← 返回 Skills 市场

Wise Read Only

Name: Wise Read Only
Author: cianweeresinghe-sudo

作者 cianweeresinghe-sudo · GitHub ↗ · v1.0.3

cross-platform ✓ 安全检测通过

305

总下载

当前安装

版本数

在 OpenClaw 中安装

/install wise-readonly

功能描述

Read-only Wise API operations for account inspection, FX lookups, recipients, and transfer history. Use when asked to list profiles, balances, recipients, tr...

安全使用建议

This skill appears to be what it claims: a read-only Wise API client. Before installing, verify the registry metadata mismatch (the skill requires WISE_API_TOKEN despite an earlier header saying none). Provide a least-privilege Wise API token (read-only if Wise supports scoped tokens), avoid using a highly privileged/production token for testing, and confirm the platform's UI prevents implicit invocation if you want manual control. If you ever suspect the token was exposed, revoke it immediately. If you need deeper assurance, review the script yourself (scripts/wise_readonly.mjs is included and small) or run it in a sandboxed environment first.

功能分析

Type: OpenClaw Skill Name: wise-readonly Version: 1.0.3 The skill provides read-only access to the Wise API for account inspection, balance checks, and FX rate lookups. The implementation in `scripts/wise_readonly.mjs` strictly uses GET requests to the official Wise API (api.wise.com), includes a robust PII redaction mechanism for sensitive fields like account numbers and names, and lacks any write-capable operations or suspicious network activity.

能力评估

ℹ Purpose & Capability

The skill's name, description, SKILL.md, .clawhub/config.toml, and the script all align: it is a read-only Wise API client. However, the top-level registry metadata (in the evaluation header) stated 'Required env vars: none' and 'Primary credential: none', which contradicts the skill files that require WISE_API_TOKEN. This appears to be a metadata mismatch (outdated or erroneous registry metadata), not a functional mismatch in the code.

✓ Instruction Scope

The SKILL.md and the script limit behavior to GET requests against https://api.wise.com and explicitly state read-only operations and PII redaction. The script only reads command-line args and the WISE_API_TOKEN env var, formats requests, redacts certain PII fields by default, and prints JSON. There are no instructions to read arbitrary local files or send data to third-party endpoints outside api.wise.com.

✓ Install Mechanism

No install spec is provided (instruction-only skill) and the included script is self-contained Node.js. Nothing is downloaded from external/untrusted URLs and no archives are extracted. Risk from install mechanism is low.

ℹ Credentials

The skill requires a single credential, WISE_API_TOKEN, which is appropriate for a Wise API client. Again, the only inconsistency is the registry header claiming no required env vars while .clawhub/config.toml and SKILL.md declare WISE_API_TOKEN as required and primary. No unrelated secrets or broad system credentials are requested.

✓ Persistence & Privilege

The skill does not request always:true and does not modify other skills or system configuration. The agents/openai.yaml sets allow_implicit_invocation: false (UI policy to disable implicit invocation by default), so it is not granted forced/global presence. The normal platform behavior allowing autonomous invocation is not a special privilege of this skill and is not combined with other worrying indicators.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install wise-readonly
安装完成后，直接呼叫该 Skill 的名称或使用 /wise-readonly 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.3

Version 1.0.3 - Expanded supported commands to include recipients, transfers, quote lookup, delivery estimate, and historical exchange rates. - Added commands for fetching individual balances, temporary quotes, account requirements, and transfer/recipient details (all PII-redacted by default). - Updated description and documentation for clarity and broader API coverage. - Continued strict no-write policy—still no create, fund, cancel, or delete actions. - Improved metadata for smoother ClawHub and OpenClaw UI integration.

v1.0.2

- Updated .clawhub/config.toml configuration. - No changes to skill features, documentation, or functionality.

v1.0.1

Initial project configuration files added. - Added .clawhub/config.toml configuration file. - Added agents/openai.yaml agent definition.

v1.0.0

Initial release: Provides read-only Wise API access for account and FX inspection. - Supports listing profiles and fetching profile details (PII is redacted by default). - Allows viewing balances for a given profile. - Can check exchange rates between currencies. - Does not allow any write, transfer, recipient, or quote operations. - Ensures privacy and safety by redacting sensitive information and disallowing mutations.

元数据

Slug wise-readonly

版本 1.0.3

许可证 —

累计安装 1

当前安装数 1

历史版本数 4

常见问题

Wise Read Only 是什么？

Read-only Wise API operations for account inspection, FX lookups, recipients, and transfer history. Use when asked to list profiles, balances, recipients, tr... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 305 次。

如何安装 Wise Read Only？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install wise-readonly」即可一键安装，无需额外配置。

Wise Read Only 是免费的吗？

是的，Wise Read Only 完全免费（开源免费），可自由下载、安装和使用。

Wise Read Only 支持哪些平台？

Wise Read Only 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Wise Read Only？

由 cianweeresinghe-sudo（@cianweeresinghe-sudo）开发并维护，当前版本 v1.0.3。