← 返回 Skills 市场
Trails - pay with any token from any chain
作者
JamesLawton
· GitHub ↗
· v1.0.0
1879
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install trails
功能描述
Integrate Trails cross-chain infrastructure — Widget, Headless SDK, or Direct API
安全使用建议
This skill appears to do what it says: it helps you integrate Trails by examining your project, recommending Widget/Headless/API approaches, and producing code. Before installing or using it, consider: 1) the skill will look for API keys in your project and environment — only allow access if you trust the agent and do not want secrets scanned or exposed; 2) follow the docs' guidance about using server-side (TRAILS_API_KEY) vs client-side (NEXT_PUBLIC_TRAILS_API_KEY) keys — never publish server keys in client code or commit them to source control; 3) verify you trust the Trails endpoints (docs.trails.build, dashboard.trails.build, api.trails.build) and the package names the snippets reference (e.g., @0xtrails/trails); 4) prefer adding API keys to environment variables on the server, test calldata flows on testnets first, and avoid pasting full keys into chat unless you explicitly intend to share them. If you want extra assurance, ask the skill author for a signed repository link or review the upstream GitHub release/source code before using their npm packages.
功能分析
Type: OpenClaw Skill
Name: trails
Version: 1.0.0
The skill instructs the AI agent to read environment variables and `.env` files (e.g., `TRAILS_API_KEY`, `NEXT_PUBLIC_TRAILS_API_KEY`) from the user's project, as detailed in `SKILL.md` and `README.md`. While this is presented as necessary for the skill's stated purpose of integrating the Trails API (api.trails.build), granting an AI agent direct access to local environment configurations is a high-risk capability. This could be exploited via prompt injection to exfiltrate other sensitive environment variables or local files. Additionally, the skill instructs the agent to install dependencies without version pins (`@0xtrails/trails`, `@0xtrails/trails-api`), which introduces a supply chain risk.
能力评估
Purpose & Capability
The name, description, docs, and code snippets all consistently implement a Trails integration assistant (Widget, Headless SDK, Direct API). One small mismatch: the registry metadata declares no required environment variables, but the SKILL.md and docs repeatedly instruct the agent to look for and use TRAILS_API_KEY / NEXT_PUBLIC_TRAILS_API_KEY. That difference is minor but worth noting (the skill doesn't force a credential at install time, but its runtime behavior expects you to provide one).
Instruction Scope
The runtime instructions explicitly tell the agent to scan the project for an API key (search .env files, environment variables, and config files) before generating integration code. That behavior is coherent with the goal (the skill must know whether an API key exists and whether it is client- or server-side). It does mean the agent will be directed to access workspace files and environment variables, which are sensitive — appropriate here but worth the user's awareness.
Install Mechanism
No install spec is provided (instruction-only skill with embedded docs and code snippets). The included code samples reference npm/pnpm packages (e.g., @0xtrails/trails, @0xtrails/trails-api) and official-looking endpoints (api.trails.build, docs.trails.build). There are no downloads from unknown URLs, no extract/install operations, and no obfuscated installers.
Credentials
The skill does not declare required env vars in the registry metadata, but the documentation and SKILL.md legitimately instruct users to supply TRAILS_API_KEY or NEXT_PUBLIC_TRAILS_API_KEY for server/client flows. That credential request is proportionate to the service (Trails API). The docs also correctly point out the difference between server-only keys and client-exposed keys (NEXT_PUBLIC_ prefix). There are no demands for unrelated secrets or multi-service credentials.
Persistence & Privilege
The skill is not configured as always:true and does not request persistent modification of other skills or system-wide settings. disable-model-invocation is false (normal). It acts as an on-demand integration helper and provides guidance/code snippets only.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install trails - 安装完成后,直接呼叫该 Skill 的名称或使用
/trails触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of the Trails integration skill for native cross-chain interactions and enabling agents to execute any onchain transaction seamlessly.
元数据
常见问题
Trails - pay with any token from any chain 是什么?
Integrate Trails cross-chain infrastructure — Widget, Headless SDK, or Direct API. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1879 次。
如何安装 Trails - pay with any token from any chain?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install trails」即可一键安装,无需额外配置。
Trails - pay with any token from any chain 是免费的吗?
是的,Trails - pay with any token from any chain 完全免费(开源免费),可自由下载、安装和使用。
Trails - pay with any token from any chain 支持哪些平台?
Trails - pay with any token from any chain 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Trails - pay with any token from any chain?
由 JamesLawton(@jameslawton)开发并维护,当前版本 v1.0.0。
推荐 Skills