← 返回 Skills 市场
Solanaprox
作者
unixlamadev-spec
· GitHub ↗
· v2.0.0
612
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install solanaprox
功能描述
Pay-per-request AI model access via Solana/USDC using a Phantom wallet address. Query Claude and GPT models without API keys. Wallet-native authentication wi...
安全使用建议
This skill appears to do what it says (send your wallet address to solanaprox.com and pay per call), but take precautions before using it:
- Do NOT put private keys, seed phrases, or secret keys into SOLANA_WALLET. The SKILL.md intends SOLANA_WALLET to be a public wallet address, but the variable name is ambiguous and a mistake could expose secrets.
- Be aware that all prompts and responses are routed through a third-party proxy (solanaprox.com). Do not send sensitive data or private information unless you trust that service.
- The doc suggests running `npx solanaprox-mcp` (optional). Running npx will download and execute code from npm — review the package source (npm page and GitHub) before running.
- The SKILL.md metadata references a GitHub repo and an npm package; the registry record lacked a homepage. Verify those links independently (inspect repository and package) before trusting the service.
- If you want to try it, use a dedicated Solana wallet with minimal funds (e.g., <$5) rather than your main wallet.
If you want a firmer benign/malicious determination, provide the package source (GitHub repo or the npm package contents) or clarify exactly what value users are expected to set in SOLANA_WALLET (address vs. key).
功能分析
Type: OpenClaw Skill
Name: solanaprox
Version: 2.0.0
The skill is classified as suspicious due to several high-risk behaviors and a transparency issue. Firstly, the `SKILL.md` instructs the agent to execute `curl` commands that directly embed the `$SOLANA_WALLET` environment variable into shell commands without apparent sanitization, creating a shell injection vulnerability (RCE risk) if the agent's execution environment doesn't properly escape inputs. Secondly, the skill instructs the agent to run `npx solanaprox-mcp`, which allows arbitrary code execution by downloading and running an npm package, posing a significant supply chain risk. Lastly, the 'Security Manifest' in `SKILL.md` falsely claims that `https://solanaprox.com/` is the 'only' external endpoint called, while later sections explicitly provide a `curl` command to `https://aiprox.dev`, indicating a lack of transparency.
能力评估
Purpose & Capability
The name/description (Solana pay-per-request proxy) aligns with the declared runtime actions: check balance and POST requests to solanaprox.com with the wallet address in a header. Requiring SOLANA_WALLET (a wallet identifier) is expected for the stated purpose.
Instruction Scope
SKILL.md confines runtime actions to calls to https://solanaprox.com and reading the SOLANA_WALLET env var. It clearly states prompts/responses flow through a third-party proxy (privacy risk) and instructs the agent to extract only clean text. However, it also recommends running `npx solanaprox-mcp` (which would fetch and execute remote npm code) and includes registry/registration curl examples that interact with other endpoints — these expand the surface beyond simple HTTP proxy calls.
Install Mechanism
There is no install spec (lower risk), but the doc references an npm package and an npx command. If followed, that would pull and execute remote code from npm at runtime, which is a moderate risk and not accounted for in an explicit install step.
Credentials
Only one env var is required (SOLANA_WALLET), which is proportionate if it is strictly a public wallet address. The documentation asserts private keys are never accessed, but the variable name is ambiguous — a less-technical user might place a private key or seed there. That ambiguity could lead to accidental secret exposure. No other unrelated secrets are requested.
Persistence & Privilege
The skill is instruction-only, has no install that makes persistent changes, and does not request always:true. Autonomous invocation is allowed by default but not combined with other strong privilege escalation indicators.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install solanaprox - 安装完成后,直接呼叫该 Skill 的名称或使用
/solanaprox触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.0.0
Added AIProx ecosystem links, registration curl command, MCP npm package, autonomous agent demo reference
v1.0.0
- Initial release of SolanaProx skill for AI access via Solana/USDC and Phantom wallet authentication.
- Enables pay-per-request queries to Claude and GPT models without API keys.
- Implements wallet-native authentication and real-time deposit/balance detection.
- Supports stateless operation, model auto-selection, and user guidance for balance management.
- Includes clear instructions for balance checks, making requests, viewing available models, and depositing funds.
元数据
常见问题
Solanaprox 是什么?
Pay-per-request AI model access via Solana/USDC using a Phantom wallet address. Query Claude and GPT models without API keys. Wallet-native authentication wi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 612 次。
如何安装 Solanaprox?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install solanaprox」即可一键安装,无需额外配置。
Solanaprox 是免费的吗?
是的,Solanaprox 完全免费(开源免费),可自由下载、安装和使用。
Solanaprox 支持哪些平台?
Solanaprox 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Solanaprox?
由 unixlamadev-spec(@unixlamadev-spec)开发并维护,当前版本 v2.0.0。
推荐 Skills