← 返回 Skills 市场
bnbcompanions

Headless Crypto trading for agents

作者 Crypto Dev · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
602
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install headless-crypto
功能描述
Autonomous trading for AI agents on Solana and BNB Chain. Use when: (1) executing token swaps on DEXs (Raydium, PancakeSwap), (2) checking token prices and b...
使用说明 (SKILL.md)

Headless Trading

Autonomous trading toolkit for AI agents on Solana (Raydium) and BNB Chain (PancakeSwap).

Core Capabilities

1. Token Swaps

Execute swaps on decentralized exchanges without browser interaction:

  • Raydium (Solana): SOL ↔ SPL tokens
  • PancakeSwap (BNB Chain): BNB ↔ BEP20 tokens

2. Price Monitoring

Fetch real-time token prices:

  • DEX liquidity pool prices
  • Multiple pair support
  • Slippage calculation

3. Portfolio Management

Check balances and positions:

  • Native token balances (SOL, BNB)
  • Token holdings across wallets
  • Transaction history

4. Strategy Execution

Implement automated trading strategies:

  • Limit orders (via monitoring + execution)
  • DCA (Dollar Cost Averaging)
  • Stop-loss / Take-profit
  • Arbitrage opportunities

Quick Start

Prerequisites

  1. Private key (environment variable or secure storage)
  2. RPC endpoint (public or private node)
  3. Python 3.8+ with dependencies

Installation

pip install solana web3 anchorpy raydium-py base58
pip install web3 pancakeswap-sdk

Basic Swap Example

from scripts.raydium_swap import swap_on_raydium

# Swap 0.1 SOL for USDC
tx_hash = swap_on_raydium(
    input_token="SOL",
    output_token="USDC",
    amount=0.1,
    slippage=1.0  # 1% slippage tolerance
)

Workflow Decision Tree

1. What chain are you trading on?

2. What operation do you need?

  • Get token price → get_price.py
  • Check wallet balance → get_balance.py
  • Execute swap → swap.py
  • Monitor liquidity → monitor_pool.py

3. What strategy are you implementing?

Trading Operations

Get Token Price

from scripts.get_price import get_token_price

# Get current price of a token
price = get_token_price(
    chain="solana",
    token_address="EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",  # USDC
    quote_token="SOL"
)
print(f"Price: {price} SOL")

Check Wallet Balance

from scripts.get_balance import get_balance

# Check SOL balance
balance = get_balance(
    chain="solana",
    wallet_address="YOUR_WALLET_ADDRESS"
)
print(f"Balance: {balance} SOL")

Execute Swap

from scripts.swap import execute_swap

# Swap tokens with slippage protection
result = execute_swap(
    chain="solana",
    input_token="SOL",
    output_token="USDC",
    amount=0.5,
    slippage=1.0,
    private_key="YOUR_PRIVATE_KEY"  # Use env var in production
)

Monitor Liquidity Pool

from scripts.monitor_pool import get_pool_info

# Get liquidity pool stats
pool_info = get_pool_info(
    chain="solana",
    token_a="SOL",
    token_b="USDC"
)
print(f"Liquidity: ${pool_info['liquidity']}")
print(f"24h Volume: ${pool_info['volume_24h']}")

Security Best Practices

1. Private Key Management

NEVER hardcode private keys. Use environment variables or secure vaults:

import os

PRIVATE_KEY = os.getenv("TRADING_PRIVATE_KEY")
if not PRIVATE_KEY:
    raise ValueError("TRADING_PRIVATE_KEY not set")

2. Slippage Protection

Always set reasonable slippage limits:

  • Stablecoins: 0.1-0.5%
  • Blue chips: 0.5-1%
  • Low liquidity: 1-3% (risky)

3. Transaction Simulation

Test swaps on devnet/testnet first:

result = execute_swap(
    chain="solana",
    input_token="SOL",
    output_token="USDC",
    amount=0.01,  # Small test amount
    slippage=1.0,
    simulate=True  # Dry run
)

4. Rate Limiting

Respect RPC rate limits:

