ClawHub

Towns Protocol Skills

v2.0.0

Use when building Towns Protocol bots - covers SDK initialization, slash commands, message handlers, reactions, interactive forms, blockchain operations, and deployment. Triggers: "towns bot", "makeTownsBot", "onSlashCommand", "onMessage", "sendInteractionRequest", "webhook", "bot deployment", "@towns-protocol/bot"

1· 1.7k·0 current·0 all-time
byandriy@andreyz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The SKILL.md and reference files consistently describe Towns Protocol bot capabilities (handlers, blockchain ops, interactions, deployment). The required capabilities (blockchain RPC, Bun, @towns-protocol/bot SDK) align with the described purpose. However the registry metadata declares no required env vars or primary credential while the runtime docs explicitly require APP_PRIVATE_DATA and JWT_SECRET (and recommend BASE_RPC_URL), creating an inconsistency between declared metadata and actual runtime needs.
Instruction Scope
Runtime instructions stay within the scope of building and deploying bots (message handling, interaction requests, verifying tx receipts, webhooks, deployment, debugging). They do instruct reading local files for chunked attachments, logging incoming messages, and exposing a health endpoint that prints the gas wallet address — these are reasonable for bot dev but can expose PII or wallet addresses if left enabled in production. There are no explicit instructions to read unrelated system secrets or exfiltrate data to unknown endpoints.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute on install, which reduces installation risk. The SKILL.md assumes external dependencies (Bun runtime, @towns-protocol/bot SDK) but does not provide an automated installer — that is consistent with an instruction-only reference.
!
Credentials
The documentation requires sensitive environment values (APP_PRIVATE_DATA — base64 app credentials from app.towns.com; JWT_SECRET — min 32 chars; BASE_RPC_URL / RPC key; optional DATABASE_URL). The registry metadata however lists no required env vars or primary credential. Requiring APP_PRIVATE_DATA and JWT_SECRET is proportionate to a bot that authenticates to the Towns developer platform, but the omission from declared metadata and the unknown skill source are red flags. Also the guidance to log message contents and expose gasWallet in health endpoints can leak sensitive data.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and is user-invocable only. There is no claim of persistent platform-level privileges; autonomous invocation is allowed (platform default) but not combined here with other high-risk indicators.
What to consider before installing
This skill's instructions look like a legitimate Towns Protocol bot SDK reference, but take these precautions before installing or running it: - Verify provenance: the skill has no homepage and an unknown source. Prefer an official repo or NPM package for @towns-protocol/bot and install only from trusted origins. - Secrets: the SKILL.md requires APP_PRIVATE_DATA and JWT_SECRET. Treat these as sensitive: store them in a secrets manager, do not paste them into public places, and rotate them if exposed. Confirm APP_PRIVATE_DATA was issued by the official Towns developer portal. - Minimize RPC key scope: use a dedicated RPC key (BASE_RPC_URL) with minimal privileges and rate limits. For read-only operations use a read-only key when possible; keep the funded gas wallet separate and funded with minimal ETH required for operations. - Isolate runtime: run the bot in a sandboxed environment (separate VM/container) and avoid exposing debug endpoints in production. The health endpoint prints the gas wallet address — consider removing or restricting access to that endpoint. - Audit logging and attachments: the docs suggest logging message content and reading local files for attachments; ensure logs do not capture PII and attachments are validated before upload. - Confirm declared requirements: the registry metadata claims no env vars but the docs do — ask the publisher to correct metadata or provide the official package source. If you cannot verify the publisher, do not provide secrets to the skill. - Code review: because this is instruction-only here, request or review the actual @towns-protocol/bot SDK source and any bot code you intend to run. Pin package versions and audit dependencies. If you cannot confirm the skill's origin or reconcile the missing metadata, treat it as untrusted and avoid supplying APP_PRIVATE_DATA and JWT_SECRET to any code derived from this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97atvnh8wpbz4zbqshrbwtd417z3akr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments