← Back to Skills Marketplace
nansen-devops

Nansen Wallet Keychain Migration

by Nansen AI · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ⚠ suspicious
204
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install nansen-wallet-keychain-migration
Description
Migrate an existing nansen-cli wallet from insecure password storage (env files, .credentials) to the new secure keychain-backed flow.
Usage Guidance
Before installing, consider the following: - Ask the publisher why NANSEN_API_KEY is declared as a required/primary credential when the migration steps in SKILL.md never reference it. If the skill truly needs that API key, ask for a clear explanation and which commands use it. - The migration process will run commands that can reveal private keys (nansen wallet export default) and will read local files like ~/.nansen/.env or ~/.nansen/wallets/.credentials. Only run this skill on a trusted, local machine and avoid letting the agent send outputs (private keys or passwords) to external places or chat history. - The SKILL.md uses NANSEN_WALLET_PASSWORD at runtime but that env var is not declared in metadata; verify how you will provide the password. If you prefer, perform the migration manually following the documented commands instead of giving an agent permission to run them. - Verify the source of the nansen-cli npm package (official publisher) before allowing the skill to install it. Installing an npm CLI grants code execution privileges on your machine. - If you decide to proceed, run the commands interactively yourself or require explicit human confirmation before the agent executes any command that might print private keys or read password files.
Capability Analysis
Type: OpenClaw Skill Name: nansen-wallet-keychain-migration Version: 0.1.0 The skill is designed to migrate Nansen wallet passwords from insecure files to an OS keychain, but it requires the agent to execute high-risk commands like 'nansen wallet export default', which outputs raw private keys to the terminal for verification purposes. While the instructions in SKILL.md explicitly forbid logging or storing passwords, the process of handling and displaying private keys within the agent's execution environment poses a significant risk of accidental exposure or exfiltration if the agent's logs are compromised.
Capability Assessment
Purpose & Capability
The skill's stated purpose is migrating a local nansen-cli wallet password into the OS keychain. The runtime instructions only call the local 'nansen' CLI, read ~/.nansen files, and use NANSEN_WALLET_PASSWORD; they do not reference or need an API key. However the registry metadata declares NANSEN_API_KEY as a required/primary credential. That env var appears unrelated to the documented migration steps and is unnecessary for the described local operations.
Instruction Scope
SKILL.md provides concrete shell commands to detect password storage, run 'nansen wallet secure', unset env vars, and run 'nansen wallet export default' to verify decryption. These actions are coherent with migration. They do, however, require handling sensitive data: exporting the wallet will reveal private keys and the skill tells agents to read or source plaintext password files if authorized. The instructions explicitly warn not to store the password and to ask the human, which is good, but an agent executing these steps could still display or capture secrets if not carefully controlled.
Install Mechanism
Install is a node package (nansen-cli) that provides the 'nansen' binary. Pulling an official npm CLI is a reasonable install path for a CLI-based migration. This is moderate-risk compared to no install, but consistent with the need for a 'nansen' binary.
Credentials
Declared required env: NANSEN_API_KEY (primary). The instructions actually use NANSEN_WALLET_PASSWORD and local files (~/.nansen/.env, ~/.nansen/wallets/.credentials). NANSEN_API_KEY is never referenced in SKILL.md. Conversely, NANSEN_WALLET_PASSWORD (used at runtime) is not declared as a required env or primary credential. This mismatch is disproportionate and unexplained and increases risk: the skill requests access to an unrelated API credential while not declaring the sensitive local password variable it will handle.
Persistence & Privilege
The skill is not always-enabled and is user-invocable; it can be invoked autonomously (disable-model-invocation=false) which is the platform default. The skill does not attempt to persist itself or modify other skills' configs. Note: because it runs local shell commands that can reveal private keys/passwords, autonomous invocation combined with the environment mismatch (requests an API key) raises the possible blast radius if an agent is permitted to run it without human oversight.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install nansen-wallet-keychain-migration
  3. After installation, invoke the skill by name or use /nansen-wallet-keychain-migration
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
nansen-wallet-keychain-migration v0.1.0 - Initial release supporting migration of nansen-cli wallet credentials from insecure storage (env files, .credentials) to a secure OS keychain. - Provides detailed detection steps and multiple migration paths based on how the password is currently stored. - Covers post-migration verification and cleanup instructions. - Includes guidance and safety rules to ensure passwords are never exposed or mishandled. - Documents handling of lost/unrecoverable passwords and creating a new wallet.
Metadata
Slug nansen-wallet-keychain-migration
Version 0.1.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Nansen Wallet Keychain Migration?

Migrate an existing nansen-cli wallet from insecure password storage (env files, .credentials) to the new secure keychain-backed flow. It is an AI Agent Skill for Claude Code / OpenClaw, with 204 downloads so far.

How do I install Nansen Wallet Keychain Migration?

Run "/install nansen-wallet-keychain-migration" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Nansen Wallet Keychain Migration free?

Yes, Nansen Wallet Keychain Migration is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Nansen Wallet Keychain Migration support?

Nansen Wallet Keychain Migration is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Nansen Wallet Keychain Migration?

It is built and maintained by Nansen AI (@nansen-devops); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments