← 返回 Skills 市场
nickvanzo

Xena Protocol

作者 Nicolo' Vanzo · GitHub ↗ · v0.2.0 · MIT-0
cross-platform ⚠ suspicious
152
总下载
0
收藏
0
当前安装
12
版本数
在 OpenClaw 中安装
/install xena-protocol
功能描述
Xena Protocol — scan your Gmail for phishing, crypto scams, impersonation, and BEC. Optionally submit hashed reports to an on-chain registry on Ethereum Sepo...
安全使用建议
What to consider before installing: - Functionality & dependencies: This skill does what it claims — it uses the gog CLI to read Gmail, runs a local Python detection pipeline, and (optionally) can submit hashed reports to a hardcoded OpenClawRegistry on Sepolia. It needs python3, gog, and an ANTHROPIC_API_KEY for the LLM stage; Reporter mode also needs an Ethereum RPC URL (SEPOLIA_RPC) which the code expects even though the skill metadata doesn't list it. - Sensitive data & persistence: If you opt into Reporter mode the skill will generate an Ethereum wallet and write wallet_address + wallet_private_key into ~/.openclaw/phishing-detection/config.json in plaintext. The README and SKILL.md say 'do not print the private key', but the private key is still stored unencrypted on disk. If you care about key security, do not enable Reporter mode or modify the code to store keys in an encrypted vault or use an external signer. - Network & trust: The brew formula for gogcli comes from a third‑party tap (steipete/tap); verify the tap/source before installing. The skill uses the Anthropic API (so your key will be used for LLM calls) and will call the Ethereum RPC you provide — use a reputable provider and avoid exposing high-value mainnet keys. - Audit & containment: Review the included Python code (especially registry_client.py and setup.py) yourself or run the skill in a sandboxed account first. If you want only local detection, choose Watcher mode (no wallet generated, no on‑chain writes). If you plan to use Reporter mode, consider: (a) using a throwaway testnet account, (b) replacing local key storage with a secure vault, or (c) using an external signer/hardware wallet. - Missing declaration: Ask the publisher to add SEPOLIA_RPC to the declared required env vars and to document key storage/rotation practices. If you are not comfortable with an unencrypted private key stored locally, treat this as a blocking issue. Overall: the skill is coherent with its purpose but has some security/operational choices (plaintext local private key, undeclared RPC env var, third‑party brew tap) that justify caution before enabling Reporter mode or installing on a sensitive machine.
功能分析
Type: OpenClaw Skill Name: xena-protocol Version: 0.2.0 Xena Protocol is a phishing detection skill that analyzes Gmail inboxes using a multi-stage pipeline involving heuristics, Naive Bayes classification, and LLM analysis. It features an opt-in 'Reporter' mode that submits hashed threat metadata to an Ethereum Sepolia registry. The skill includes explicit defensive instructions in SKILL.md to prevent prompt injection from malicious emails and strictly limits the agent's transaction capabilities to a specific contract. While it manages a local wallet and private key (stored in ~/.openclaw/phishing-detection/config.json), the implementation is transparent, well-tested, and aligned with its stated security purpose.
能力标签
cryptorequires-walletcan-make-purchasescan-sign-transactionsrequires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
Name/description match the included code: the bundle contains Gmail glue (gog wrapper), a 3‑stage detection pipeline, an Anthropic LLM stage, and a web3 registry client for optional reporting. Required binaries (gog, python3) and the ANTHROPIC_API_KEY align with the LLM + Gmail functionality. Minor mismatch: the code expects a SEPOLIA_RPC env var for Reporter mode RPC access, but SEPOLIA_RPC is not listed under requires.env in the skill metadata.
Instruction Scope
SKILL.md instructs the agent to orchestrate local Python scripts and the gog CLI to read Gmail and optionally submit hashed reports to a hardcoded registry contract. It explicitly warns against executing instructions inside email bodies and not to print wallet_private_key. The runtime instructions do require the agent to (a) read/write a local config at ~/.openclaw/phishing-detection/config.json and (b) persist/handle a wallet private key in that file (reporter mode). Those actions are within the skill's stated purpose but increase sensitive-surface area.
