ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Wallet Twin Court

v1.0.1

Use this skill when the user wants to put a Solana wallet on trial, identify the action most likely to cause regret tomorrow, return a verdict, and only then...

0· 106·0 current·0 all-time
by@richard7463

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for richard7463/wallet-twin-court.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Wallet Twin Court" (richard7463/wallet-twin-court) from ClawHub.
Skill page: https://clawhub.ai/richard7463/wallet-twin-court
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install wallet-twin-court

ClawHub CLI

Package manager switcher

npx clawhub@latest install wallet-twin-court
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's stated purpose is to judge a Solana wallet and produce a single verdict; the SKILL.md stays on that topic. However it explicitly expects an 'OKX OnchainOS' factual layer (Wallet/Market/Trade/Broadcast) without declaring any credentials or dependency; this is an implicit runtime dependency rather than an explicit requirement. That mismatch is plausible if the agent platform already provides OnchainOS, but it should be documented.
!
Instruction Scope
Runtime instructions require POSTing the wallet address to a public endpoint (https://todays-orders.vercel.app/api/todays-orders) and basing the court verdict on the returned JSON. Sending wallet addresses to an external third party is a clear privacy/data‑exfiltration risk. The instructions otherwise remain scoped to wallet analysis, quotes, previews and optionally execution, and do not ask for unrelated host files or secrets. The skill also defers signing/broadcasting to the client environment but lacks specifics on how signing will be gated.
Install Mechanism
This is an instruction‑only skill with no install spec and no code files; nothing is written to disk by the skill itself. That reduces install risk.
!
Credentials
The skill requests no environment variables or credentials in the registry metadata, yet requires access to OnchainOS capabilities (including Trade and Broadcast). This implicit need for signing/broadcast capability is not declared. Additionally, the skill transmits wallet addresses to an external service — a sensitive action not justified by declared environment requirements.
Persistence & Privilege
The skill is not always‑on and does not request elevated platform privileges. It does not request to modify other skills or system config. Autonomous invocation is enabled by default on the platform but that is normal and not by itself a concern here.
Scan Findings in Context
[no-findings] expected: The static regex scanner found nothing. This is expected because the skill is instruction‑only (no code files) so there was nothing for the pattern scanner to analyze. The primary risk comes from the instructions (network call to a third‑party endpoint).
What to consider before installing
This skill is coherent with its stated goal of producing a pre‑trade verdict for a Solana wallet, but it sends the wallet address to a third‑party endpoint you may not control. Before installing or invoking it, confirm: (1) Who operates https://todays-orders.vercel.app and what is their privacy/data retention policy? (2) Does your platform already provide the 'OKX OnchainOS' connector the skill expects, and will any signing/broadcast require your explicit confirmation? (3) Test the skill with an empty/throwaway wallet address first. If you plan to use a real wallet, never allow the skill to perform broadcasts unless you explicitly approve the exact signed transaction; prefer preparing previews locally and signing in your own wallet interface. If you cannot verify the court endpoint operator or you are concerned about exposing wallet addresses, do not use this skill with production funds.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eca6zwkan9gj2mnmr17fj7h83kj3b
106downloads
0stars
2versions
Updated 1mo ago
v1.0.1
MIT-0
@richard7463
latest
Download

Wallet Twin Court

Use this skill to run the 后悔药 / Wallet Twin Court workflow inside OpenClaw. The job is not to produce many ideas. The job is to put one wallet on trial and compress the result into:

  • 你的后悔体质
  • 今日被起诉的操作
  • 法庭裁决
  • 执行前审理
  • 判后报告

This skill is designed for OpenClaw x OKX OnchainOS.

Public endpoint:

  • Court API: https://todays-orders.vercel.app/api/todays-orders

When to use it

  • The user wants a pre-trade judgment for one Solana wallet.
  • The user asks what action they are most likely to regret tomorrow.
  • The user wants one verdict instead of many trade ideas.
  • The user wants one explicit prosecuted action written down.
  • The user wants a quote-backed hearing before execution.
  • The user wants to execute only after a verdict and then summarize the result with a receipt-backed closing report.

Core law

Every response must obey this rule:

Every action must go through court first. High-regret trades do not get clearance.

Required capabilities

Use OKX OnchainOS as the factual layer:

  • Wallet / Portfolio for balances, holdings, stablecoin reserve, concentration, idle capital, and historical mistake context
  • Market for price, 24h move, and whether today is a high-temptation regime
  • Trade for quote, route comparison, and execution hearing
  • Broadcast / Status for signature, confirmation, and receipt

Do not invent holdings, quotes, routes, or receipts.

Do not substitute this skill with miraix-wallet-roast. Do not call https://app.miraix.fun/api/wallet-audit. Do not append the wallet roast share card URL. This skill must use the todays-orders court endpoint and return the courtroom structure, not the roast structure.

Workflow

  1. Extract one Solana wallet address. If none is provided, ask for it.
  2. Run:
curl -sS -X POST https://todays-orders.vercel.app/api/todays-orders \
  -H 'Content-Type: application/json' \
  -d '{"walletAddress":"<wallet-address>"}'
  1. Base the answer on the returned JSON.
  2. Read the wallet dossier first:
    • total wallet value
    • top holdings
    • stablecoin reserve
    • concentration
    • idle capital
  3. Build the wallet twin's regret profile:
    • what kind of mistake is most likely today
    • whether today is a chase, revenge, over-rotation, or watch-only day
  4. Prosecute exactly one action that should not happen today.
  5. Return exactly one verdict:
    • approve
    • probation
    • size-cap
    • reject
  6. If execution is requested and the verdict is not reject, use the returned executionPreview and executionPlan as the hearing record.
  7. Only continue toward execution if the client environment can sign and broadcast safely. Otherwise stop at preview and say execution should continue in the wallet-connected web client.
  8. Close with a final report based on the actual state:
  • preview report if not executed
  • receipt-backed report if executed

Important returned fields:

  • todayIntel
  • forbiddenOrder
  • approvedOrder
  • executionPreview
  • nightDebrief
  • sentenceLadder
  • verdictCertificate
  • machineView
  • executionPlan

Fixed output

Always return the result in this order:

  1. 你的后悔体质
    • one-line profile
    • wallet summary
    • 2-3 evidence bullets
  2. 今日被起诉的操作
    • one explicit action the court is prosecuting today
  3. 法庭裁决
    • exactly one verdict, or explicitly say no action is cleared
  4. 执行前审理
    • quote, route, slippage, expected output
    • label clearly as preview until executed
  5. 判后报告
    • preview report if not executed
    • receipt-backed report if executed

Output guidance

  • Keep the tone disciplined and procedural.
  • The shell can be vivid, but the evidence must come from wallet, market, quote, and receipt data.
  • Do not output 评分 unless that field truly exists in the court API output.
  • Do not output a roast-style 分享卡片 URL.
  • Do not rename the sections into wallet roast headings.
  • If no clean setup exists, return reject or watch-only and explain why.
  • Do not treat simulation as execution.
  • If the user asks to execute, ask for final approval before broadcast.

Comments

Loading comments...