Yield Agent

On-chain yield discovery, transaction building, and portfolio management via the Yield.xyz API. Use when the user wants to find yields, stake, lend, deposit into vaults, check balances, claim rewards, exit positions, compare APYs, or manage any on-chain yield across 80+ networks.

This skill appears to do what it claims: it queries Yield.xyz, constructs unsigned transactions, and expects a wallet skill to sign and broadcast them. Before installing: - Replace the embedded shared API key in skill.json with your own YIELDS_API_KEY (the manifest includes a 'free shared key' for convenience). Do not rely on a shared key in production. - Review and trust the wallet skill you pair with this (Crossmint/Privy/Portal/Turnkey). The yield-agent will hand unsigned transactions to that wallet for signing; never provide private keys to this skill. Follow its wallet integration docs. - Be aware the skill may persist a small state file (positions, addresses, alerts) under the skill's state directory (~/.openclaw/skills/yield-agent/state or the skill state/ path). If you run Superskills or scheduling, expect periodic checks and stored metadata; audit or clear that state if needed. - The SKILL.md and scripts repeatedly warn: do NOT modify unsignedTransaction returned by the API — changing it can cause loss of funds. Follow that rule strictly. - The package references an OpenAPI spec and many examples; if provenance matters, verify the upstream repository (the README points to a GitHub org 'stakekit/yield-agent') and confirm the publisher before trusting for production. If you want a stricter review, provide the untruncated openapi.yaml and the identity/URL used to publish this skill so I can check for surprises (hidden endpoints, unexpected third-party hosts, or additional embedded keys).

Type: OpenClaw Skill Name: yield-agent Version: 0.1.5 The skill is classified as suspicious primarily due to the inclusion of a default, shared API key (`b40dd85f-d89e-48da-a2b3-ec04fae106dc`) in `skill.json`. While the `_apiKeyNote` explicitly advises replacing it for production, its presence as a default poses a vulnerability if used without replacement, potentially leading to unauthorized access or rate limiting issues for the shared key. The shell scripts (`scripts/*.sh`) correctly sanitize user inputs and construct JSON payloads using `jq` to prevent shell injection. Furthermore, the `SKILL.md` and `references/safety.md` files contain strong, explicit instructions for the AI agent to never modify transactions, always seek user confirmation for financial operations, and adhere to configurable safety guardrails, actively mitigating prompt injection risks and demonstrating a clear intent to operate safely within the high-risk domain of DeFi transactions via `https://api.yield.xyz`.