ClawHub

Guardrail Agent Smart Account Wallets

v1.1.1

Give AI agents on-chain spending guardrails. Deploy ERC-4337 smart accounts with policy-enforced limits — agents cannot move funds beyond what you authorize,...

0· 513·0 current·0 all-time
byShawn Wollenberg@shawnwollenberg
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description request JSON-RPC access and a signing mode; the required env vars (GUARDRAIL_CHAIN_ID, GUARDRAIL_RPC_URL, GUARDRAIL_SIGNING_MODE) match the stated on-chain deployment/signing needs. Optional secrets (signer endpoint/token, dashboard API key) are appropriate for the described management and signing modes.
Instruction Scope
SKILL.md is an instruction-only spec that stays on-topic: it explains building UserOperations, on-chain validation, and management via the AgentGuardrail API. It explicitly forbids asking for private keys in chat and instructs read-only operation when signing is not configured. Note: the instructions include sending transactions/validation requests to external endpoints (agentguardrail.xyz or an external signer) — this is expected for the purpose but is an important external-data flow to review before use.
Install Mechanism
No install spec and no code files — instruction-only skills have minimal filesystem/install risk. Nothing is downloaded or executed by default.
Credentials
The requested environment variables are proportional and well-justified for on-chain operations. Marking GUARDRAIL_RPC_URL as primary is reasonable (RPC endpoints often contain API keys). Optional signer endpoint and auth token are appropriate only when using external_signer.
Persistence & Privilege
The skill is not 'always' enabled and requires user invocation. It doesn't request system or other-skill config paths, nor does it demand persistent privileges beyond connection strings and optional API tokens.
Assessment
This skill appears internally consistent, but review these operational risks before installing: 1) Vet the AgentGuardrail service and any external signer you use (hosting, auth, audit, revocation). 2) Never paste private keys; prefer external signers, wallet prompts, or short-lived session keys as documented. 3) Treat GUARDRAIL_RPC_URL and any signer auth tokens as sensitive and store them in secure secret storage. 4) Test on a non-production chain (e.g., Sepolia/testnet) to verify deployed contracts and policies behave as you expect. 5) If you plan to self-host components or override GUARDRAIL_API_URL, audit the code and contracts you will interact with. Finally, consider limiting or disabling autonomous agent invocation for any skill that can prepare transactions unless you trust the signing workflow and governance around it.

Like a lobster shell, security has layers — review code before you run it.

latestvk976r56g57s5f82cp8bsej51zh83ytpy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡 Clawdis
EnvGUARDRAIL_CHAIN_ID, GUARDRAIL_RPC_URL, GUARDRAIL_SIGNING_MODE
Primary envGUARDRAIL_RPC_URL

Comments