首页 / 技能 / X Layer Execution Guard — 技能工具

📦 X Layer Execution Guard — 技能工具

v1.0.1

Complete pre-execution judgment + post-execution proof pipeline for autonomous AI agents with closed-loop validation

0· 38·0 当前·0 累计
richard7463 头像by @richard7463·MIT-0
AI模型访问安全加密CI/CDDevOps
下载技能包
License
MIT-0
最后更新
2026/4/15
0
安全扫描
VirusTotal
无害
查看报告
OpenClaw
可疑
medium confidence
The skill's code implements an OnchainOS route-judging and wallet execution guard as described, but metadata and runtime instructions disagree about required credentials and there are a few proportionality and disclosure gaps you should clear before using it with real keys or a live wallet.
评估建议
This skill implements exactly what it claims (route checks, honeypot detection, simulated proof, and optional live execution), but it will use signed OnchainOS/OKX API credentials and may invoke a local onchainos CLI to operate a wallet. Before installing or running with real keys: 1) Do not supply API keys unless you trust the skill—review the full _execute_trade implementation (not shown in the truncated listing) and any subprocess calls to confirm no secret exfiltration. 2) Prefer proof mode ...
详细分析 ▾
用途与能力
The skill's name/description (OnchainOS DEX route judgment, honeypot/impact checks, proof artifacts, optional Agentic Wallet execution) matches the bundled Python code: a Route Referee client, an ExecutionGuard pipeline, and scripts to run and check the wallet. However the registry metadata declared no required environment variables or primary credential while SKILL.md and the runtime client clearly require ONCHAINOS_API_KEY / ONCHAINOS_API_SECRET / ONCHAINOS_API_PASSPHRASE (and accept OKX_* aliases). This metadata omission is an incoherence and reduces transparency.
指令范围
SKILL.md confines runtime steps to token discovery, quotes, simulated proof, and (with explicit approval) onchain execution via the 'onchainos' CLI or the OnchainOS HTTP API. The instructions encourage default 'proof' mode and require explicit approval for live wallet execution. That scope aligns with the code. A caveat: the runtime will call external network APIs (default base https://web3.okx.com) and may invoke the local onchainos CLI (scripts/check_agentic_wallet.py uses subprocess). The SKILL.md accurately documents these behaviors but does not fully manifest in the registry metadata.
安装机制
No network download/install spec is included; the skill is instruction+bundled Python code. requirements.txt only lists 'requests'. No third-party install URLs, extract steps, or obscure external installers are present.
凭证需求
The runtime client reads and uses API credentials (ONCHAINOS_API_KEY / ONCHAINOS_API_SECRET / ONCHAINOS_API_PASSPHRASE) and proxy/timeouts; it also accepts OKX_* environment aliases. Those credentials are proportionate to performing signed OnchainOS/OKX API calls, but the skill registry metadata claimed no required env vars — an important omission. The code will sign requests with your API secret (HMAC) and will use any provided onchainos CLI that may access local wallets. This requires explicit, informed user consent before supplying secrets or allowing live execution.
持久化与权限
The skill does not request persistent 'always' inclusion, does not modify other skills, and contains no install-time changes or writing to unrelated system-wide configs. It uses the local runtime and may call onchainos if present; that is expected for its purpose.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.0.12026/4/15

**Expanded pre-execution guard with runtime and CLI support** - Added dedicated Python runtime and CLI scripts for guarded execution and environment checks. - Introduced detailed operating rules for simulation (proof mode), agentic-wallet execution, and handling missing API credentials. - Clear split between mock output vs. live proof; ensures users distinguish real/wallet actions from simulation. - Updated documentation for OpenClaw and ClawHub quick-start, environment setup, wallet requirements, and error handling. - Outputs now include stepwise pre-execution judgment, post-execution proof, and closed-loop validation artifacts.

无害

安装命令

点击复制
官方npx clawhub@latest install xlayer-execution-guard
镜像加速npx clawhub@latest install xlayer-execution-guard --registry https://cn.longxiaskill.com

技能文档

Use this skill to turn an agent swap intent into a guarded execution decision and proof artifact.

