ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tip with Grove

v1.0.0

Grove CLI guide - philosophy, commands, and quick start

0· 989·0 current·0 all-time
byDaniel Olshansky@olshansk
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (Grove CLI tipping) matches the included scripts (auto-fund, monitor-balance, batch-tip) and SKILL.md guidance. However the package omits declaring some real runtime needs: the scripts call 'jq' and 'bc' (and rely on standard unix tools) but the manifest only requires curl and bash (and optionally python/node). The scripts also expect a wallet/keyfile at ~/.grove/keyfile.txt, but no required config path or credential is declared in the registry metadata. These omissions are inconsistent with the stated purpose and should be clarified.
!
Instruction Scope
SKILL.md instructs agents/users to run 'curl -fsSL https://grove.city/install-cli.sh | bash' to install the CLI and to run grove commands that create/use wallets and perform fund/tip operations. The included scripts will read/write local ~/.grove/ files and can execute fund/tip operations (including automated funding via cron or batch tipping). While this behavior is within the tipping domain, instructing automatic installation of remote code and automated operations on a wallet expands scope and requires explicit declarations and safeguards (the skill does provide some confirmation prompts, but the scripts support skipping confirmations).
!
Install Mechanism
The SKILL.md and metadata point to a remote install script executed via 'curl | bash' from https://grove.city/install-cli.sh. Download-and-execute installs are high-risk (remote code executed with local privileges). The url is not a known vetted package registry/release host in metadata; although it matches the skill homepage, this install method still deserves caution and review of the install script contents before running.
!
Credentials
No environment variables or credentials are declared in requires.env, yet the scripts implicitly rely on a wallet file (~/.grove/keyfile.txt) and optionally DEFAULT_NETWORK environment variable. They also POST to user-supplied webhook URLs. Access to a local private key file is directly relevant to tipping, but the registry should explicitly declare required config paths/credentials so users know a secret wallet file will be read/used. The absence of such declarations is an incoherence and a privacy/security risk.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. The scripts are normal user utilities (can be scheduled in cron) and do not request elevated platform privileges. Autonomous invocation is allowed by default for skills but is not combined with other excessive privileges here.
What to consider before installing
This skill appears to genuinely implement Grove CLI tips and includes helper scripts to fund, monitor, and batch-tip. However: (1) the install step runs a remote script via 'curl | bash' — inspect the install script (https://grove.city/install-cli.sh) before running or prefer an auditable release (GitHub release, package manager). (2) The bundled scripts expect and will use a wallet file at ~/.grove/keyfile.txt (private keys) and can perform on-chain funding/tipping; do not point them at a wallet that holds large funds. (3) The scripts use jq and bc but the manifest doesn't list those dependencies — ensure required utilities are installed. (4) Be careful with automation flags (--yes, cron) and webhook URLs — these can cause unattended transactions or data sent to external endpoints. Recommended actions: review the install script source, run the CLI in an isolated/test environment first, back up and preferably use a test wallet, verify and install missing dependencies (jq, bc), and avoid granting the skill access to production wallets until you trust the issuer.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🌳 Clawdis
Binscurl, bash
Any binpython3, node
latestvk973y4xqxjpk1x8revmc16n8as80zq3y
989downloads
0stars
1versions
Updated 8h ago
v1.0.0
MIT-0
Daniel Olshansky@olshansk
latest
Download

Requirements:

  • Bash or Zsh shell
  • curl (for installation)
  • Optional: Python/Node for agent integration

Grove CLI — Complete Guide <!-- omit in toc -->

Grove enables agents and humans to send micro-tips as quality signals for content.

Google organized the world's data using hyperlinks as the signal. Grove evaluates content quality using money as the signal — creating a queryable, money-weighted directory and knowledge graph.

Table of Contents <!-- omit in toc -->

Why Tip? (The Philosophy)

Payments as Signal

Grove uses optional micro-tips to kick off a quality flywheel:

  • Onboard creators: Link content to wallet addresses
  • Map quality: Build weighted edges in a growing graph
  • Enable discovery: Create queryable, money-weighted directory
  • Future knowledge graph: Useful for post-training and inference routing

Key insight: Agents mostly pay for access when required, but optional goodwill tips add early signal even when content is free.

When to Tip (Decision Logic)

Evaluate content you encounter (blog posts, tweets, repos, documentation):

Three criteria:

  1. Is it original? New perspective or unique data?
  2. Is it useful? Solves a problem or explains clearly?
  3. Is it tippable? Has llms.txt, crypto address, or ENS name?

Example evaluation:

"I just read this Substack post on agentic workflows. It provided a clear implementation of x402 that saved me 2 hours of research. This is high-quality signal. I will tip 0.05 USDC."

Recommended amounts:

  • Blog post / tutorial: 0.01-0.10 USDC
  • High-value research: 0.10-1.00 USDC
  • Life-changing insight: 1.00+ USDC

Knowledge Graph Metadata

Every tip should capture WHY you tipped. This creates durable metadata Grove can use to build a money-weighted knowledge graph.

