功能描述

The agent's wallet. Use this skill to safely create a wallet the agent can use for transfers, swaps, and any EVM chain transaction.

使用说明 (SKILL.md)

Agent Wallet

Name: Agent Wallet
Author: glitch003

Use this skill to safely create a wallet the agent can use for transfers, swaps, and any EVM chain transaction without ever exposing private keys to the agent. Create a wallet, set spending policies, and your agent can transfer tokens, do swaps, and interact with smart contracts within the boundaries you define.

The agent never sees the private key. All transactions are executed server-side through a smart account. The wallet owner controls what the agent can do via configurable policies.

Configuration

Base API URL: Use the SAFESKILLS_API_URL environment variable if set, otherwise default to https://safeskill-production.up.railway.app
Frontend URL: Use the SAFESKILLS_FRONTEND_URL environment variable if set, otherwise default to https://safeskill-production.up.railway.app

All API requests require a Bearer token (the API key returned when creating a wallet).

Authorization: Bearer \x3CAPI_KEY>

Quick Start

1. Create a Wallet

Create a new smart account wallet for your agent. This generates a private key server-side (you never see it), creates a ZeroDev smart account, and returns an API key for the agent plus a claim URL for the wallet owner.

curl -X POST "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/secrets" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "EVM_WALLET",
    "memo": "My agent wallet",
    "chainId": 84532
  }'

Response includes:

apiKey -- store this securely; use it as the Bearer token for all future requests
claimUrl -- share this with the user so they can claim the wallet and set policies
address -- the smart account address

After creating, tell the user:

"Here is your wallet claim URL: \x3CclaimUrl>. Use this to claim ownership, set spending policies, and monitor your agent's wallet activity."

2. Get Wallet Address

curl -X GET "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/skills/evm-wallet/address" \
  -H "Authorization: Bearer \x3CAPI_KEY>"

3. Check Balances

# Native balance only
curl -X GET "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/skills/evm-wallet/balance" \
  -H "Authorization: Bearer \x3CAPI_KEY>"

# With ERC-20 tokens
curl -X GET "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/skills/evm-wallet/balance?tokens=0xTokenAddr1,0xTokenAddr2" \
  -H "Authorization: Bearer \x3CAPI_KEY>"

4. Transfer ETH or Tokens

# Transfer native ETH
curl -X POST "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/skills/evm-wallet/transfer" \
  -H "Authorization: Bearer \x3CAPI_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "to": "0xRecipientAddress",
    "amount": "0.01"
  }'

# Transfer ERC-20 token
curl -X POST "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/skills/evm-wallet/transfer" \
  -H "Authorization: Bearer \x3CAPI_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "to": "0xRecipientAddress",
    "amount": "100",
    "token": "0xTokenContractAddress"
  }'

5. Swap Tokens

Swap one token for another using DEX liquidity (powered by 0x).

# Preview a swap (no execution, just pricing)
curl -X POST "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/skills/evm-wallet/swap/preview" \
  -H "Authorization: Bearer \x3CAPI_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "sellToken": "0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE",
    "buyToken": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48",
    "sellAmount": "0.1",
    "chainId": 1
  }'

# Execute a swap
curl -X POST "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/skills/evm-wallet/swap/execute" \
  -H "Authorization: Bearer \x3CAPI_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "sellToken": "0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE",
    "buyToken": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48",
    "sellAmount": "0.1",
    "chainId": 1,
    "slippageBps": 100
  }'

sellToken / buyToken: Token contract addresses. Use 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE for native ETH.
sellAmount: Human-readable amount to sell (e.g. "0.1" for 0.1 ETH).
chainId: The chain to swap on (1 = Ethereum, 137 = Polygon, 42161 = Arbitrum, 10 = Optimism, 8453 = Base, etc.).
slippageBps: Optional slippage tolerance in basis points (100 = 1%). Defaults to 100.

The preview endpoint returns expected buy amount, route info, and fees without executing. The execute endpoint performs the actual swap through the smart account, handling ERC20 approvals automatically.

