← 返回 Skills 市场
Safe Skills
作者
Chris Cassano
· GitHub ↗
· v1.0.0
1803
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install safe-skills
功能描述
Securely create and manage EVM wallets; perform token transfers, check balances, and send transactions without exposing raw secret keys.
安全使用建议
Key things to consider before installing or enabling this skill:
- Verify the external service: the default API URL points to a Railway-hosted app (safeskill-production.up.railway.app). Confirm you trust the operator/owner before giving it any access to wallets or funds.
- Metadata mismatch: the SKILL.md expects an API key and optionally SAFESKILLS_API_URL, but the registry declares no required env vars or primary credential. Ask the publisher to update metadata to explicitly list required env vars and the primary credential.
- High-impact actions: the skill can create wallets and perform transfers or arbitrary contract calls. If you allow model invocation, require the agent to obtain explicit user confirmation for any transfer or transaction, or disable autonomous invocation.
- Secret handling: the instructions say to "store the API key" but give no secure-storage guidance. Ensure the agent does not persist raw API keys in plaintext or expose them in logs. Prefer a vetted secret store and least-privilege policies.
- Test safely: if you want to evaluate the skill, test using a testnet chain (Sepolia is the default chainId shown) and small amounts first.
- If you cannot validate the service owner or the metadata fixes, treat this skill as untrusted and do not allow it to hold real funds or run autonomously.
My assessment is "suspicious" (medium confidence) because the instructions and actions make sense for a secret/wallet service, but the missing declared credentials and lack of operational safeguards (where/how the API key is stored, user-confirmation for transfers, unverified external endpoint) are notable red flags. Additional information that would raise confidence to "high": explicit metadata listing required env vars/primary credential, published owner/contact information, and documented safe storage/confirmation behavior for transactions.
功能分析
Type: OpenClaw Skill
Name: safe-skills
Version: 1.0.0
The skill bundle is designed for secure secret management, specifically for EVM wallets, where the AI agent never directly accesses raw secret values. The `SKILL.md` explicitly instructs the agent 'Never attempt to access or request raw secret values,' which is a defensive prompt injection. All operations involve standard API calls to a specified external service (`https://safeskill-production.up.railway.app`) using `curl`, without any evidence of data exfiltration, malicious execution, persistence mechanisms, or other harmful behaviors. The instructions are clear, transparent, and align with the stated purpose of managing an EVM wallet through a secure intermediary.
能力评估
Purpose & Capability
SKILL.md describes a secret-management/EVM-wallet service that requires a Bearer API key for all requests and references SAFESKILLS_API_URL/SAFESKILLS_FRONTEND_URL, but the skill metadata declares no required environment variables or primary credential. A secrets/wallet skill would reasonably need to declare those credentials and a primaryEnv; the absence is an inconsistency.
Instruction Scope
Runtime instructions show the agent calling an external API to create wallets, store an API key, check balances, transfer tokens, and send arbitrary transactions (including raw calldata). The instructions reference an env var (SAFESKILLS_API_URL) not declared in metadata and tell the agent to "store the returned API key" without specifying secure storage. The agent could be directed to perform financial operations or persist credentials without clear safeguards or user confirmation.
Install Mechanism
No install spec and no code files: instruction-only skill. This minimizes on-disk risk since nothing is downloaded or executed locally as part of installation.
Credentials
Although the workflow clearly requires an API key for the external service and optionally the SAFESKILLS_API_URL env var, the skill metadata lists no required env vars or primary credential. That mismatch (required secrets present in practice but not declared) is disproportionate and reduces transparency about what secrets/permissions the skill will use.
Persistence & Privilege
always:false and autonomous invocation are default, but the skill's capabilities let an agent (if allowed) initiate token transfers and arbitrary transactions using the external API key. Combined with the instruction to "store the API key" this increases risk—agents should require explicit, auditable user confirmation before any financial action and guidance on where/how API keys are stored.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install safe-skills - 安装完成后,直接呼叫该 Skill 的名称或使用
/safe-skills触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of SafeSkills – secure secret management for AI agents.
- Provides secure, server-side secret management (initially for EVM wallets), ensuring agents never access raw secret values.
- Supports wallet creation, checking balances (native and ERC-20), transferring tokens, and sending arbitrary transactions via API.
- API Keys are required for all calls and must be securely stored after wallet creation.
- Introduces a claim URL for users to manage wallet policies and monitor activity.
- Supports environment variable configuration for API endpoints.
- Security reminder: never request or access raw secret values; all operations run server-side.
元数据
常见问题
Safe Skills 是什么?
Securely create and manage EVM wallets; perform token transfers, check balances, and send transactions without exposing raw secret keys. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1803 次。
如何安装 Safe Skills?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install safe-skills」即可一键安装,无需额外配置。
Safe Skills 是免费的吗?
是的,Safe Skills 完全免费(开源免费),可自由下载、安装和使用。
Safe Skills 支持哪些平台?
Safe Skills 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Safe Skills?
由 Chris Cassano(@glitch003)开发并维护,当前版本 v1.0.0。
推荐 Skills