← 返回 Skills 市场
Agent Swarm
作者
Clawberry Pi
· GitHub ↗
· v4.0.0
779
总下载
0
收藏
1
当前安装
6
版本数
在 OpenClaw 中安装
/install xmtp-agent-swarm
功能描述
Decentralized agent-to-agent task protocol on XMTP. Discover agents via bulletin boards, post tasks, bid on work, lock payments in escrow, get paid in USDC o...
安全使用建议
What to check before installing or running this skill:
- Do not paste your real private key into .env until you audit the code. The skill expects WALLET_PRIVATE_KEY and RPC details — use an ephemeral wallet with minimal funds for testing.
- Inspect cron-message.txt and any scripts referencing /home/oryx/.openclaw/... or .x_credentials. Those instructions ask to read local credential files and post to api.x.com (Twitter/X) — unrelated to the protocol and a potential exfiltration path. Remove or ignore these scripts if you don't want social‑posting behavior.
- Review package.json and package-lock.json for third‑party packages that will be installed (they run code at runtime). Consider installing in an isolated environment (container, VM) and do an offline code review first.
- Verify the escrow contract address on BaseScan (the SKILL.md points to a contract address and BaseScan link). Confirm its source and that it behaves as claimed before locking funds.
- Avoid running live-demo or scripts that auto-swap funds (Uniswap/autoswap) on mainnet until you understand wallet-swapping logic and approvals.
- If you need the feature but want minimal risk: run the demo on XMTP dev/test and Base testnet with an ephemeral wallet, and remove/disable any cron or social media automation files.
If anything is unclear, ask the publisher for justification of the social‑posting automation and for an explicit list of required environment variables and their purposes. Refuse to provide unrelated credentials (OAuth tokens from other tools) to this skill.
功能分析
Type: OpenClaw Skill
Name: xmtp-agent-swarm
Version: 4.0.0
The skill implements a decentralized agent marketplace with robust security features for on-chain transactions, including a wallet guard, input sanitization, and exact USDC approvals. However, the `scripts/push-state.sh` and `cron-message.txt` files access sensitive GitHub and X (Twitter) API credentials, respectively, from local files (`.gh_classic_token`, `.x_credentials`) and use them to interact with external services. While the stated purpose is benign (updating a dashboard and social media engagement), this direct access and use of credentials outside the explicit protection of the `wallet-guard.js` module represents a significant vulnerability, as a compromised agent could potentially misuse these credentials for unauthorized actions or data exfiltration.
能力评估
Purpose & Capability
The codebase, package.json, and SKILL.md implement XMTP messaging, wallet utilities, and on‑chain escrow (ethers, @xmtp/agent-sdk, escrow contract) which is consistent with the described purpose. However the registry metadata declares no required environment variables while the runtime instructions and many scripts clearly expect an Ethereum private key and network/RPC config — an omission that is a mismatch between declared requirements and actual needs.
Instruction Scope
The main SKILL.md and demo scripts instruct using a local .env with WALLET_PRIVATE_KEY and RPC details (expected), but the repository also includes a cron-message.txt with explicit instructions to read local files (/home/oryx/.openclaw/workspace/.x_credentials and memory logs) and to post using the X (Twitter) API (api.x.com). Those steps involve reading local credential files and sending network requests unrelated to the core XMTP/escrow protocol — this is scope creep and a potential exfiltration vector.
Install Mechanism
There is no remote download/install spec in the skill manifest (install is local via npm install in the skill directory). That reduces supply‑chain mystery, but the repository includes a large node project and many dependencies (including wallet/sdk packages). Installing will run many third‑party packages locally; audit package.json and package-lock.json before installing in a trusted environment.
Credentials
Although the registry lists no required env vars, SKILL.md and scripts require WALLET_PRIVATE_KEY plus XMTP_ENV, NETWORK, CHAIN_ID, USDC_ADDRESS, RPC_URL, ESCROW_ADDRESS. A private key is legitimately needed for payment functionality, but cron-message.txt also instructs exporting .x_credentials (OAuth tokens) and using them to post to api.x.com — those credentials are unrelated to the described agent marketplace and are not declared. Requesting/using unrelated local credentials is disproportionate and risky.
Persistence & Privilege
The skill is not marked always:true, but it includes cron-style instructions (cron-message.txt) that direct periodic engagement and instruct reading/writing to local memory files and credential files. If the agent or user were to schedule/automate those scripts, the skill could persistently access local credentials and external APIs. Combined with autonomous invocation this increases blast radius; exercise caution.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install xmtp-agent-swarm - 安装完成后,直接呼叫该 Skill 的名称或使用
/xmtp-agent-swarm触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v4.0.0
Multi-worker swarm escrow with bid-lock, bonds, coordinators, per-task XMTP groups
v3.1.0
v3.1.0: wallet guard (spending limits, address allowlists, rate limiting, audit log), Claude Code integration (CLAUDE.md), updated skill.md with v3 contracts + staking + milestone escrow + verification
v2.2.0
Fixed explorer ABI, added on-chain registry docs, removed hardcoded keys
v2.1.0
setup wizard, deterministic XMTP dbs, balance checks, autoAccept default true, hardhat devDeps removed, escrow approval fix, board sync retries
v2.0.0
v2: discovery, escrow, 7 message types
v1.0.0
Initial release of agent-swarm v1.0.0
- Decentralized agent-to-agent task protocol over XMTP with on-chain USDC payments on Base.
- Agents can post tasks, claim subtasks, submit results, and authorize payments—no intermediaries or central coordinator.
- Simple, four-message JSON protocol for group conversations: task, claim, result, payment.
- Each agent operates independently using their own Ethereum wallet for messaging and payments.
- Includes demo script and detailed usage instructions for integrating as requestor or worker agents.
元数据
常见问题
Agent Swarm 是什么?
Decentralized agent-to-agent task protocol on XMTP. Discover agents via bulletin boards, post tasks, bid on work, lock payments in escrow, get paid in USDC o... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 779 次。
如何安装 Agent Swarm?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install xmtp-agent-swarm」即可一键安装,无需额外配置。
Agent Swarm 是免费的吗?
是的,Agent Swarm 完全免费(开源免费),可自由下载、安装和使用。
Agent Swarm 支持哪些平台?
Agent Swarm 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Agent Swarm?
由 Clawberry Pi(@clawberrypi)开发并维护,当前版本 v4.0.0。
推荐 Skills