooling and a bundled dependency graph; this is user-directed and purpose-aligned but supply-chain-sensitive.
Credentials
The skill advertises deny-by-default network/filesystem/process limits, but the provided security documentation says the current plain OpenClaw host-native runtime treats those permissions as advisory only.
Persistence & Privilege
Wallet/session authority is delegated to a local muhaven-broker daemon and JWT/session-key storage; this is disclosed, but users should understand where the broker stores credentials.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install muhaven-rwa-skill
  3. After installation, invoke the skill by name or use /muhaven-rwa-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.2
Cosmetic: corrects display name from "Package" to "MuHaven RWA Portfolio". No code or schema changes; bundled @muhaven/[email protected] is byte-identical to 0.1.1.
v0.1.1
Q2 publish bundle: inline-bundled @muhaven/[email protected] via tsup noExternal; SECURITY.md, policy.pause description hardened; new test surfaces for cli-parse, config, server-version, session-key-required.
Metadata
Slug muhaven-rwa-skill
Version 0.1.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is MuHaven RWA Portfolio?

Confidential real-world-asset (RWA) portfolio agent built on MuHaven's Fhenix-CoFHE-encrypted token primitives. Read your encrypted balances, stage yield cla... It is an AI Agent Skill for Claude Code / OpenClaw, with 57 downloads so far.

How do I install MuHaven RWA Portfolio?

Run "/install muhaven-rwa-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is MuHaven RWA Portfolio free?

Yes, MuHaven RWA Portfolio is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does MuHaven RWA Portfolio support?

MuHaven RWA Portfolio is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created MuHaven RWA Portfolio?

It is built and maintained by Hasto (@hastodev); the current version is v0.1.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments