← Back to Skills Marketplace
fwangzil

Sfaeflow Solana Skill

by Togo · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
85
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install safe-flow-solana-skill
Description
Use when running SafeFlow against a deployed Solana program. Trigger for tasks such as generating an agent keypair, asking the owner to fund gas and create w...
Usage Guidance
Do not install or run this skill until the repository author supplies missing artifacts and clarifications. Specific checks to request or perform before use: - Verify the repository includes the referenced SDK (sdk/src/agent) and the IDL file (target/idl/safeflow_solana.json). Inspect those files for unexpected network calls or unknown endpoints. - Confirm system requirements: explicitly require solana-cli (solana-keygen), node, and a pinned ts-node/runtime dependency or provide a package.json; avoid implicit npx pulls if you want reproducible behavior. - Understand and accept local private key storage: the agent keypair is written to .safeflow/agent-keypair.json (sensitive). Consider using hardware wallets, restricted signing services, or running in an isolated environment. - Because the script executes arbitrary JS via npx/ts-node, ensure all JS code is audited and comes from a trusted source; if you cannot validate the code, run in a sandboxed environment or decline. - Ask the author to provide an explicit install spec (or packaged dependencies) and to declare required binaries in the skill metadata. If the skill will fetch runtime packages, request pinned versions and an integrity check. If you cannot obtain these assurances, classify the skill as untrusted and avoid running it with real funds or on production systems.
Capability Analysis
Type: OpenClaw Skill Name: safe-flow-solana-skill Version: 1.0.0 The skill implements a Solana payment agent but contains a significant code injection vulnerability in `scripts/execute_payment.sh`. The script uses `npx ts-node -e` to run a JavaScript snippet where shell variables (such as `--recipient` and `--evidence-id`) are interpolated directly into string literals without any sanitization, which could allow an attacker to execute arbitrary JavaScript. While the logic appears consistent with the stated goal of managing on-chain payments via the SafeFlow protocol (Program ID: `DwYEDn6xRpSbnNA7mkszQgDAUoHGfgdBNSi6pwy4qJKy`), the insecure handling of agent-provided inputs is a high-risk flaw.
Capability Assessment
Purpose & Capability
The name/description (SafeFlow Solana payment skill) aligns with the included scripts: they generate an agent keypair, persist config, query session state, and execute on-chain payments. However, the skill metadata declares no required binaries or env vars even though the scripts call solana-keygen, node, and npx/ts-node and expect local files (sdk/src/agent and target/idl/safeflow_solana.json). The absence of these declared dependencies/files is an incoherence.
Instruction Scope
The runtime instructions/scripts read/write sensitive local state (.safeflow/agent-keypair.json and config.json) and execute an inline TypeScript/JavaScript program via npx ts-node that loads a local SDK module and IDL. The scripts will connect to public Solana RPC endpoints (devnet/mainnet) but do not call any other external endpoints. The instruction set grants the agent the ability to create and use a private key stored on disk and to execute arbitrary JS in the context of the repository — the SKILL.md and manifest do not make it clear where the SDK/IDL come from or whether the JS code is audited.
Install Mechanism
There is no install spec. The scripts rely on npx to run ts-node which will fetch packages from the npm registry at runtime if not present. That implicit network installation is not declared and increases risk. Also required local files (sdk/src/agent, target/idl/...) are referenced but not present in the provided file manifest, meaning the scripts will fail or attempt to fetch missing pieces at runtime.
Credentials
The skill requests no environment variables or external credentials in metadata, which is proportional. However, it creates and stores a Solana private key locally (.safeflow/agent-keypair.json) and will read that secret to sign transactions — this is sensitive and should be expected and handled cautiously. No unexpected credentials (AWS, GCP, etc.) are requested.
Persistence & Privilege
always is false and there are no declarations that the skill will modify other skills or system-wide settings. The skill persists its own config and keypair under .safeflow which is normal for this purpose.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install safe-flow-solana-skill
  3. After installation, invoke the skill by name or use /safe-flow-solana-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the SafeFlow Solana Agent Skill. - Enables AI agents to perform autonomous, rate-limited payments on Solana. - Provides scripts for keypair generation, owner handoff, payment execution, and config saving. - Supports on-chain enforcement of rate limit, budget cap, session expiration, and revocation. - Payment error handling with actionable agent responses for common failure scenarios.
Metadata
Slug safe-flow-solana-skill
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Sfaeflow Solana Skill?

Use when running SafeFlow against a deployed Solana program. Trigger for tasks such as generating an agent keypair, asking the owner to fund gas and create w... It is an AI Agent Skill for Claude Code / OpenClaw, with 85 downloads so far.

How do I install Sfaeflow Solana Skill?

Run "/install safe-flow-solana-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Sfaeflow Solana Skill free?

Yes, Sfaeflow Solana Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Sfaeflow Solana Skill support?

Sfaeflow Solana Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Sfaeflow Solana Skill?

It is built and maintained by Togo (@fwangzil); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments