← 返回 Skills 市场
1855
总下载
5
收藏
0
当前安装
12
版本数
在 OpenClaw 中安装
/install mdk-agent-wallet
功能描述
Self-custodial Bitcoin Lightning wallet for AI agents. Use when the agent needs to send or receive bitcoin payments, check its balance, generate invoices, or...
安全使用建议
Before installing or invoking this skill: (1) Treat the mnemonic as a high-value secret — back it up securely and restrict permissions on ~/.mdk-wallet/. (2) Prefer pinned package invocations (e.g. npx @moneydevkit/agent-wallet@<version>) and review the npm package and GitHub source yourself to ensure there is no unexpected network exfiltration. (3) Be mindful that `init --show` may reveal the seed on stdout; avoid running it in contexts where an agent or other process can forward command output. (4) Run the wallet in an isolated environment (dedicated VM/container) if you plan to hold real funds. (5) If you do not fully trust the package or the agent's autonomy, do not enable automatic or unattended use of wallet commands — require explicit human approval before any command that exports the mnemonic, creates invoices, or sends payments. (6) If you need stronger guarantees, consider hardware-backed wallets or well-audited implementations rather than running unpinned npm packages fetched at runtime.
功能分析
Type: OpenClaw Skill
Name: mdk-agent-wallet
Version: 0.3.3
This skill is classified as suspicious due to its inherent high-risk capabilities, specifically the generation and storage of a BIP39 mnemonic (private key for a cryptocurrency wallet) on disk at `~/.mdk-wallet/config.json`, and its reliance on executing an external npm package (`@moneydevkit/agent-wallet`) via `npx`. While the `SKILL.md` is highly transparent about these risks, explicitly warning about the mnemonic and providing source code links, these capabilities introduce significant vulnerabilities, including supply chain risk and the potential for unauthorized fund access or exfiltration if the underlying package is compromised or the agent is later prompted maliciously. There is no evidence of intentional malice within the provided files, but the critical nature of the data handled warrants a 'suspicious' classification.
能力评估
Purpose & Capability
The declared requirements (node, npx) and the runtime instructions (npx @moneydevkit/agent-wallet) match the stated purpose of running an npm-based wallet CLI/daemon. No unrelated credentials or binaries are requested.
Instruction Scope
The SKILL.md instructs the agent to run npx commands that generate and store a BIP39 mnemonic at ~/.mdk-wallet/config.json and to start a localhost daemon. It also documents an `init --show` mode that appears to return the mnemonic (the file also says the mnemonic is 'redacted' in one place and shown in another) — this ambiguity increases the risk that the agent or other actors might print or transmit the seed. The instructions give the agent the ability to create, persist, and display the private key material and to make outbound network connections; those steps are within a wallet's expected scope but are high-risk operations for secrets.
Install Mechanism
There is no bundled install; the skill relies on npx to run an npm package on-demand. Running code via npx pulls packages from the public registry at runtime and can execute arbitrary code. The SKILL.md recommends pinning a version, but the quick-start commands use unpinned npx invocations by default, which increases supply-chain risk if the npm package or its dependencies were compromised.
Credentials
The skill does not request environment variables or external credentials, which is proportionate. However it creates persistent local secrets (BIP39 mnemonic in ~/.mdk-wallet/config.json) and runs a local HTTP daemon; those files are effectively credentials controlling funds. The skill's own instructions can cause the mnemonic to be shown on stdout, which is a sensitive capability that should be carefully controlled.
Persistence & Privilege
The skill persists sensitive wallet state and a seed phrase to ~/.mdk-wallet/ and runs a background daemon on localhost:3456. This persistence is expected for a self-custodial wallet but it is high-privilege (the mnemonic controls real funds). The skill does not request always: true, nor does it modify other skills, but its persistent secret storage combined with autonomous invocation capability could increase blast radius if misused.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install mdk-agent-wallet - 安装完成后,直接呼叫该 Skill 的名称或使用
/mdk-agent-wallet触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.3.3
Fix repository URL to moneydevkit/mdk-checkout, revert to 0.2.6 content
v0.3.2
Fix: pin npm commands to correct published version 0.11.0-beta.1 (0.12.0 is not on npm yet)
v0.3.1
Security hardening: added explicit security guardrails section documenting localhost-only binding, file permissions, no-exfil guarantees, and mnemonic isolation. Pinned all npx commands to @0.12.0 to reduce supply chain risk.
v0.3.0
Add webhook notifications for payment received events. Configure a URL to get instant POST notifications when payments arrive — includes OpenClaw integration docs for delivering payment alerts to any chat channel.
v0.2.6
Revert to v0.2.2 content
v0.2.5
Remove init --show from docs entirely (don't teach agents dangerous commands), add autonomous:false and configPaths to metadata, remove rm -rf, tighten safety rules
v0.2.4
Re-publish: security fixes from 0.2.3
v0.2.3
Security fixes: mark init --show as human-only (exposes mnemonic), add Agent Safety Rules section, fix contradictory docs about mnemonic redaction, replace rm -rf with trash
v0.2.2
Added receive-bolt12 command (reusable BOLT12 offers), added restart command, synced with latest docs.
v0.2.1
Removed internal implementation details (JIT channels, LSPS4, LSP/VSS/Esplora/RGS), removed signet references, removed agent integration example. Cleaner, more focused docs.
v0.2.0
Added security/transparency section, homepage, repository, install spec, explicit documentation of secrets, network, and persistence behavior per ClawHub trust review feedback.
v0.1.0
Initial release of agent-wallet – a self-custodial Bitcoin Lightning wallet for AI agents.
- Enables agents to send/receive Bitcoin payments, check balance, generate invoices, and manage wallet.
- Supports bolt11, bolt12, LNURL, and lightning addresses.
- Zero-config setup: one command initializes the wallet and generates a BIP39 mnemonic.
- All commands output JSON; includes commands for balance, receiving, sending, payment history, and daemon management.
- Mnemonic and wallet config stored locally; no API keys, signup, or third-party custody required.
元数据
常见问题
agent-wallet 是什么?
Self-custodial Bitcoin Lightning wallet for AI agents. Use when the agent needs to send or receive bitcoin payments, check its balance, generate invoices, or... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1855 次。
如何安装 agent-wallet?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install mdk-agent-wallet」即可一键安装,无需额外配置。
agent-wallet 是免费的吗?
是的,agent-wallet 完全免费(开源免费),可自由下载、安装和使用。
agent-wallet 支持哪些平台?
agent-wallet 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 agent-wallet?
由 Satbot(@satbot-mdk)开发并维护,当前版本 v0.3.3。
推荐 Skills