← 返回 Skills 市场
starrftw

Tokenbroker

作者 starrftw · GitHub ↗ · v1.0.2
cross-platform ⚠ suspicious
1592
总下载
2
收藏
2
当前安装
3
版本数
在 OpenClaw 中安装
/install tokenbroker
功能描述
AI Agent Skill for GitHub project analysis and nad.fun token launch. Analyzes repos, generates token identity/promo, and launches on nad.fun.
安全使用建议
Key things to check before installing or running TokenBroker: 1. Clarify credential needs: The registry shows no required env vars but the SKILL.md/METADATA.md request GITHUB_TOKEN, PRIVATE_KEY, BUILDER_ID and NAD_FUN_API_KEY. Ask the author which credentials are actually required and why. Do not provide your PRIVATE_KEY unless you fully understand where and how it will be used and stored. 2. Prefer A2A injection over storing secrets on disk: The docs mention both writing a .env and using A2A secure injection. Use A2A or short-lived tokens where possible; avoid putting private keys in a .env file on disk. 3. Limit GitHub token scope: If you supply GITHUB_TOKEN for monitoring, restrict it to read-only (public_repo) and consider using OAuth with minimal scopes and rotation. 4. Confirm approval flow for launches: The skill describes automated GitHub monitoring and delegation to nadfun. Verify whether launches require a human approval step before any on-chain action or signing occurs. 5. Audit delegation targets: TokenBroker delegates to a 'nadfun' skill and invokes other A2A identity services. Verify those dependency skills' sources and trustworthiness before allowing automatic delegation. 6. Test in safe environment: Run in testnet mode and with burner keys first. Review generated metadata and all network requests (e.g., POSTs to nad.fun endpoints) to confirm they match expectations. 7. Ask author for registry corrections: The registry metadata should list the environment variables the skill needs. The mismatch is an actionable red flag. If you cannot get clear answers about credential handling and the human approval gating, treat the skill as risky and avoid providing high-privilege secrets (especially PRIVATE_KEY).
功能分析
Type: OpenClaw Skill Name: tokenbroker Version: 1.0.2 The skill bundle is suspicious due to significant prompt injection and content injection vulnerabilities. It processes untrusted input from GitHub repositories (e.g., `README.md`, `package.json` as per `PROJECT-SCAN.md` and `GITHUB.md`) and uses this data directly in critical operations. This includes making API calls to external endpoints (e.g., `https://api.nadapp.net` in `src/generators/nadfun.ts`) with potentially malicious SVG image data or metadata, and, more critically, passing this untrusted data as arguments to `invokeSkill` calls to other AI agents (e.g., `nadfun`, `AuditAgent`, `SocialWhisperer` as seen in `GITHUB.md`, `LAUNCH.md`, `METADATA.md`, `PROMO.md`). This design allows a malicious actor to craft a GitHub repository containing prompt injection payloads, potentially manipulating the agent's behavior or other skills, or injecting malicious content into external services or public social media posts.
能力评估
Purpose & Capability
The skill claims to analyze GitHub repos and orchestrate nad.fun launches — that purpose explains most included files (scan, metadata, promo, nadfun). However registry metadata declares no required environment variables while SKILL.md / METADATA.md / SETUP.md state the skill needs GITHUB_TOKEN, PRIVATE_KEY, BUILDER_ID, NAD_FUN_API_KEY and NETWORK. That mismatch (no env listed in registry but many sensitive envs documented) is incoherent and should be clarified. Requiring a PRIVATE_KEY is plausible for on-chain deployment, but TokenBroker's docs also claim on-chain ops are delegated to a separate 'nadfun' skill (which should manage keys) — asking for PRIVATE_KEY at the TokenBroker level is unclear and may be unnecessary.
Instruction Scope
Instructions include read-only local project scanning (expected) and clearly describe generating a .env and various credential handling modes (A2A, OAuth, PAT). They also instruct the agent to monitor GitHub activity and (after prompting) delegate launches to nadfun. Conflicting guidance appears: some docs say credentials are always injected and never persisted, others describe the Install Wizard writing a .env. The skill also describes automated triggers and A2A calls (invokeSkill) which could cause remote delegation; the degree of automation and when user approval is required is inconsistent across documents.
Install Mechanism
No install spec is provided (instruction-only), and the package contains source files only. No external downloads or installation scripts were included in the manifest. This reduces installation-surface risk compared with remote installers.
Credentials
The code and docs reference multiple sensitive environment values (GITHUB_TOKEN, PRIVATE_KEY, NAD_FUN_API_KEY, BUILDER_ID) while the registry metadata lists none — this mismatch is concerning. PRIVATE_KEY in particular grants signing power; TokenBroker claims it delegates signing to nadfun, yet some docs require the private key locally. The skill asks users to create a .env and also promotes A2A secret injection — conflicting recommendations increase the chance of improper key storage/exfiltration. Requesting a full PRIVATE_KEY without a clear, necessary reason at this skill boundary is disproportionate.
Persistence & Privilege
The skill does not request always:true and is user-invocable; autonomous invocation is allowed (platform default). It does describe writing a local .env and maintaining local history files (e.g., .tokenbroker/history.json) — those are normal for this type of meta-skill but should be highlighted to users. There is no indication the skill modifies other skills or system-wide settings beyond invoking other agent skills (A2A), which is expected for orchestration.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install tokenbroker
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /tokenbroker 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Added generators for identity, reasoning, promo, nadfun API, and pipeline orchestration - Introduced modular architecture under src/generators/ for token launch asset generation - Expanded documentation for on-chain deployment and API integration with nad.fun - Enhanced security guidance: all credentials now handled via local .env file only - Quick Start and usage examples for agents included in the documentation
v1.0.1
Version 1.0.1 – Refactor as a meta-skill for orchestrating token launches, with increased modularity and delegated on-chain operations. - Refactored TokenBroker as a meta-skill focused on orchestration, delegating all on-chain and sensitive operations to dependency skills (nadfun, monad-development). - Updated documentation to clarify separation of responsibilities and introduce improved module structure (added SETUP.md, removed ABI.md, TRADING.md, VERIFY.md). - Enhanced security section: explicit boundaries around credential handling, emphasizing non-persistence and environmental injection. - Added comprehensive setup and installation guidance, including clearer dependencies and network references.
v1.0.0
TokenBroker 1.0.0 - Initial Release - Introduces an autonomous agent skill for launching tokens on nad.fun by scanning and analyzing GitHub projects. - Provides a 4-step token deployment flow using the Monad blockchain, including bonding curve support. - Bundles modules for repository activity tracking, metadata generation, orchestration, smart contract interaction, statistics, and marketing promotion. - Includes a step-by-step install wizard for environment setup, wallet configuration, network selection, and GitHub integration. - Supplies configuration guidance and quick start instructions for seamless integration with agent frameworks.
元数据
Slug tokenbroker
版本 1.0.2
许可证
累计安装 3
当前安装数 2
历史版本数 3
常见问题

Tokenbroker 是什么?

AI Agent Skill for GitHub project analysis and nad.fun token launch. Analyzes repos, generates token identity/promo, and launches on nad.fun. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1592 次。

如何安装 Tokenbroker?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install tokenbroker」即可一键安装,无需额外配置。

Tokenbroker 是免费的吗?

是的,Tokenbroker 完全免费(开源免费),可自由下载、安装和使用。

Tokenbroker 支持哪些平台?

Tokenbroker 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Tokenbroker?

由 starrftw(@starrftw)开发并维护,当前版本 v1.0.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论