6. Send Arbitrary Transaction

Interact with any smart contract by sending custom calldata.

curl -X POST "${SAFESKILLS_API_URL:-https://safeskill-production.up.railway.app}/api/skills/evm-wallet/send-transaction" \
  -H "Authorization: Bearer \x3CAPI_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "to": "0xContractAddress",
    "data": "0xCalldata",
    "value": "0"
  }'

Policies

The wallet owner controls what the agent can do by setting policies via the claim URL. If a transaction violates a policy, the API will reject it or require human approval via Telegram.

Policy	What it does
Address allowlist	Only allow transfers/calls to specific addresses
Token allowlist	Only allow transfers of specific ERC-20 tokens
Function allowlist	Only allow calling specific contract functions (by 4-byte selector)
Spending limit (per tx)	Max USD value per transaction
Spending limit (daily)	Max USD value per rolling 24 hours
Spending limit (weekly)	Max USD value per rolling 7 days
Require approval	Every transaction needs human approval via Telegram
Approval threshold	Transactions above a USD amount need human approval

If no policies are set, all actions are allowed by default. Once the owner claims the wallet and adds policies, the agent operates within those boundaries.

Important Notes

Never try to access raw secret values. The private key stays server-side -- that's the whole point.
Always store the API key from wallet creation -- it's the only way to authenticate.
Always share the claim URL with the user after creating a wallet.
The default chain ID is 84532 (Base Sepolia testnet). Adjust as needed.
If a transaction is rejected, it may be blocked by a policy. Tell the user to check their policy settings via the claim URL.
If a transaction requires approval, it will return status: "pending_approval". The wallet owner will receive a Telegram notification to approve or deny.

安全使用建议

Things to consider before installing: - Provenance: The skill has no source repo or homepage and defaults to an API hosted on a Railway app (https://safeskill-production.up.railway.app). Verify the author and the service before trusting it with funds. Ask for a public code repository, security audit, or a trustworthy vendor page. - Powerful credential: Creating a wallet yields an apiKey (Bearer token) that the agent will use to perform transfers, swaps, and arbitrary contract calls. That apiKey can move funds within whatever policies are configured. The skill metadata does not declare this requirement — treat the apiKey as a high-value secret. - Policies and human approval: Rely on strict, conservative policies (address/token/function allowlists, per-tx and daily spending limits) and enable explicit human approval for any transaction you would not expect automatically. Test thoroughly on a testnet wallet first. - Autonomous invocation risk: Because the agent can call the skill autonomously, do not allow it to hold real funds unless you are comfortable with the agent's decision-making boundaries. Prefer requiring manual approval for any non-trivial action. - Operational safeguards: If you proceed, rotate keys regularly, store the apiKey in a secure secrets store (not plaintext), restrict the API key scopes if possible, monitor transactions in real time, and limit the skill to minimal chains and tokens needed. - Alternatives: Consider self-hosting a wallet/back-end you control or using a well-known, audited custody/agent-wallet provider with clear source code and documentation. If you want to proceed safely, request the skill author for: (1) source code or deployment manifest, (2) a clear statement of exactly what privileges apiKey grants, and (3) instructions for scoping/rotating the apiKey and enabling mandatory human approvals.

功能分析

Type: OpenClaw Skill Name: agent-wallet Version: 1.0.7 The skill bundle is designed to allow an AI agent to manage an EVM wallet without ever exposing private keys to the agent. All transactions are handled server-side via an API (`safeskill-production.up.railway.app`) and are subject to user-defined policies. The `SKILL.md` explicitly instructs the agent 'Never try to access raw secret values' and clearly outlines all API interactions, including powerful ones like `send-transaction`, which are mitigated by the policy system. There is no evidence of prompt injection attempts, data exfiltration to unauthorized endpoints, or other malicious behaviors; the skill's design prioritizes security and user control.

能力评估

ℹ Purpose & Capability

Name/description match the instructions: SKILL.md documents creating and using a smart-account wallet via an external API for transfers, swaps, and arbitrary contract calls. However, the skill metadata declares no required env/credentials while the runtime instructions rely on an API URL env var (SAFESKILLS_API_URL) and produce a highly privileged API key (apiKey) at wallet creation; the mismatch between declared requirements and actual runtime needs is a concerning inconsistency. The skill's source/homepage is unknown, increasing provenance risk.

⚠ Instruction Scope

The instructions tell the agent to create wallets and then use a returned apiKey (Bearer token) to check balances, transfer funds, swap tokens, and send arbitrary calldata to contracts. That allows executing on-chain transactions and arbitrary contract interactions. The SKILL.md does not require reading unrelated files or system state, but it grants the agent the ability to move funds (subject to owner-set policies). Because the skill allows arbitrary txs and swaps, an agent invoking this skill autonomously can cause financial loss if policies are mis-set or the external service is malicious.

✓ Install Mechanism

Instruction-only skill with no install spec or code files; nothing is written to disk and no additional packages are installed. Low technical installation risk.

⚠ Credentials

SKILL.md references SAFESKILLS_API_URL and SAFESKILLS_FRONTEND_URL and explains the need to store an apiKey (Bearer token) for ongoing operations, but the skill metadata lists no required env vars or primary credential. The apiKey issued by the external service is effectively a privileged credential that can authorize transfers and contract calls; that capability should be declared up-front. The absence of declared credential requirements plus the high privilege of the resulting apiKey is disproportionate and under-specified.

ℹ Persistence & Privilege

always:false (not force-included) and disable-model-invocation:false (agent may call autonomously). Autonomous invocation combined with a wallet that can transfer funds increases the blast radius if the agent is permitted to act without human-in-the-loop approval. This is not automatically disqualifying but is a meaningful risk factor and should be considered when granting the agent permissions.

版本历史

v1.0.7

- Updated description and documentation to clarify skill capabilities for transfers, swaps, and EVM chain transactions. - Simplified introduction and removed marketing-oriented sections from the SKILL.md. - No logic or API changes; documentation only.

v1.0.6

- Added new token swap functionality (preview and execute swaps using DEX liquidity via 0x API). - Updated Quick Start with detailed instructions and example API calls for token swaps. - Default chain ID for wallet creation changed from 11155111 to 84532 (Base Sepolia testnet). - Clarified documentation and default settings for chain ID.

v1.0.5

Version 1.0.5 of the Agent Wallet skill - No file changes were detected in this release. - Documentation and functionality remain unchanged from the previous version.

v1.0.2

- Improved documentation with a comprehensive SKILL.md, including configuration, API endpoints, and policy management. - Clarified usage: the agent never sees private keys; all wallet actions are controlled by server-side policies. - Added step-by-step quick start instructions for creating wallets, transferring funds, checking balances, and executing smart contract calls. - Documented configurable policy controls, including spending limits, allowlists, and approval workflows. - Provided security and usage best practices for wallet owners and agents.

元数据

Slug agent-wallet

版本 1.0.7

许可证 —

累计安装 7

当前安装数 7

历史版本数 4

常见问题

Agent Wallet 是什么？

The agent's wallet. Use this skill to safely create a wallet the agent can use for transfers, swaps, and any EVM chain transaction. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 2116 次。

如何安装 Agent Wallet？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-wallet」即可一键安装，无需额外配置。

Agent Wallet 是免费的吗？

是的，Agent Wallet 完全免费（开源免费），可自由下载、安装和使用。

Agent Wallet 支持哪些平台？

Agent Wallet 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Agent Wallet？

由 Chris Cassano（@glitch003）开发并维护，当前版本 v1.0.7。

Agent Wallet

Agent Wallet

Configuration

Quick Start

1. Create a Wallet

2. Get Wallet Address

3. Check Balances

4. Transfer ETH or Tokens

5. Swap Tokens

6. Send Arbitrary Transaction

Policies

Important Notes

Agent Wallet 是什么？

如何安装 Agent Wallet？

Agent Wallet 是免费的吗？

Agent Wallet 支持哪些平台？

谁开发了 Agent Wallet？

💬 留言讨论