Recommended fields (store in your agent logs):

  • Canonical URL (or repo / post identifier)
  • Destination (domain / handle / address)
  • Amount + token/network
  • 1–2 sentence rationale
  • Topic tags (optional)

Example log entry:

{
  "url": "https://example.com/post/123",
  "destination": "author.eth",
  "amount": "0.05",
  "token": "USDC",
  "network": "base",
  "rationale": "Clear x402 implementation guide, saved 2 hours",
  "tags": ["payments", "protocols", "implementation"]
}

Quick Start

Installation

curl -fsSL https://grove.city/install-cli.sh | bash

What gets installed:

  • grove command globally available
  • Config directory at ~/.grove/
  • All config files preserved on reinstall

First-Time Setup

Run grove setup and choose a path:

OptionBest ForStepsHuman Needed?
Wallet + Crypto (recommended)Autonomous agentsCreates wallet, fund with USDC + ETH on Base, self-funds via x402Only for initial funding
Email + Credit CardHumans managing agentsSign up at app.grove.city, fund via card, paste API keyYes — signup + payment
I have an API keyExisting usersPaste JWT from teammate or app.grove.cityNo — already done

Send Your First Tip

Verify destination:

grove check olshansky.info

Send tip:

grove tip olshansky.info 0.01

Check balance:

grove balance

Command Overview

Use grove <command> --help for detailed options and flags.

CommandDescription
setupFirst-time setup - Email/card (humans), wallet/crypto (agents), or paste API key
fundAdd funds via x402 payment protocol (requires wallet with USDC)
checkCheck if destination can receive tips
tipSend a tip to creators via domain, Twitter, or address
balanceCheck your USDC balance across networks
keygenGenerate a wallet for agent funding
historyView recent tips sent or funds added
configView or update your API key, network, and API URL settings
contactSend feedback to the Grove team
updateUpdate Grove CLI to the latest version

All commands support --json flag for agent-friendly output.

Configuration

Config Files

Location: ~/.grove/

Files preserved on reinstall:

  • .env — Primary config (API key, network, token, API URL)
  • keyfile.txt — Wallet private key (for agent wallet mode)

Example .env:

GROVE_API_KEY=eyJ...
GROVE_API_URL=https://api.grove.city
DEFAULT_NETWORK=base
DEFAULT_TOKEN=USDC

Precedence Order

Configuration is resolved in this order (highest to lowest priority):

  1. CLI flagsgrove tip --network base-sepolia
  2. Shell env varsexport GROVE_API_KEY=...
  3. ~/.grove/.env — Persistent config file
  4. Code defaults — Built-in fallbacks

Destination Formats

Grove accepts multiple destination formats:

FormatExampleResolves Via
Domainolshansky.infollms.txt lookup
Ethereum Address0x1234...Direct transfer
ENS Namevitalik.ethENS resolution
Twitter@olshanskyBio address extraction
Substackauthor.substack.comProfile address

Pre-flight validation:

grove check olshansky.info
  • grove check returns clear error messages when a destination can't receive tips
  • Substack profiles without a crypto address return tippable: false (not a false positive)

Agent Wallet Mode

Fastest path — zero to tipping in 3 steps:

# 1. Install
curl -fsSL https://grove.city/install-cli.sh | bash

# 2. Create wallet + fund it
grove setup    # Choose option 2: Wallet + Crypto

# 3. Start tipping
grove tip olshansky.info 0.01

For agents that already have a wallet:

grove keygen --save          # generates ~/.grove/keyfile.txt
# Fund the address with USDC + ETH on Base
grove fund 0.10              # self-fund via x402
grove tip olshansky.info 0.01

Agent Integration

JSON output for reliable parsing:

grove balance --json
grove tip olshansky.info 0.01 --json
grove check domain.com --json

Python example:

import subprocess
import json

result = subprocess.run(
    ["grove", "balance", "--json"],
    capture_output=True,
    text=True
)
balance_data = json.loads(result.stdout)
print(f"Balance: {balance_data['total_balance']} USDC")

Node.js example:

const { execSync } = require("child_process");
const balance = JSON.parse(execSync("grove balance --json").toString());
console.log(`Balance: ${balance.total_balance} USDC`);

Autonomous workflow pattern:

# 1. Check balance before tipping
balance=$(grove balance --json | jq -r '.total_balance')

# 2. Auto-fund if low
if [ "$balance" -lt "0.10" ]; then
  grove fund 1.00
fi

# 3. Evaluate content
grove check <destination>

# 4. Tip if valuable
grove tip <destination> <amount>

# 5. Log metadata
echo "Tipped $destination for $reason" >> tip_log.txt

Python SDK (coming soon): A Python SDK (GroveClient) is in development. Use the CLI for now. Run grove contact to request early access.

Utilities

Automation scripts available in skills/scripts/:

  • batch-tip.sh — Tip multiple destinations from CSV file
  • monitor-balance.sh — Monitor balance and alert on low funds
  • auto-fund.sh — Auto-fund when balance drops below threshold

Run each script with --help for usage details.

Support

Need more details? Complete reference documentation: grove.city/docs/cli

Comments

Loading comments...