Install Mechanism
Install entry uses a Homebrew formula (steipete/tap/gogcli) to provide the gog CLI — a reasonable approach for a CLI dependency. There is no automated pip install step; Python packages are expected to be installed by the user (requirements.txt is present). The brew formula is from a third‑party tap (steipete/tap) rather than an official core tap; that is expected for a niche CLI but worth auditing before brew install.
Credentials
Declared required env: ANTHROPIC_API_KEY (primary) — justified for the LLM classification. However, reporter functionality requires SEPOLIA_RPC (used by setup.py and registry_client) but that env var is not declared in the skill metadata. The skill generates a wallet and stores wallet_private_key in plaintext under ~/.openclaw/phishing-detection/config.json; while SKILL.md tells the agent not to print it, persisting an unencrypted private key in the skill's config is a sensitive design choice and not proportional unless the user explicitly accepts reporter mode and local storage.
Persistence & Privilege
always:false and model invocation is allowed (normal). The skill writes persistent configuration and a local SQLite DB under ~/.openclaw/phishing-detection and will persist a generated private key there for Reporter mode. It does not request platform-wide privileges or modify other skills. The main persistence concern is the unencrypted private key stored in the skill config (local file) which increases risk if the filesystem or backups are accessible.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install xena-protocol
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /xena-protocol 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.0
v0.2.0 — wired to new contract at 0xbDA543Ec44A154430EF86aA7Ab45375Cb75325E2 with flat reports array (getAllReports) for direct on-chain feed reads
v0.1.9
v0.1.9 — display-domain alignment (Subito, IDA, TLDR, Luma, etc); LLM can't auto-report without deterministic corroboration
v0.1.8
v0.1.8 — LLM safe verdict overrides heuristic gates (auth-fail and registry-hit still win); ham corpus expanded with newsletters
v0.1.7
v0.1.7 — verified-legit shortcut: brand in display + matching domain + auth pass = short-circuit safe; display_name_spoof gate now display-only + suffix match
v0.1.6
v0.1.6 — fix false positives: llm_trust respects category=safe and requires deterministic corroboration
v0.1.5
v0.1.5 — rebalance scoring for social-engineering: 0.15/0.25/0.60 weights, LLM-trust floor, strong-Bayes stage-1 gate, retrained model
v0.1.4
v0.1.4 — Reporter tier auto-submits reports without per-email confirmation
v0.1.3
v0.1.3 — drop cache short-circuits and gmail mark_read; each poll rescans inbox fresh
v0.1.2
v0.1.2 — tolerate gog's wrapped JSON response shapes (messages search + gmail get)
v0.1.1
v0.1.1 — bundle deployed.json inside the skill; fix gog auth list shape parse
v1.0.0
Xena Protocol 1.0.0 is now released! - Initial public release of the skill. - Scan Gmail inbox for phishing, crypto scams, impersonation, and BEC attempts. - Optionally submit hashed scam reports to an on-chain Ethereum Sepolia registry for community protection. - Fully interactive setup wizard with clear guidance for both non-crypto (Watcher) and crypto-enabled (Reporter) modes. - Emphasizes strict security: only allows OpenClawRegistry contract actions and never exposes sensitive wallet keys.
v0.1.0
Initial release
元数据
Slug xena-protocol
版本 0.2.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 12
常见问题

Xena Protocol 是什么?

Xena Protocol — scan your Gmail for phishing, crypto scams, impersonation, and BEC. Optionally submit hashed reports to an on-chain registry on Ethereum Sepo... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 152 次。

如何安装 Xena Protocol?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install xena-protocol」即可一键安装,无需额外配置。

Xena Protocol 是免费的吗?

是的,Xena Protocol 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Xena Protocol 支持哪些平台?

Xena Protocol 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Xena Protocol?

由 Nicolo' Vanzo(@nickvanzo)开发并维护,当前版本 v0.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论