← 返回 Skills 市场
vshamanov

Zerion Api

作者 vshamanov · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
1376
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install zerion-api-skill-2
功能描述
Query blockchain wallet data, token prices, and transaction history using the Zerion API via its MCP connector. Use this skill whenever the user asks about: crypto wallet balances, portfolio values, token holdings or positions, DeFi positions (staking, lending, LP), wallet PnL (profit and loss), transaction history, token/fungible asset prices or charts, NFT holdings or NFT portfolio value, or any web3 wallet analytics. Triggers on mentions of wallet addresses (0x...), ENS names, token names/symbols, "portfolio", "positions", "PnL", "transactions", "balance", "holdings", "NFTs", or any crypto/DeFi analytics queries. Also use when building artifacts or dashboards that display wallet or token data.
安全使用建议
This skill appears to do what it claims (query Zerion API endpoints for wallet, token, and NFT data), but take precautions before using it: - Do not paste highly sensitive secrets (private keys, mnemonics) into chat — the skill only needs the Zerion API key. Prefer a read-only or limited-scope API key. - Avoid following the SKILL.md guidance to embed the API key directly into model prompts or inner prompts; that can leak the key to the model provider and logs. Instead, use a secure connector/secret store or have a backend proxy that injects the Authorization header server-side. - Confirm the MCP server URL and trustworthiness (authors mention https://developers.zerion.io/mcp). If unsure, contact Zerion or use their official docs to verify endpoints and authentication method. - Because the skill's source and homepage are missing, prefer using platform-provided secure secret handling (secret manager) or only test with a rotated, limited‑permission test key first. - Rotate and revoke the API key after testing, and monitor usage for unexpected requests. If you cannot provide the key via a secure backend/secret store and must paste it into chat, be aware the key may be exposed to models and logs; consider declining to install/use the skill until it supports secure secret handling.
功能分析
Type: OpenClaw Skill Name: zerion-api-skill-2 Version: 0.1.0 The skill is designed to query blockchain data via the Zerion API, which is a legitimate purpose. The `SKILL.md` explicitly instructs the AI agent to handle the user-provided API key securely by storing it only in memory and forbidding it from being written to files, displayed in artifacts, or logged. All described API interactions are read-only operations with the legitimate Zerion API endpoints, and there are no indicators of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent.
能力评估
Purpose & Capability
Name and description (Zerion wallet/portfolio/NFT analytics) align with the endpoints and workflows documented in the skill. It does not request unrelated binaries, platform credentials, or config paths; the operations described (portfolio, positions, transactions, PnL, charts, fungible/NFT endpoints) are consistent with the Zerion API purpose.
Instruction Scope
Most runtime instructions stay on‑task (call Zerion endpoints, request an API key from the user, do not write it to files). However, the SKILL.md repeatedly recommends including the API key in 'inner prompts' (pass the key into an inner Claude prompt or embed it in the artifact prompt so the MCP call can authenticate). Embedding secrets in model prompts is a high risk for secret leakage (models, logs, and any downstream systems may capture the key). The instructions also tell frontends to accept the key via input and pass it into prompts — this encourages client-side prompt injection of secrets rather than secure header usage. No instructions ask the agent to read unrelated files or environment variables, which is good.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by an installer and no external packages are pulled in. This is the lowest-risk install footprint.
Credentials
The skill requires an API key for Zerion (which is appropriate). But it does not declare or require environment variables or platform secret storage; instead it instructs the user/agent to paste the key into chat and to include it inside prompts passed to inner models or artifacts. Asking for a per‑session API key is proportionate, but the recommended method of handling that key (embedding in prompts) is disproportionally risky and poorly justified. The skill does not request unrelated credentials.
Persistence & Privilege
The skill is not set to always:true and does not request persistent or cross-skill configuration changes. It explicitly says not to write the key to files and to store it only in memory for the conversation. The skill's source is unknown and homepage is missing — that reduces trust but does not, by itself, indicate excessive privilege.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install zerion-api-skill-2
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /zerion-api-skill-2 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release of zerion-api-skill-2. - Provides access to blockchain wallet data, token prices, NFTs, PnL, and transaction history via the Zerion API MCP connector. - Requires users to provide a Zerion API key for authentication each session (not stored or logged). - Supports EVM/ENS/Solana addresses, with chain/position filtering options. - Includes quick-reference workflows for common DeFi, portfolio, and analytics queries. - Guidance provided for secure API key handling and using MCP responses when building dashboards or artifacts. - Detailed endpoint and parameter documentation to streamline usage and integration.
元数据
Slug zerion-api-skill-2
版本 0.1.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Zerion Api 是什么?

Query blockchain wallet data, token prices, and transaction history using the Zerion API via its MCP connector. Use this skill whenever the user asks about: crypto wallet balances, portfolio values, token holdings or positions, DeFi positions (staking, lending, LP), wallet PnL (profit and loss), transaction history, token/fungible asset prices or charts, NFT holdings or NFT portfolio value, or any web3 wallet analytics. Triggers on mentions of wallet addresses (0x...), ENS names, token names/symbols, "portfolio", "positions", "PnL", "transactions", "balance", "holdings", "NFTs", or any crypto/DeFi analytics queries. Also use when building artifacts or dashboards that display wallet or token data. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1376 次。

如何安装 Zerion Api?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install zerion-api-skill-2」即可一键安装,无需额外配置。

Zerion Api 是免费的吗?

是的,Zerion Api 完全免费(开源免费),可自由下载、安装和使用。

Zerion Api 支持哪些平台?

Zerion Api 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Zerion Api?

由 vshamanov(@vshamanov)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论