← 返回 Skills 市场
230
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install substreams-search
功能描述
Search, inspect, and analyze Substreams packages to discover modules, visualize data flows, and generate sink deployment commands.
安全使用建议
This skill appears to do what it claims: it scrapes substreams.dev and fetches .spkg files to inspect module graphs and generate sink commands. Before installing/running it:
- Treat it as code that will make outbound HTTP requests to substreams.dev and to any URL you pass in (inspect_package accepts arbitrary URLs). Do not pass internal-only or sensitive endpoints unless you isolate the process or run it in a safe network environment (SSRF risk).
- Running via npx will pull the package from npm — verify the npm package and GitHub repository (author: PaulieB14) if you care about supply-chain provenance.
- If running the server with HTTP/SSE enabled, avoid exposing it to untrusted networks without authentication.
- If you need stronger assurance, run the provided code in a sandbox/container, review the full package on npm/github, or audit the @substreams/core and @modelcontextprotocol/sdk dependency versions used.
功能分析
Package: (mcp)
Version:
Description:
The package is a Model Context Protocol (MCP) server designed to search, inspect, and analyze Substreams packages from the substreams.dev registry. It provides tools to search the registry via web scraping, introspect .spkg files (protobuf-encoded blockchain data streams) using the @substreams/core library, and generate deployment commands for various data sinks. The codebase contains both a Python implementation (server.py) and a TypeScript implementation (src/index.ts), both of which perform legitimate operations consistent with the package's description. No malicious logic, unauthorized data exfiltration, or suspicious obfuscation was found.
能力评估
Purpose & Capability
Name, description, SKILL.md, README, and code all consistently implement searching the substreams.dev registry, parsing package cards, fetching .spkg files, inspecting module graphs, and generating sink deployment commands. The declared dependencies (HTML parser, @substreams/core, MCP SDK) and scripts in package.json match the described capabilities.
Instruction Scope
The tools accept arbitrary URLs for .spkg files and the server will fetch them and parse their contents. That behavior is necessary for inspection, but it means a user/agent could request the server fetch internal or otherwise sensitive endpoints (SSRF). The server also paginates and scrapes substreams.dev (up to MAX_PAGES=50) which results in many outbound requests — expected for its purpose but potentially abusive in some contexts.
Install Mechanism
The skill is instruction-only in the registry (no enforced install spec) but the bundle contains a standard Node package (package.json, package-lock.json, ts sources) and a Python MCP helper. The README instructs running via `npx substreams-search-mcp`, which is a normal distribution method. No remote, untrusted download URLs or extract steps were used in the provided files.
Credentials
No environment variables, credentials, or config paths are required or requested. The code does perform network I/O (scraping the registry and fetching user-provided .spkg URLs), which is proportional to the skill's function but worth noting because it can access arbitrary network targets if given arbitrary URLs.
Persistence & Privilege
always is false and there are no signs the skill attempts to alter other skills or system-wide agent config. It runs as an MCP server (stdio / SSE) when launched — normal behaviour for MCP servers and not privileged by itself.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install substreams-search - 安装完成后,直接呼叫该 Skill 的名称或使用
/substreams-search触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.3.0
- Added detailed documentation in SKILL.md, outlining key features, tools, install steps, and practical use cases.
- Highlights new and existing tools: search_substreams, inspect_package, list_package_modules, and get_sink_config.
- Improved clarity for searching packages, inspecting module graphs, analyzing sink configs, and deploying Substreams across multiple blockchains.
- Expanded use case descriptions to illustrate how the skill aids discovery, inspection, and deployment.
元数据
常见问题
Substreams Search 是什么?
Search, inspect, and analyze Substreams packages to discover modules, visualize data flows, and generate sink deployment commands. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 230 次。
如何安装 Substreams Search?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install substreams-search」即可一键安装,无需额外配置。
Substreams Search 是免费的吗?
是的,Substreams Search 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Substreams Search 支持哪些平台?
Substreams Search 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Substreams Search?
由 PaulieB14(@paulieb14)开发并维护,当前版本 v1.3.0。
推荐 Skills