The installed skill includes its own Python runtime in runtime/ and two scripts in scripts/:

  • scripts/run_execution_guard.py runs the guard CLI.
  • scripts/check_agentic_wallet.py checks whether onchainos and Agentic Wallet are reachable.

Operating Rules

  • Default to --no-execute or --execution-mode proof while evaluating a request.
  • Only use --live or --execution-mode agentic-wallet after explicit user approval for a real wallet action.
  • Treat proof mode as simulated execution evidence. Only agentic-wallet mode can return a real transaction hash.
  • If OnchainOS API credentials are missing, the runtime returns a mock install-smoke result. Do not present mock output as live proof.
  • For live X Layer runs, use chain 196 unless the user explicitly chooses another chain.

OpenClaw Quick Start

Set the skill directory first. In OpenClaw it is usually:

SKILL_DIR="$HOME/.openclaw/skills/xlayer-execution-guard"

If installed into a local workdir with ClawHub, use:

SKILL_DIR="$PWD/skills/xlayer-execution-guard"

Install the only runtime dependency if needed:

python3 -m pip install --user -r "$SKILL_DIR/requirements.txt"

Check the Agentic Wallet environment:

python3 "$SKILL_DIR/scripts/check_agentic_wallet.py"

Run a safe pre-execution judgment:

PYTHONPATH="$SKILL_DIR/runtime" python3 "$SKILL_DIR/scripts/run_execution_guard.py" \
  --agent strategy-office \
  --intent-id strategy-office-round-001 \
  --from USDC \
  --to USDT \
  --amount 10 \
  --amount-mode readable \
  --slippage 0.5 \
  --max-impact 1.20 \
  --no-execute \
  --output guard-proof.json

Run proof-mode closed-loop evidence without touching the wallet:

PYTHONPATH="$SKILL_DIR/runtime" python3 "$SKILL_DIR/scripts/run_execution_guard.py" \
  --agent strategy-office \
  --intent-id strategy-office-proof-001 \
  --from USDC \
  --to USDT \
  --amount 10 \
  --amount-mode readable \
  --execution-mode proof \
  --output guard-proof.json

Run a live Agentic Wallet execution only after user approval:

PYTHONPATH="$SKILL_DIR/runtime" python3 "$SKILL_DIR/scripts/run_execution_guard.py" \
  --agent strategy-office \
  --intent-id strategy-office-live-001 \
  --from USDC \
  --to USDT \
  --amount 10 \
  --amount-mode readable \
  --slippage 0.5 \
  --execution-mode agentic-wallet \
  --wallet default \
  --chain 196 \
  --output guard-live-proof.json

--live is an alias for --execution-mode agentic-wallet.

Required Environment

For real OnchainOS route judgment, export API credentials in the OpenClaw environment or ~/.config/onchainos.env:

export ONCHAINOS_API_KEY="..."
export ONCHAINOS_API_SECRET="..."
export ONCHAINOS_API_PASSPHRASE="..."
export ONCHAINOS_CHAIN_INDEX="196"

For live wallet execution, onchainos must be installed and logged in:

onchainos wallet login
onchainos wallet status

What The Guard Checks

The runtime uses OnchainOS DEX Aggregator APIs for:

  • token discovery through /api/v6/dex/aggregator/all-tokens
  • liquidity source discovery through /api/v6/dex/aggregator/get-liquidity
  • aggregated and per-DEX quote comparison through /api/v6/dex/aggregator/quote

The output includes:

  • pre_execution.verdict: execute, resize, retry, or block
  • pre_execution.checks: quote availability, price impact, fallback coverage, token tax, honeypot flags, gas and fee fields
  • execution.status: simulated_success, success, broadcasted, failed, or not_executed
  • post_execution.proof_id and moltbook_summary
  • closed_loop_validation: whether the pre-execution verdict matched the post-execution outcome

Failure Handling

  • Missing API credentials: output is mock mode and suitable only for install verification.
  • wallet_ready=false: run onchainos wallet login in the same OpenClaw environment.
  • verdict=block: do not execute; show the block reason.
  • verdict=resize: execute only if the user accepts the resized risk outcome.
  • Live execution returns no tx hash: preserve the full JSON output and inspect execution.error.
数据来源ClawHub ↗ · 中文优化:龙虾技能库