blockpi-rpc.skill
v1.0.1Multi-protocol BlockPI access skill for discovering documented methods, routing requests by protocol, mapping RU pricing, and calling BlockPI endpoints acros...
⭐ 0· 89·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the included assets: a protocol catalog, routing guidance, and a call driver script (scripts/call_blockpi.py). The packaged references (rpc_catalog.json, protocol_matrix, pricing_notes) and the script's functions (method lookup, protocol inference, HTTP/JSON-RPC/GraphQL/gRPC driving) are coherent with the declared purpose.
Instruction Scope
SKILL.md stays within the skill's scope (method discovery, protocol routing, and invoking BlockPI endpoints) and documents how endpoints are saved and used. However, the README/SKILL.md explicitly tells users to 'copy endpoint and send it to your AI Chat' — this promotes sharing API keys/tokens into chat history and is a user-behavior risk. The skill reads/writes only its packaged reference files and its own state/ directory; it does not instruct reading unrelated host files. The docs also include a promotional discount code and an installation hint that clones from a GitHub repo (expected).
Install Mechanism
There is no external install spec; the skill is instruction + bundled files. No remote downloads or URL-based installers are used. The only runtime dependency called out is an external grpc client (grpcurl) for gRPC scenarios, which is documented and expected for the described capability.
Credentials
The skill requests no environment variables or external credentials from the platform. It does persist user-provided endpoints (URLs that commonly include API keys/tokens) into state/endpoints.json and stores a local base64 key in state/.endpoints.key; the code encrypts the stored endpoints locally with an HMAC-derived stream cipher and file is created with 0o600, which is reasonable. Users should be aware that supplying endpoints to the skill means those secrets will be held locally by the skill.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. Persistence is limited to its own state/ directory (endpoints.json and .endpoints.key) and the code migrates legacy plaintext to an encrypted envelope. The skill does not modify other skills or system-wide configs.
Scan Findings in Context
[base64-block] expected: The code uses base64 for encoding/decoding the local key and encrypted payload (base64.urlsafe_b64encode/decode). Finding is consistent with the implemented local encryption of endpoints.
[unicode-control-chars] expected: The markdown files contain HTML entities and some non-ASCII characters in documentation (pricing_notes.md contains HTML hints/entities). This is benign formatting rather than an active injection in code.
Assessment
This skill appears to do what it says: local catalogs + a Python driver to call BlockPI endpoints and persist per-chain endpoints. Before installing, consider: (1) Do not paste real API keys or tokens into public chat — the README encourages 'copy endpoint and send it to your AI Chat', which would leak secrets. Prefer passing endpoints directly to the skill runtime in a private, secure channel. (2) The skill will store any provided endpoints (and tokens embedded in them) under state/endpoints.json (encrypted) and a local key at state/.endpoints.key — keep that directory private and do not commit it to source control. (3) If you rely on gRPC calls, install and vet grpcurl yourself; the script spawns subprocesses for grpcurl (documented as non-shell invocation, but verify on your platform). (4) Review the large rpc_catalog.json if you need to ensure the catalog content is appropriate. If you want stronger assurance, inspect the remainder of call_blockpi.py not shown here to confirm subprocess argument handling and network behavior, and avoid sending secrets into chat history.Like a lobster shell, security has layers — review code before you run it.
latestvk9761e3gqx3kay1yg8sv7pzvg984kejz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.