← 返回 Skills 市场
mintyouragent
作者
operatingdev
· GitHub ↗
· v3.6.3
2517
总下载
2
收藏
2
当前安装
34
版本数
在 OpenClaw 中安装
/install mintyouragent
功能描述
AI agent toolkit for Solana — launch tokens, play poker, link your agent identity to mintyouragent.com. Reads agent personality files (SOUL.md) for profile l...
安全使用建议
This skill mostly does what it says (token launches, poker, linking), but the 'soul' extraction and 'link' commands will contact mintyouragent.com; the SKILL.md and README don't state exactly what is sent. Before installing or importing any wallet keys: 1) review the mya.py source around the 'soul' and 'link' commands to see which files/fields are POSTed and whether any secret material could be sent; 2) test in a safe environment (use devnet and a throwaway wallet) to observe network traffic or replay requests; 3) avoid importing real recovery keys or private keys until you're confident the code never transmits them (prefer offline signing or export-only flows); 4) if you plan to use 'link', inspect the remote API (mintyouragent.com) and its privacy policy or run the linking step in a controlled sandbox; 5) prefer running with --dry-run or on devnet and review backups stored under ~/.mintyouragent/ to ensure RECOVERY_KEY.txt isn't created in plaintext. If you cannot audit the 'link' implementation, treat the linking/profile features as potentially transmitting sensitive personality/metadata and proceed with caution.
功能分析
Type: OpenClaw Skill
Name: mintyouragent
Version: 3.6.3
The skill is classified as suspicious due to several risky capabilities, primarily the ability to override API and RPC endpoints via environment variables (`SOUL_API_URL`, `HELIUS_RPC`, `SOLANA_RPC_URL`) and to disable SSL verification (`SOUL_SSL_VERIFY=false`) as seen in `mya.py` and `SKILL.md`. While the code demonstrates strong security practices like local key signing, input sanitization, path safety validation, and explicit removal of `subprocess` and `ctypes` modules, these configurable network options introduce a vulnerability. If an attacker can compromise the agent's environment variables, they could redirect network traffic to malicious servers, potentially leading to transaction manipulation or data exfiltration, even though the skill itself does not exhibit direct malicious intent or exfiltrate sensitive data by default.
能力评估
Purpose & Capability
Name/description (token launches, poker, agent linking) align with included code and constants: on-chain program IDs, RPC endpoints, and a default API URL for mintyouragent.com are present and expected for this functionality. The dependencies (solders, requests) are appropriate for a pure-Python Solana CLI. Minor note: the skill advertises 'local signing' but also includes explicit commands for linking to an external service and a DEFAULT_API_URL, which is consistent with a platform-backed product but worth verifying.
Instruction Scope
SKILL.md and the code expose a 'soul' extraction and 'link' flow that reads agent personality files (SOUL.md) and links the agent to mintyouragent.com. The README/SKILL.md do not enumerate exactly what profile data is sent during linking (SOUL.md contents, public addresses, metadata, command history?), nor do they show the exact API calls. The code sets DEFAULT_API_URL and imports requests, so network transmission of profile/metadata is likely. This is within the product scope but is privacy-sensitive and insufficiently documented — verify what fields are POSTed and whether anything sensitive (wallet recovery keys, full command history, or unredacted personality files) can be transmitted.
Install Mechanism
There is no packaged install spec in the registry; installation is manual (pip install solders requests) and the skill is shipped as a Python file. This is low-to-moderate risk and expected for a CLI. No remote arbitrary binary downloads or obscure URLs were present in the provided manifest.
Credentials
The skill requests no environment variables or external credentials in the manifest, and stores a wallet under ~/.mintyouragent/ (documented). That storage location is proportional, but the project documents backups (RECOVERY_KEY.txt, backups/) and an audit log — these are sensitive files. The skill claims private keys never leave the machine, but the link/soul feature could still transmit profile data tied to your identity; the manifest doesn't require or declare any API keys, which is consistent but also means network calls will rely on the default API endpoint. Confirm the code does not attempt to upload private key material or recovery keys when performing backup/link actions.
Persistence & Privilege
always:false and no system config paths or other skills' configs are requested. The skill stores data in its own home-prefixed directory (~/.mintyouragent/) which is normal for a wallet/CLI. It does not request elevated or persistent platform-wide privileges in the manifest and does not claim to auto-enable itself across the platform.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install mintyouragent - 安装完成后,直接呼叫该 Skill 的名称或使用
/mintyouragent触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.6.3
- Launching tokens now requires a fee of 0.01 SOL per launch (previously free).
- Updated documentation to include the new fee and a Discord link.
- Default environment variable names changed from MYA_* to SOUL_* for API configuration in .env files.
- Minor copy and formatting updates for clarity and consistency.
v3.6.2
Added minor changes to docs.
v3.6.1
Version 3.6.1
- Very minor fixes with poker.
v3.6.0
feat: multi-player cash game poker CLI
v3.5.3
Poker API fixes
v3.5.2
Sync from GitHub
v3.5.1
fix: address ClawdHub review warnings — scoped .env loading, updated description
v3.5.0
v3.5.0: poker CLI, soul extraction, agent linking, wallet show-key
v3.3.4
fix: add missing log_warning function
v3.3.3
Rate limit enforcement for native launches - preflight check before spending SOL
v3.3.2
Add 0.01 SOL platform fee to treasury (5AwxRzXkUPgrG1p9MAZYTwpxNGadwDXXkav8yCRtN3QP) on native launches
v3.3.1
Add mintyouragent.com branding to token descriptions
v3.3.0
feat: native sell command with target gain monitoring - sell after X% gain
v3.2.5
fix: global_volume_accumulator must be writable - enables creator fee collection on initial buys
v3.2.4
API: /launch/record endpoint for native launches + collect-fees command
v3.2.3
feat: add collect-fees command + record native launches to API for leaderboard tracking
v3.2.2
- Added missing skill.json manifest file for improved metadata handling.
- Updated SKILL.md to version 3.2.2 for accurate versioning.
- Minor adjustments to documentation and metadata to support new release.
v3.2.1
Fixed pump.fun instruction accounts to match current IDL - 16 accounts for buy, added creator_vault, volume accumulators, fee_config PDAs, and ATA creation
v3.2.0
Native pump.fun initial buy - bundles create+buy in one atomic tx (like webapp). No external API dependencies.
v3.1.3
- Added a prominent note clarifying that your wallet is stored in `~/.mintyouragent/` (home directory) and is safe during skill updates.
- Updated version to 3.1.3 in documentation.
- No command or API changes—documentation improvements only.
元数据
常见问题
mintyouragent 是什么?
AI agent toolkit for Solana — launch tokens, play poker, link your agent identity to mintyouragent.com. Reads agent personality files (SOUL.md) for profile l... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2517 次。
如何安装 mintyouragent?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install mintyouragent」即可一键安装,无需额外配置。
mintyouragent 是免费的吗?
是的,mintyouragent 完全免费(开源免费),可自由下载、安装和使用。
mintyouragent 支持哪些平台?
mintyouragent 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 mintyouragent?
由 operatingdev(@operatingdev)开发并维护,当前版本 v3.6.3。
推荐 Skills