← 返回 Skills 市场
294
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install venus-agent-skills
功能描述
Analyze Venus Protocol lending/borrowing positions on BNB Chain with risk-first guidance. Use when users ask about Venus markets, collateral/borrow decisions...
安全使用建议
This package appears to do what it claims: market reads, on‑chain wallet exposure checks, conservative risk scoring, and optional transaction helpers. Important things to consider before installing or running: 1) Default mode is simulate/read-only — always run simulate/preview first. 2) Broadcast actions require you to supply a private key and --confirm YES; avoid passing private keys on the command line (they can appear in process lists and shell history). Prefer using a secure signer (hardware wallet, ephemeral node signer) or a protected key file. 3) Verify RPC and API endpoints before use (defaults are public BNB dataseed and api.venus.io); do not point the scripts to an untrusted RPC or API. 4) Review/verify contract addresses in references (pool-filter.json and references JSON) against official sources. 5) If you intend to let an agent invoke this autonomously, restrict that capability or require explicit human confirmation for any broadcast step. If you want a deeper check, request an audit of the transaction broadcast code paths (node scripts that call wallet.signer) and of wallet_onchain_exposure.py to confirm no unexpected network calls or data exfiltration.
功能分析
Type: OpenClaw Skill
Name: venus-agent-skills
Version: 1.0.0
The skill bundle is designed for risk-aware analysis and operations on Venus Protocol and Flux. It includes clear guardrails in `SKILL.md` and the scripts, such as defaulting to 'simulate' mode, requiring explicit '--confirm YES' and '--private-key' for 'broadcast' transactions, and implementing health factor safety checks (e.g., in `scripts/venus_withdraw.js`). While scripts use `subprocess.check_output` (Python) and `execFileSync` (Node.js) to call other scripts, arguments are passed as lists, which is the standard and generally safe method to prevent shell injection. There is no evidence of intentional data exfiltration, unauthorized persistence, obfuscation, or malicious prompt injection attempts against the agent.
能力评估
Purpose & Capability
The name/description (Venus Protocol risk-first analysis on BNB Chain) matches the included scripts and references: market fetchers, wallet on‑chain readers, health simulators, and explicit deposit/withdraw/borrow/collateral execution helpers. The presence of both analysis (read-only) and execution (broadcast) scripts is documented in SKILL.md and the code; this is coherent with the stated purpose of providing both risk checks and execution planning.
Instruction Scope
SKILL.md confines runtime behavior to the listed scripts, uses official Venus API and BNB RPC endpoints by default, and requires explicit confirmation for broadcast transactions. This stays within the stated scope. Note: execution-capable scripts accept a private key and can sign/broadcast transactions when run with --mode broadcast and --confirm YES — the skill warns about this, but users should treat broadcast capability as sensitive and follow the guardrails (simulate first, explicit confirm).
Install Mechanism
Instruction-only skill with no install spec; included scripts are plain Python/Node files. Nothing is downloaded from arbitrary URLs during install. No archive/extract installs or remote installers were found in the manifest.
Credentials
The skill requests no environment variables or built-in credentials, which is proportionate. However, multiple scripts accept a raw private key via CLI arguments to perform broadcasts. Passing private keys on CLI can leak to process listings and shell history; while this pattern matches typical CLI crypto tooling, it is a sensitive design choice the user should treat carefully (prefer ephemeral signers, hardware wallets, or protected key files).
Persistence & Privilege
The skill does not request persistent or privileged platform flags (always:false). It does not attempt to modify other skills or global agent settings. Autonomous invocation is allowed by default but is not combined with other high-risk factors here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install venus-agent-skills - 安装完成后,直接呼叫该 Skill 的名称或使用
/venus-agent-skills触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial public release: Venus Core + Flux
元数据
常见问题
Venus Agent Skills 是什么?
Analyze Venus Protocol lending/borrowing positions on BNB Chain with risk-first guidance. Use when users ask about Venus markets, collateral/borrow decisions... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 294 次。
如何安装 Venus Agent Skills?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install venus-agent-skills」即可一键安装,无需额外配置。
Venus Agent Skills 是免费的吗?
是的,Venus Agent Skills 完全免费(开源免费),可自由下载、安装和使用。
Venus Agent Skills 支持哪些平台?
Venus Agent Skills 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Venus Agent Skills?
由 zed-venus(@zed-venus)开发并维护,当前版本 v1.0.0。
推荐 Skills