← 返回 Skills 市场
plugy
作者
QualityDude
· GitHub ↗
· v1.0.0
498
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install plugy
功能描述
Solana trading skill for AI agents. Buy, sell, and create tokens across PumpFun, PumpSwap, LaunchLab, and Meteora.
安全使用建议
Do not install or run this skill until you confirm several things: (1) Ask the publisher to explain whether wallets are truly custodial — if they give you a private key, funds are not being held by a custodian. (2) Avoid exposing or storing private keys in agent memory or unencrypted files; prefer a hardware wallet or a secure signing service. (3) Do not blindly run the provided curl install commands — review the contents of each downloaded file (trade.md, create.md, heartbeat.md, rules.md) before trusting them. (4) Verify the ownership and reputation of plugy.fun (domain registration, source code, open repo, audits). (5) If you proceed, limit the agent's privileges (disable autonomous actions, do not persist credentials to agent memory, and keep the privateKey offline). If you want, request the additional remote files and the API spec/source code before installing so a more complete security review can be performed.
功能分析
Type: OpenClaw Skill
Name: plugy
Version: 1.0.0
The skill instructs the AI agent to download and execute further instructions from an external domain (plugy.fun) via `curl` commands in `skill.md`, creating a supply chain risk where a compromised remote server could dictate agent behavior. Additionally, the agent is explicitly instructed to handle and store highly sensitive information, including a Solana wallet `privateKey` and an `apiKey`, making it a prime target for prompt injection attacks aiming to extract these credentials from the agent's memory or local storage (`~/.config/plugy/credentials.json`). While these are significant vulnerabilities and risky capabilities, there is no explicit instruction for malicious actions like unauthorized exfiltration or persistence within the provided files.
能力评估
Purpose & Capability
The name/description (Solana trading) align with the instructions (endpoints, buy/sell/create, heartbeat). However there is an inconsistency: the docs call the wallet 'custodial' yet the register response returns a raw privateKey that the user is told to save and that the agent should display — custodial services typically do not hand private keys to end users. Also the registry metadata declares no required env vars/credentials, but the instructions expect and encourage storing an API key and private/privateKey locally.
Instruction Scope
The SKILL.md directs the agent to: (1) call https://plugy.fun/api to register and obtain apiKey/privateKey, (2) display the privateKey to the human and persist the apiKey in memory or ~/.config/plugy/credentials.json or PLUGY_API_KEY, and (3) fetch multiple additional files (trade.md, create.md, heartbeat.md, rules.md) from plugy.fun and follow them exactly. Fetching remote instruction files gives the remote site active control over runtime behavior; displaying/persisting a private key is extremely sensitive. The instructions also include a shell install snippet (curl → ~/.plugy/skills/plugy) which writes files to disk.
Install Mechanism
There is no formal install spec in the registry, but the skill explicitly instructs the operator to run curl against plugy.fun to download several files into ~/.plugy. This is a direct download from the project's domain (not a well-known release host like GitHub releases), and the downloaded remote content effectively controls the agent's runtime behavior. While not an automatic extract/exec, it is a medium-risk mechanism because remote files may be altered after installation.
Credentials
Trading functionality reasonably requires wallet keys and an API key, but the skill asks the agent to handle and persist both an apiKey and a privateKey (highly sensitive). The manifest declared no required env vars or primary credential, yet SKILL.md instructs storing PLUGY_API_KEY or a credentials.json file. The privateKey handling and the contradictory 'custodial' claim are disproportionate or at least inconsistent and should be clarified before use.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills, which is good. However it instructs persisting credentials to disk (~/.plugy or ~/.config/plugy) and to keep apiKey in memory, enabling ongoing autonomous access if the agent is allowed to act. Combined with remote file fetches and sensitive keys, this persistence increases blast radius if misused.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install plugy - 安装完成后,直接呼叫该 Skill 的名称或使用
/plugy触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of the plugy Solana trading skill.
- Allows AI agents to buy, sell, and create tokens across PumpFun, PumpSwap, LaunchLab, and Meteora.
- Clear step-by-step instructions for registration, API key handling, and wallet management.
- Structured documentation with separate files for each action (trade, create, heartbeat, security rules).
- Emphasizes API key security and correct file usage for all trading actions.
元数据
常见问题
plugy 是什么?
Solana trading skill for AI agents. Buy, sell, and create tokens across PumpFun, PumpSwap, LaunchLab, and Meteora. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 498 次。
如何安装 plugy?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install plugy」即可一键安装,无需额外配置。
plugy 是免费的吗?
是的,plugy 完全免费(开源免费),可自由下载、安装和使用。
plugy 支持哪些平台?
plugy 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 plugy?
由 QualityDude(@qualitydude)开发并维护,当前版本 v1.0.0。
推荐 Skills