技能详情(站内镜像,无评论)
作者:Francesco @andreolf
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v0.1.0
统计:⭐ 5 · 1.6k · 1 current installs · 3 all-time installs
⭐ 5
安装量(当前) 3
🛡 VirusTotal :良性 · OpenClaw :可疑
Package:andreolf/metamask-agent-wallet-skill
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :可疑
OpenClaw 评估
The skill's instructions promise a sandboxed MetaMask agent but reference installing and running code (npm, Playwright, a Chrome profile, and filesystem paths) while the package contains no code or install spec — this mismatch and the reliance on remote npm installs make the skill suspicious.
目的
The declared metadata lists no required binaries, env vars, or config paths, but SKILL.md instructs the user/agent to run npm install, npx playwright install, npm run setup, install a MetaMask extension, and create files under ~/.agent-wallet. A MetaMask automation skill would legitimately need browser automation and dependencies, but the package provides no code or install manifest and does not declare the filesystem paths it will use — an in…
说明范围
Runtime instructions direct the creation of a Chrome profile, installation of MetaMask, storing wallet seed in the extension/profile, writing logs to ~/.agent-wallet/logs, and reading/writing permissions.json. They also allow signing arbitrary messages and performing transactions. The instructions do not specify how secret material (seed/private keys) is protected, how approval prompts reach the user, or how the agent obtains the code it runs …
安装机制
There is no install spec in the skill metadata, but SKILL.md tells users to run npm install and npx playwright install, which will fetch and execute code from remote package registries. Without a package.json, source repository, or pinned release URL, this is high risk: npm installs pull arbitrary third-party code and Playwright will download browser binaries. The absence of a verified install mechanism is a red flag.
证书
The skill declares no required credentials, which superficially reduces risk, but the instructions require creating and funding a wallet and implicitly rely on local private keys managed by MetaMask in the created profile. The skill does not document where secrets are stored, how approvals are authenticated, or what code can access the profile directory. Requesting no env vars while instructing creation of sensitive local secrets is disproport…
持久
always:false and user-invocable are appropriate. However, the instructions create persistent artifacts (Chrome profile, extension, permissions.json, logs under ~/.agent-wallet) and will likely run background automation (Playwright controlling a browser). The skill does not request platform-level always-on privileges, but it will leave persistent on-disk state and potentially long-running processes if installed/run.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「MetaMask Agent Wallet」。简介:Control a sandboxed MetaMask browser extension wallet for autonomous blockchain…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/andreolf/metamask-agent-wallet-skill/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: MetaMask Agent Wallet
description: Control a sandboxed MetaMask browser extension wallet for autonomous blockchain transactions. Features configurable permission guardrails including spend limits, chain allowlists, protocol restrictions, and approval thresholds. MetaMask-only (other wallets not supported).
tags:
- crypto
- metamask
- wallet
- ethereum
- defi
- web3
- blockchain
- automation
- browser
---
# MetaMask Agent Wallet Skill
Controls a sandboxed MetaMask wallet for autonomous blockchain transactions with configurable permission guardrails.
## Overview
This skill allows AI agents to interact with dapps and execute transactions through a dedicated MetaMask wallet. All operations are subject to user-defined constraints (spend limits, protocol allowlists, approval thresholds).
**Security Model:** The agent controls a *separate* wallet in an isolated browser profile. Never use your main wallet.
## Setup
### 1. Install Dependencies
```bash
cd metamask-agent-skill
npm install
npx playwright install chromium
```
### 2. Create Agent Wallet Profile
```bash
npm run setup
```
This will:
- Create a fresh Chrome profile at `~/.agent-wallet/chrome-profile`
- Install MetaMask extension
- Guide you through wallet creation (use a NEW seed phrase)
### 3. Fund the Wallet
Transfer a small amount to your agent wallet:
- ETH for gas (0.01-0.05 ETH recommended)
- Tokens for operations (start small, e.g., $50 USDC)
### 4. Configure Permissions
Edit `permissions.json` to set your constraints:
```json
{
"constraints": {
"spendLimit": {
"daily": "50000000", // $50 in 6-decimal format
"perTx": "10000000" // $10 max per transaction
},
"allowedChains": [1, 137, 42161],
"allowedProtocols": ["0x...uniswap", "0x...1inch"]
}
}
```
## Available Actions
### Connect to Dapp
```
connect <dapp-url>
```
Navigates to dapp and connects the agent wallet.
**Example:** `connect https://app.uniswap.org`
### Execute Swap
```
swap <amount> <token-in> for <token-out> [on <dex>]
```
Executes a token swap on an allowed DEX.
**Example:** `swap 0.01 ETH for USDC on uniswap`
### Send Tokens
```
send <amount> <token> to <address>
```
Sends tokens to an address (within spend limits).
**Example:** `send 10 USDC to 0x1234...`
### Sign Message
```
sign <message>
```
Signs an arbitrary message. Use with caution.
### Check Balance
```
balance [token]
```
Returns wallet balances.
### View Transaction History
```
history [count]
```
Shows recent agent transactions with outcomes.
## Constraints
All operations check against `permissions.json` before execution:
| Constraint | Description |
|------------|-------------|
| `spendLimit.daily` | Max USD value per 24h period |
| `spendLimit.perTx` | Max USD value per transaction |
| `allowedChains` | Whitelisted chain IDs |
| `allowedProtocols` | Whitelisted contract addresses |
| `blockedMethods` | Forbidden function selectors |
| `requireApproval.above` | Threshold requiring user confirmation |
### Approval Flow
When a transaction exceeds `requireApproval.above`:
1. Agent pauses execution
2. Transaction details are logged
3. Agent reports: "Transaction requires approval: [details]"
4. User must explicitly approve before agent continues
## Safety
- **Isolated Profile:** Agent uses separate Chrome profile, never your main browser
- **Separate Wallet:** Agent wallet is completely separate from your main wallet
- **Spend Caps:** Hard limits prevent runaway spending
- **Protocol Allowlist:** Only whitelisted contracts can be called
- **Full Logging:** Every transaction intent and outcome is logged
- **Revocation:** Set `"revoked": true` in permissions.json to disable all actions
## Logging
All transactions are logged to `~/.agent-wallet/logs/`:
```json
{
"timestamp": 1706900000000,
"action": "swap",
"intent": { "to": "0x...", "value": "0", "data": "0x..." },
"guardResult": { "allowed": true },
"outcome": "confirmed",
"txHash": "0x..."
}
```
Use `history` command to view recent transactions.
## Troubleshooting
### "Protocol not allowed"
Add the contract address to `allowedProtocols` in permissions.json.
### "Exceeds daily limit"
Wait 24h or increase `spendLimit.daily`.
### MetaMask popup not detected
Ensure the browser profile path is correct and MetaMask is installed.
### Transaction simulation failed
The dapp may be trying to call a blocked method or unsupported chain.
## Architecture
```
src/
├── index.ts # Main entry point
├── browser.ts # Playwright browser management
├── wallet.ts # MetaMask interaction primitives
├── guard.ts # Permission enforcement
├── logger.ts # Transaction logging
├── price.ts # USD price estimation
├── types.ts # TypeScript types
└── config.ts # Configuration loading
```
## Integration with Gator
When Gator accounts are available, permissions.json can be replaced with on-chain permission attestations. The guard will validate against Gator's permission registry instead of local config.