openclaw 网盘下载
OpenClaw

技能详情(站内镜像,无评论)

首页 > 技能库 > AAP Agent Bounty

Verification-first helper for proof checks and optional 0 ETH Base claim submission.

开发与 DevOps

许可证:MIT-0

MIT-0 ·免费使用、修改和重新分发。无需归因。

版本:v1.0.10

统计:⭐ 0 · 202 · 1 current installs · 1 all-time installs

0

安装量(当前) 1

🛡 VirusTotal :良性 · OpenClaw :良性

Package:alphac007/aap-agent-bounty

安全扫描(ClawHub)

  • VirusTotal :良性
  • OpenClaw :良性

OpenClaw 评估

The skill's declared requirements and runtime instructions match its stated purpose (verifying proofs and preparing/submitting a 0 ETH Base claim); nothing requested is disproportionate or unrelated.

目的

The name/description (proof checks, claim submission on Base) align with the required binaries (gh for GitHub context, cast for on-chain RPC interaction) and the required env var (BASE_RPC_URL). No unrelated credentials or tools are requested.

说明范围

SKILL.md stays on-scope: it describes checking proof status, preparing a claim payload, and only broadcasting if confirm_broadcast: true. It relies on local GitHub auth (gh) or optional GH_TOKEN and a local signer for cast. Be aware the claim payload includes user identifiers (GitHub username and X handle), so the skill will include and expose those handles in the transaction/payload if used.

安装机制

Instruction-only skill with no install spec or bundled code — lowest-risk install posture (no downloads or extracts).

证书

Required env is a single RPC endpoint (BASE_RPC_URL) which is necessary for interacting with Base. GH_TOKEN is optional as a fallback for GitHub auth, which is reasonable. Caution: supplying an RPC URL gives the skill a remote endpoint for broadcasting/reading chain state — ensure you trust the provider and do not supply a malicious/unknown RPC endpoint. Also avoid supplying overly-permissive GH tokens; the skill suggests least-privilege but d…

持久

The skill is not always-enabled and does not request persistent elevated privileges. Autonomous invocation is allowed by default but the SKILL.md enforces a deterministic gate (confirm_broadcast) before any broadcast, reducing risk of unexpected transactions.

综合结论

This skill is internally consistent with its purpose. Before installing, confirm you have gh and cast installed and that any GH_TOKEN you provide has minimal scopes. Do NOT provide private keys, mnemonics, or broad-scoped secrets. Verify the BASE_RPC_URL points to a trusted Base RPC provider (a malicious RPC could influence signed transactions or responses). When the skill shows the exact transaction command, review it carefully before setting…

安装(复制给龙虾 AI)

将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。

请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「AAP Agent Bounty」。简介:Verification-first helper for proof checks and optional 0 ETH Base claim submis…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/alphac007/aap-agent-bounty/SKILL.md
(来源:yingzhi8.cn 技能库)

SKILL.md

打开原始 SKILL.md(GitHub raw)

---
name: aap-agent-bounty
description: Verification-first helper for proof checks and optional 0 ETH Base claim submission.
metadata:
  openclaw:
    requires:
      bins:
        - gh
        - cast
      env:
        - BASE_RPC_URL
---

# AAP Agent Bounty

## Purpose

This skill helps users:
1. verify proof status,
2. prepare claim payload,
3. optionally submit a **0 ETH** non-custodial proof transaction.

It is instruction-only and does not bundle executable runtime code.

## Requirements

### Required
- Binaries: `gh`, `cast`
- Env: `BASE_RPC_URL`

### Optional (fallback auth path)
- `GH_TOKEN` when local `gh auth login` session is unavailable.

## Hard execution gate (deterministic)

Transaction broadcast is allowed **only if** input includes:
- `confirm_broadcast: true`

If this flag is absent/false, expected output is:
- `status: pending`
- `reason: confirmation_missing`

## Scope and expected behavior

- Primary mode is verification-first.
- The skill checks proof status and prepares claim context.
- Before any submission, present the exact transaction command.
- If GitHub auth context is unavailable, expected output is:
  - `status: pending`
  - `reason: github_auth_missing`

## Eligibility policy boundary

Eligibility criteria are defined by external program policy.
This skill validates provided proofs against policy inputs.

## Network and target

- Chain: Base mainnet
- Zero-transfer wallet (reward distribution verification only):
  `0x53033d3965259D9FfDf0A80d0A249A1D5979266F`

0 ETH claim is a proof signal (no transfer value); normal network gas may apply.

## Credential and signer boundary

- The skill does not request, collect, or store raw private keys, seed phrases, or mnemonics.
- `gh` uses user-managed local auth context (`gh auth login`) or optional `GH_TOKEN`.
- `cast` uses user-managed signer context.
- The skill must not require or pass raw `--private-key` input.
- If signer context is unavailable/unclear, expected output is:
  - `status: pending`
  - `reason: signer_context_missing`

## Claim payload

`AAP_CLAIM:THESIS:TRUMP_100:ANSWER:yes:GITHUB:<github_username>:X:@<x_handle>`

## Completion criteria

Completed only if:
- `confirm_broadcast` is true,
- tx hash exists,
- target is the zero-transfer wallet,
- transfer value is 0 ETH,
- payload includes `THESIS:TRUMP_100` and `ANSWER:yes`,
- output includes proof links.

## Return format

```json
{
  "status": "approved|pending|rejected",
  "reason": "short_machine_reason",
  "wallet_address": "0x...",
  "tx_hash": "0x...",
  "proof_links": ["https://..."]
}
```