  • Public RPCs: ~5 req/sec
  • Private RPCs: Check provider limits

5. Error Handling

Always handle transaction failures:

try:
    tx_hash = execute_swap(...)
    print(f"Success: {tx_hash}")
except InsufficientFundsError:
    print("Not enough balance")
except SlippageExceededError:
    print("Price moved too much")
except RPCError as e:
    print(f"RPC failed: {e}")

Common Patterns

Pattern 1: Price Monitoring Bot

Monitor token prices and execute when conditions are met:

from scripts.get_price import get_token_price
from scripts.swap import execute_swap
import time

TARGET_PRICE = 100  # USDC per token
CHECK_INTERVAL = 60  # seconds

while True:
    price = get_token_price(chain="solana", token_address="...", quote_token="USDC")
    
    if price \x3C= TARGET_PRICE:
        execute_swap(
            chain="solana",
            input_token="USDC",
            output_token="TARGET_TOKEN",
            amount=100,
            slippage=1.0
        )
        break
    
    time.sleep(CHECK_INTERVAL)

Pattern 2: DCA (Dollar Cost Averaging)

Buy fixed amounts at regular intervals:

import schedule

def dca_buy():
    execute_swap(
        chain="solana",
        input_token="SOL",
        output_token="BTC",
        amount=0.1,  # 0.1 SOL every day
        slippage=1.0
    )

# Run daily at 9 AM
schedule.every().day.at("09:00").do(dca_buy)

Pattern 3: Stop-Loss

Sell when price drops below threshold:

ENTRY_PRICE = 100
STOP_LOSS_PERCENT = 10  # 10% loss

while True:
    current_price = get_token_price(...)
    loss_percent = ((ENTRY_PRICE - current_price) / ENTRY_PRICE) * 100
    
    if loss_percent >= STOP_LOSS_PERCENT:
        execute_swap(...)  # Sell position
        break
    
    time.sleep(60)

Resources

scripts/

Executable Python scripts for trading operations:

  • get_price.py - Fetch token prices from DEXs
  • get_balance.py - Check wallet balances
  • swap.py - Execute token swaps
  • monitor_pool.py - Get liquidity pool info
  • raydium_swap.py - Raydium-specific swap implementation
  • pancakeswap_swap.py - PancakeSwap-specific swap implementation

references/

  • raydium.md - Raydium DEX API reference and pool addresses
  • pancakeswap.md - PancakeSwap DEX API reference
  • strategies.md - Detailed trading strategy implementations
  • rpc_endpoints.md - List of public/private RPC providers

Limitations

  • Gas fees: Transactions require native tokens (SOL, BNB)
  • Slippage: High volatility can cause failed transactions
  • RPC reliability: Public RPCs may be slow/unstable
  • MEV: Transactions may be frontrun on popular pairs

Troubleshooting

"Insufficient funds"

  • Check wallet balance with get_balance.py
  • Ensure enough native token for gas fees

"Slippage exceeded"

  • Increase slippage tolerance (carefully)
  • Wait for lower volatility
  • Split large orders into smaller ones

"Transaction failed"

  • Check RPC endpoint is responsive
  • Verify token addresses are correct
  • Ensure wallet has approval for token spend

"Rate limited"

  • Switch to private RPC
  • Add delays between requests
  • Use multiple RPC endpoints
安全使用建议
Do not run this skill with real private keys or on a wallet holding funds. The scripts contain code that will (likely unintentionally) transmit decoded private-key bytes to a third-party API (Jupiter swap endpoint) when performing Solana swaps — that effectively leaks your private key. Before using: (1) Do not set SOLANA_PRIVATE_KEY or BNB_PRIVATE_KEY in any environment the skill can access. (2) Require the author explain why a decoded private-key byte sequence is being sent to external swap APIs; fix the code so only public keys (not private keys) are used in requests and never include private key material in network payloads. (3) Update the registry metadata to declare required env vars (RPC URLs and private-key env var names) and document secure vault usage. (4) Audit and test on testnet with throwaway keys only; consider running the code in an offline/sandboxed environment and review/fix the swap_solana implementation (avoid base58.b58decode(private_key) → hex being sent externally). If you cannot confirm those fixes, treat the skill as unsafe and avoid installing it with access to any real secrets or funds.
功能分析
Type: OpenClaw Skill Name: headless-crypto Version: 1.0.1 This skill bundle is classified as suspicious due to its inherent high-risk nature of handling cryptocurrency private keys and executing financial transactions on behalf of an AI agent. While the code and documentation explicitly recommend secure private key management (using environment variables), the core functionality requires direct access to these sensitive credentials in `scripts/swap.py`. There is no evidence of intentional malicious behavior such as data exfiltration or unauthorized actions. However, the powerful capabilities, coupled with a lack of robust input validation for token addresses in several scripts (e.g., `scripts/get_balance.py`, `scripts/swap.py`), present a significant attack surface for misuse or accidental loss of funds if the agent's environment is compromised or if it receives malformed instructions.
能力评估
Purpose & Capability
The name/description match the included scripts: price checks, balance queries, pool monitoring and swaps for Raydium (Solana) and PancakeSwap (BNB). That capability set reasonably justifies dependencies on web3/solana libs and RPC endpoints. However, the registry metadata declares no required env vars or primary credential while both SKILL.md and the scripts clearly expect private keys and RPC URL environment variables — a mismatch that reduces transparency and is unexpected.
Instruction Scope
The SKILL.md instructs use of private keys via environment variables and the scripts read those env vars. Critically, scripts/swap.py (swap_solana) builds a POST payload to the Jupiter API that includes "userPublicKey": base58.b58decode(private_key).hex(), which will send decoded private-key bytes (not a public key) to an external service (quote-api.jup.ag) as part of the /swap call. This is a direct secret-exfiltration risk (private key data being transmitted to third-party endpoints). The instructions also tell users to store private keys in env vars but the skill metadata doesn't declare these env vars — another scope/transparency issue.
Install Mechanism
There is no formal install spec in the registry (instruction-only), and SKILL.md lists pip packages to install. That is a moderate operational requirement but not an unusual install mechanism; nothing is downloaded from obscure URLs or written by an installer. The code will require third-party Python packages at runtime, but there is no hidden installer.
Credentials
The code expects and uses secrets and config not declared in the registry: SOLANA_PRIVATE_KEY and BNB_PRIVATE_KEY (used as private keys), and SOLANA_RPC_URL / BNB_RPC_URL (RPC endpoints). Requiring private keys is proportional to a trading skill only if those keys are stored and used safely — here they may be transmitted to external APIs. The skill asks users to provide private keys but does not declare them in metadata, and the code's handling of keys (see instruction_scope) is disproportionate and dangerous.
Persistence & Privilege
The skill is not marked always:true, is user-invocable, and does not request system-wide or cross-skill configuration changes. It does not request persistent platform privileges in the manifest. Autonomous invocation is allowed (platform default) but this alone is not flagged — however, combined with the secret-exfiltration risk it increases blast radius.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install headless-crypto
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /headless-crypto 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Launching on pumpfun today !
v1.0.0
Initial release of the Headless Trading skill – an autonomous trading toolkit for AI agents on Solana and BNB Chain. - Enables browserless token swaps on Raydium (Solana) and PancakeSwap (BNB Chain). - Fetches real-time prices, checks balances, and monitors liquidity pools. - Supports portfolio management and automated trading strategies (limit orders, DCA, stop-loss, arbitrage). - Includes code examples and workflow guidance for common trading operations. - Provides security best practices and troubleshooting tips for safe and reliable usage.
元数据
Slug headless-crypto
版本 1.0.1
许可证
累计安装 0
当前安装数 0
历史版本数 2
常见问题

Headless Crypto trading for agents 是什么?

Autonomous trading for AI agents on Solana and BNB Chain. Use when: (1) executing token swaps on DEXs (Raydium, PancakeSwap), (2) checking token prices and b... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 602 次。

如何安装 Headless Crypto trading for agents?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install headless-crypto」即可一键安装,无需额外配置。

Headless Crypto trading for agents 是免费的吗?

是的,Headless Crypto trading for agents 完全免费(开源免费),可自由下载、安装和使用。

Headless Crypto trading for agents 支持哪些平台?

Headless Crypto trading for agents 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Headless Crypto trading for agents?

由 Crypto Dev(@bnbcompanions)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论