← 返回 Skills 市场
241
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install stove-taker-api
功能描述
使用 Stove Protocol 的 Taker API 进行锁单、成交、撤单响应以及成交记录与订单查询,基于 API Key 认证访问。
安全使用建议
This skill implements CLI calls to the Stove Taker API and will send whatever API Key you provide to the configured base_url (default https://proto.stove.finance). Before installing or using it: 1) Verify whether the actual Stove API requires an API Secret and HMAC signature — the included docs say a Secret/signature is required but the script does not implement signing; if the API does require signing, this tool may not work and you should not supply a secret to an untrusted skill. 2) Treat the API Key as sensitive: provide it only via the skill's secret config (do not paste into chat) and consider using a scoped key for testing. 3) Prefer using the test environment (use_test_env or --env test) when trying the skill. 4) If you rely on this in production, review the Python script source locally to ensure it meets your security and signing requirements or extend it to implement the documented HMAC signing flow. 5) The metadata omission (registry showing no required creds) is a red flag: confirm with the provider/maintainer why the documentation and runtime arguments differ before trusting this skill with real credentials.
功能分析
Type: OpenClaw Skill
Name: stove-taker-api
Version: 0.1.0
The skill bundle provides a standard interface for interacting with the Stove Protocol Taker API. The core logic in `scripts/taker_api.py` uses the Python standard library to wrap HTTP requests for order management tasks like locking, filling, and querying orders. While there is a discrepancy between the script's simple API key header implementation and the HMAC signature requirements described in `references/API Authorization.md`, this appears to be a functional oversight or an environmental difference rather than a malicious indicator. The bundle lacks any signs of data exfiltration, unauthorized command execution, or prompt injection attempts.
能力评估
Purpose & Capability
Name, description, docs and script all target the Stove Protocol Taker API and the provided CLI covers validate/lock/unlock/fill/query operations — those capabilities align with the stated purpose. However, the reference docs describe an API Key + Secret HMAC signature flow, while the runtime script and SKILL.md only use a single X-API-Key header (no signature/timestamp). This is an inconsistency between documentation and implementation.
Instruction Scope
SKILL.md instructs the agent to run the included Python script which only performs HTTP(S) requests to the configured base_url and prints JSON. The instructions and script do not read local filesystem paths or environment variables outside the declared config, nor do they send data to unexpected endpoints.
Install Mechanism
This is an instruction-only skill with no install spec; the script is included in the bundle and will be executed directly. No external downloads or package installs are performed by the skill itself.
Credentials
SKILL.md/config requires an API Key (secret) passed as a skill config parameter — reasonable for this API. But registry metadata earlier listed no required credentials, which is inconsistent with the skill's runtime config. More importantly, the reference docs describe an API Secret and signature headers (X-API-Signature, X-API-Timestamp), yet the script does not accept or generate a signature or timestamp — if the real Stove API requires an API Secret, this script will fail or the user may be prompted to provide a secret elsewhere. The skill will transmit the provided API Key in requests to the configured base_url (defaulting to proto.stove.finance).
Persistence & Privilege
always is false, and the skill does not request elevated persistent privileges or modify other skills/config. It requires network permission (declared) to contact the API, which is appropriate for its purpose.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install stove-taker-api - 安装完成后,直接呼叫该 Skill 的名称或使用
/stove-taker-api触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release of the Stove Taker API skill.
- Provides shell-based access to Stove Protocol Taker API for order validation, locking/unlocking, filling, rejecting, and querying orders/trades.
- Supports environment selection (production/test) and custom base URL, with API key authentication.
- Includes detailed usage documentation and robust Python command-line interface examples.
- Covers handling of order/trade list responses and recommends best practices for API usage and pagination.
- Offers guidance for subscribing to Taker WebSocket push notifications.
元数据
常见问题
Stove Taker Api 是什么?
使用 Stove Protocol 的 Taker API 进行锁单、成交、撤单响应以及成交记录与订单查询,基于 API Key 认证访问。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 241 次。
如何安装 Stove Taker Api?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install stove-taker-api」即可一键安装,无需额外配置。
Stove Taker Api 是免费的吗?
是的,Stove Taker Api 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Stove Taker Api 支持哪些平台?
Stove Taker Api 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Stove Taker Api?
由 zschen211(@zschen211)开发并维护,当前版本 v0.1.0。
推荐 Skills