Openclaw Skill
/install sigui-security
Sigui Protocol Security Skill 🛡️
Sigui is a multi-chain AI security oracle that evaluates blockchain transactions before they execute. It uses a native Spatio-Temporal Transformer (Trustformer/T-GAT) to detect coordinated attacks in real time — without the 48ms graph-rendering bottleneck of VLM-based approaches.
🧠 Chain of Thought (for OpenClaw Agent)
When a user asks you to verify or execute a blockchain transaction, follow these steps:
- Extract Parameters: Identify the
amount(in USDC value), thedestinationaddress, thechain(default toarc), and theactiontype (transfer,approve,swap, etc.). - Execute Evaluation: Run the
evaluate.pyscript provided in this skill directory using thebashorpythontool. - Parse Verdict:
- Exit code
0(ALLOW): Inform the user that the transaction is safe and proceed. - Exit code
1(BLOCK): DO NOT EXECUTE. Inform the user of the critical threat detected and provide the reason. - Exit code
2(ESCALATE): Inform the user that the transaction requires a deep analysis. Run the script again with the--escalateflag to perform the deep analysis.
- Exit code
- Relay the Result: Format the output nicely using emojis (✅, 🚫, 🔍) and provide the on-chain proof link if available.
Supported Chains
| Chain | Argument | Notes |
|---|---|---|
| ARC (L2) | arc |
Default; ultra-fast, fee-free |
| Ethereum | ethereum |
Mainnet + Sepolia testnet |
| Starknet | starknet |
Cairo contracts deployed on Sepolia |
| Aptos | aptos |
Move contracts on Testnet |
| Solana | solana |
Coming soon |
🛠️ Usage Examples
Method 1 — Python Script (Recommended)
Run the helper script directly from the skill directory. The script uses the rich library to print a beautiful, easy-to-read table.
python ~/.openclaw/workspace/skills/sigui-security/evaluate.py \
--amount 1500.0 \
--destination "0xBadActorAddress" \
--action "transfer" \
--chain "ethereum"
To get raw JSON for programmatic parsing, add the --json flag:
python ~/.openclaw/workspace/skills/sigui-security/evaluate.py \
--amount 1500.0 \
--destination "0xBadActorAddress" \
--json
Method 2 — Deep Analysis (Escalation)
If a transaction returns ESCALATE (or exit code 2), you can request a deep AI analysis. This uses a heavier model (like Qwen2.5 or Claude) to perform a thorough audit of the contract or address.
python ~/.openclaw/workspace/skills/sigui-security/evaluate.py \
--amount 1500.0 \
--destination "0xUnknownAddress" \
--escalate
Method 3 — Inline Python (if bash is unavailable)
import asyncio, sys
sys.path.insert(0, ".")
from sigui import SiguiClient
from sigui.local import start_mock_server
async def check():
server = start_mock_server(port=8765)
client = SiguiClient(api_url="http://127.0.0.1:8765")
result = await client.evaluate(
agent_id="openclaw_agent",
amount=500.0,
destination="0xRecipientAddress",
action_type="transfer",
chain="arc",
)
server.stop()
return result
res = asyncio.run(check())
print(f"Verdict: {res.verdict.value} | Risk: {res.risk_score}")
📊 Interpreting the Verdict
| Verdict | Risk Score | Agent Action Required |
|---|---|---|
ALLOW |
0.0 – 0.35 | ✅ Safe to proceed. Share the safety score with the user. |
ALLOW_WITH_CAP |
0.35 – 0.55 | ⚠️ Safe but enforce the cap_amount_usdc spending limit. |
ESCALATE |
0.55 – 0.80 | 🔍 Request deep analysis (--escalate) before proceeding. |
BLOCK |
0.80 – 1.0 | 🚫 Abort the transaction immediately. Explain the threat. |
Risk score ranges from 0.0 (completely safe) to 1.0 (critical threat).
Safety score = (1 - risk_score) × 1000. Higher is better.
🛡️ Threat Types Detected
Sigui detects the following multi-chain attack patterns in real time:
- Drain Star — One orchestrator wallet draining multiple victim wallets simultaneously.
- Mixing Chain — Funds routed through layered mixer hops to obfuscate origin.
- Sybil Swarm — Coordinated fake-identity cluster attacking governance or airdrops.
- Flash Loan Exploit — Manipulating price oracles within a single atomic block.
- Honeypot Contract — Buy-enabled, sell-disabled token contract trap.
- Rug Pull — Liquidity removal by deployer before community exit.
- Phishing Signature — Malicious
eth_sign/permitapproval requests.
⚙️ Configuration (Optional)
By default, if the Sigui SDK isn't installed or no backend is running, the script falls back to a local mock server for development and testing (no real funds required).
To connect to a live Sigui node, set the environment variables:
export SIGUI_API_URL="https://api.sigui.io"
export SIGUI_CHAIN="arc"
export OPENCLAW_AGENT_ID="my_agent_name"
🔒 Privacy & Cost
- Evaluations on ARC are free (gasless L2).
- Evaluations on Ethereum/Starknet/Aptos cost a micro-fee paid in USDC (~$0.001).
- No transaction data is stored beyond the on-chain proof hash.
- All sensitive fields (wallet keys, private data) stay local — only the metadata is sent for evaluation.
🔗 Links
- 📄 GitHub: https://github.com/ibonon/Sigui
- 📦 PyPI: https://pypi.org/project/sigui-sdk/
- 📖 Whitepaper: Trustformer: A Native Spatio-Temporal Transaction Transformer
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sigui-security - 安装完成后,直接呼叫该 Skill 的名称或使用
/sigui-security触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
Openclaw Skill 是什么?
Evaluate the security of blockchain transactions (EVM, Starknet, Aptos) using the Sigui Protocol AI oracle. Detects drain attacks, mixer chains, Sybil swarms... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 39 次。
如何安装 Openclaw Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sigui-security」即可一键安装,无需额外配置。
Openclaw Skill 是免费的吗?
是的,Openclaw Skill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Openclaw Skill 支持哪些平台?
Openclaw Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Openclaw Skill?
由 Warmatrix(familly_name:Warma+matrix)(@ibonon)开发并维护,当前版本 v2.0.0。