← 返回 Skills 市场
slaviquee

Monolith — Crypto Wallet

作者 slavique · GitHub ↗ · v0.1.10
darwin ✓ 安全检测通过
738
总下载
4
收藏
2
当前安装
9
版本数
在 OpenClaw 中安装
/install monolith
功能描述
Secure crypto wallet for AI agents. Hardware-isolated keys (Apple Secure Enclave), ERC-4337 smart wallet, on-chain spending caps, default-deny policy engine.
安全使用建议
This skill appears to do what it says: it builds transaction intents and communicates with a local macOS daemon that performs signing and enforces policy. Before installing: 1) Treat the MonolithDaemon.pkg as a privileged install (requires admin) — verify the release via checksums/signatures and the GitHub project lineage. 2) Inspect or vet the daemon binary/source (the JS here talks only to the daemon; the daemon actually holds keys and does signing). 3) Limit exposure: use small balances and strict per-tx/daily caps and an allowlist before giving the agent autonomous invocation rights. 4) Note the registry vs SKILL.md inconsistency: manifest says instruction-only but the skill includes code and install entries — confirm you understand the full install flow. 5) If you will allow autonomous agent actions, prefer an interactive approval path (do not run headless) and keep tight policy settings. If you want, provide the daemon binary hash or a link to a signed release and I can point out what additional checks to perform.
功能分析
Type: OpenClaw Skill Name: monolith Version: 0.1.10 The skill implements a robust security model where the 'untrusted' skill only builds transaction intents, and a separate, trusted, local macOS daemon enforces policy and handles signing with human approval (Touch ID). The code in `lib/intent-builder.js` and `scripts/*.js` adheres to this by communicating with the daemon via a Unix socket (`lib/daemon-client.js`) and making read-only network calls to legitimate public RPCs and the Uniswap API. Crucially, `lib/runtime-bootstrap.js` explicitly avoids automatic execution of system commands for installation or persistence, instead providing manual instructions. There is no evidence of data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection attempts against the agent.
能力评估
Purpose & Capability
Name/description describe a macOS-local crypto wallet that delegates signing to a local daemon; the skill requires the MonolithDaemon binary and its scripts call a local Unix socket and public blockchain APIs — these requirements match the stated purpose. The included code (intent building, RPC/quoter calls, daemon client) is coherent with a wallet skill.
Instruction Scope
SKILL.md and scripts stay within wallet-related functionality: building {target, calldata, value} intents, querying balances, Uniswap quoting, ENS resolution, and calling local daemon endpoints (/sign, /policy, /capabilities). The runtime-bootstrap checks for binary, launch agents, and companion app paths but does not execute privileged commands automatically. Note: the skill will call localhost Unix socket endpoints that ultimately can trigger on-chain signing via the local daemon — this is expected but is a sensitive capability.
Install Mechanism
Install entries in SKILL.md point to GitHub release assets (.pkg and .app.zip) on a well-known host (github.com) which is reasonable; the macOS .pkg requires admin privileges to install. There is a minor inconsistency: registry metadata listed 'No install spec — instruction-only' while SKILL.md contains install download entries and source includes code files. Verify you intend to install the .pkg before proceeding.
Credentials
The skill does not request credentials or secrets and declares no required env vars. It optionally reads override env vars (MONOLITH_SOCKET, MONOLITH_DAEMON_BIN, MONOLITH_DAEMON_PLIST, MONOLITH_COMPANION_APP) for configuration which are reasonable and not excessive for a local daemon client.
Persistence & Privilege
always:false and user-invocable:true — the skill is not force-included. The more important privilege is that the agent (when allowed to invoke skills) can call POST /sign on a local signing daemon — a powerful capability. This is coherent with a wallet skill but means you must trust the daemon binary and the skill's intent-building behavior; ensure policy limits and allowlists are set tightly.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install monolith
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /monolith 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.10
- Updated documentation formatting in SKILL.md for improved readability. - No functional changes to the skill's logic or commands. - Updated package files (package.json, package-lock.json) with this version bump.
v0.1.9
No changes in this release. Version 0.1.9 was published without any file modifications.
v0.1.8
- Swap command now uses Uniswap Routing API, with on-chain fallback for reliability. - Updated SKILL.md with details about swap routing and fallback behavior. - Bumped required MonolithDaemon version to v0.1.5 in installation instructions. - Added new test for swap routing logic. - Removed obsolete _meta.json file. - Various internal code and dependency updates.
v0.1.7
- Added a new _meta.json file to the project. - No changes to commands, setup instructions, or skill capabilities. - No modifications to the main documentation or functionality.
v0.1.6
- Updated install instructions and requirements to reference MonolithDaemon and MonolithCompanion version v0.1.3. - Added explicit macOS-only (darwin) support to metadata and install instructions. - Clarified first-installation and setup process, including requirement for an active logged-in macOS GUI session for approval flows. - Improved setup section with step-by-step instructions and notes for new OpenClaw bot/operators.
v0.1.4
Installer fix rollout: daemon download now points to MonolithDaemon-v0.1.2.pkg with postinstall UID bug fixed (CONSOLE_UID).
v0.1.3
Update skill summary/description to the new Secure Enclave + ERC-4337 positioning text.
v0.1.2
Security hardening: setup no longer auto-executes launchctl/open. Added explicit homepage/source frontmatter and compatibility metadata keys for registry parsing.
v0.1.1
Initial Monolith release with notarized macOS daemon and companion install links.
元数据
Slug monolith
版本 0.1.10
许可证
累计安装 2
当前安装数 2
历史版本数 9
常见问题

Monolith — Crypto Wallet 是什么?

Secure crypto wallet for AI agents. Hardware-isolated keys (Apple Secure Enclave), ERC-4337 smart wallet, on-chain spending caps, default-deny policy engine. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 738 次。

如何安装 Monolith — Crypto Wallet?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install monolith」即可一键安装,无需额外配置。

Monolith — Crypto Wallet 是免费的吗?

是的,Monolith — Crypto Wallet 完全免费(开源免费),可自由下载、安装和使用。

Monolith — Crypto Wallet 支持哪些平台?

Monolith — Crypto Wallet 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(darwin)。

谁开发了 Monolith — Crypto Wallet?

由 slavique(@slaviquee)开发并维护,当前版本 v0.1.10。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论