ClawHub

BaseCred

v1.0.0

Fetch onchain reputation profiles via BaseCred SDK (Ethos, Talent Protocol, Farcaster/Neynar). Use when the user wants to check wallet reputation, builder score, creator score, Ethos credibility, or Farcaster account quality for any 0x address. Supports multi-source unified profiles with level derivation and recency tracking.

3· 1.6k·0 current·0 all-time
byMr. TeeClaw@callmedas69

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for callmedas69/basecred.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "BaseCred" (callmedas69/basecred) from ClawHub.
Skill page: https://clawhub.ai/callmedas69/basecred
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install basecred

ClawHub CLI

Package manager switcher

npx clawhub@latest install basecred
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name/description align with the code and SKILL.md: it loads basecred-sdk and queries Ethos, Talent Protocol, and optionally Neynar/Farcaster. One discrepancy: registry metadata lists 'Required env vars: none' but SKILL.md and the script require TALENT_PROTOCOL_API_KEY (mandatory) and NEYNAR_API_KEY (optional). This is likely an authoring omission in metadata, not a functional mismatch.
Instruction Scope
SKILL.md instructs running the included script from the workspace and to parse its JSON output — consistent with the script. The script walks up from cwd to find node_modules/basecred-sdk and to locate a .env file (up to 5 levels) and merges its key/value pairs into process.env. That behavior is necessary to pick up API keys in a workspace .env, but it means the script will read any .env it encounters (potentially containing unrelated secrets) and make them available to the process and to the imported SDK.
Install Mechanism
No install spec is provided by the skill itself; it expects the workspace to contain the npm package basecred-sdk (user runs 'npm i basecred-sdk'). This is a low-risk, typical pattern — network activity happens via the SDK package on npm, so the main supply-chain review point is that npm package.
Credentials
Requested credentials (TALENT_PROTOCOL_API_KEY required, NEYNAR_API_KEY optional) are proportionate to querying Talent Protocol and Neynar/Farcaster. However, the script's generic .env loading can import any keys present in workspace .env files, so unrelated secrets stored there would be exposed to the script and the SDK at runtime. The skill's registry metadata failing to declare these required env vars is an inconsistency.
Persistence & Privilege
The skill does not request persistent inclusion (always:false), does not write to global agent config, and has no install spec that modifies system-wide settings. It runs only when invoked.
Assessment
This skill appears to do what it claims, but take these precautions before installing: (1) Provide a TALENT_PROTOCOL_API_KEY and optionally a NEYNAR_API_KEY — the registry metadata omitted these; the script will fail without the Talent key. (2) Review the basecred-sdk npm package source (or lockfile) before installing — the skill dynamically imports that package from your workspace and it will perform the network calls. (3) Avoid placing unrelated or high‑value secrets in the workspace .env; the script walks up directories and will load any .env it finds, making those values available to the process and the SDK. (4) Run the skill in an isolated workspace (or container) if you are unsure about the npm package origin, and consider using ephemeral API keys with least privilege.

Like a lobster shell, security has layers — review code before you run it.

latestvk975g1b9nh2qn6fwjjjpn4xdfs80esqa
1.6kdownloads
3stars
1versions
Updated 2mo ago
v1.0.0
MIT-0
Mr. TeeClaw@callmedas69
latest
Download

BaseCred — Onchain Reputation Queries

Prerequisites

  1. Package installed in workspace: npm i basecred-sdk
  2. API keys in workspace .env: 
    TALENT_PROTOCOL_API_KEY=<key>
NEYNAR_API_KEY=<key>          # optional — enables Farcaster scoring
    Ethos Network requires no key.

Quick workflow

  1. Run the query script from the workspace:

    node /path/to/skills/basecred/scripts/query.mjs <0x-address>

    The script auto-locates node_modules/basecred-sdk and .env by walking up from cwd. Run it with cwd set to the workspace.

  2. Parse the JSON output and present results to the user. Use the level tables in references/output-schema.md to translate raw scores into human-readable levels.

Presenting results

Summarize the three facets clearly:

  • Ethos — score + credibility level + review sentiment + vouches. Flag hasNegativeReviews if true.
  • Talent Protocol — builder score/level + creator score/level. Note verified status.
  • Farcaster — quality score (0–1) and whether it passes threshold.
  • Recencyrecent / stale / dormant. Mention if stale or dormant as a caveat.

Highlight actionable signals: e.g. zero vouches on Ethos is an easy win, or a dormant Talent score that needs activity.

Reference

  • Output schema + all level tables: references/output-schema.md — read when you need to map scores → levels or explain the shape of a response.

Comments

Loading comments...