Crypto Analytics
v1.0.1Multi-chain blockchain analytics for wallet balances, transaction history, and address validation. Supports 60+ EVM chains via Etherscan V2, plus Bitcoin and...
⭐ 0· 16·0 current·0 all-time
bySolidMind@solidgea
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and docs align with the stated purpose: Etherscan V2 for many EVM chains, Blockchair for Bitcoin-family chains, and Solana RPC for balances. Token registry, address validator, formatters and API client are coherent with a blockchain analytics tool. Minor oddities: the SKILL.md repository URL is a placeholder (github.com/yourusername/...), and some BASE_URL/endpoint strings differ slightly from docs — these look like documentation stubs rather than malicious intent.
Instruction Scope
The runtime code will search for and parse a .env file in the workspace root and load every key/value into os.environ (not limited to ETHERSCAN_API_KEY). SKILL.md does mention creating a .env for API keys, but the implementation will import any secrets present there (any key=value), which broadens scope beyond just the declared API keys. The code also writes cache files to disk (~/.openclaw/cache/crypto-analytics) — SKILL.md mentions caching but doesn't state the cache location. The skill makes HTTP requests to external APIs (expected) and does not contain hidden remote endpoints, but automatic loading of arbitrary .env content is a scope creep risk.
Install Mechanism
There is no install spec (instruction-only), yet the package contains Python scripts that import requests and optionally python-dotenv. Those runtime dependencies are not declared in registry metadata. Lack of an install/dependency manifest means the environment must already have these packages; it's not a direct supply-chain red flag, but it's a usability/operational mismatch that could cause runtime errors or prompt users to install packages from registries.
Credentials
Registry lists no required env vars, and SKILL.md suggests optional ETHERSCAN_API_KEY/BLOCKCHAIR_API_KEY. The implementation will, however, parse any .env and set all keys into os.environ — potentially exposing unrelated secrets in the workspace to the skill's runtime. While the skill doesn't appear to exfiltrate secrets to hidden endpoints, it will use any found keys when calling external APIs (which may be expected for API keys). This behavior increases the skill's access to credentials beyond what the registry declares.
Persistence & Privilege
The skill does not request 'always: true' and will not autonomously persist itself beyond normal operation. It creates and writes cache files under Path.home() (~/.openclaw/cache/crypto-analytics) and may add token metadata to an in-process TOKEN_REGISTRY. It does not modify other skills' configs. The on-disk cache is persistent across runs and should be considered when assessing data retention.
What to consider before installing
This skill appears to implement the described blockchain lookups, but there are a few things to watch before installing or running it:
- .env handling: the code will automatically read a .env from the workspace root (and load every key into os.environ). Do not keep unrelated or highly sensitive credentials (AWS keys, database passwords, Slack tokens, etc.) in that .env if you plan to run this skill. Create a dedicated .env containing only the API keys you intend to use (ETHERSCAN_API_KEY, BLOCKCHAIR_API_KEY) or provide keys via a controlled environment instead.
- Dependencies: the scripts use third-party Python packages (requests, optionally python-dotenv) but the skill has no install manifest. Ensure you run it in a controlled environment (virtualenv/container) with the required packages installed.
- Disk writes: the skill writes cache files to ~/.openclaw/cache/crypto-analytics. If you need no persistent cache, run in an isolated environment or remove/inspect that folder after use.
- Source provenance: the SKILL.md repository field is a placeholder (github.com/yourusername/...). If provenance matters, verify the upstream repository / maintainer before trusting the skill.
If you accept those caveats (especially controlling what is in .env and running the skill in an isolated environment), the skill is likely usable. If you cannot ensure that, do not install or run it.Like a lobster shell, security has layers — review code before you run it.
latest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Crypto Analytics
Overview
A comprehensive multi-chain blockchain analysis tool using live API data:
- EVM networks: 60+ chains via unified Etherscan V2 (Ethereum, Sepolia testnet, BSC, Polygon, Arbitrum, Base, Optimism, Avalanche, etc.)
- Bitcoin: Via Blockchair API
- Solana: Balance via public RPC (tx history requires external service)
- Built-in rate limiting and 5-minute caching
- No credentials needed for basic usage (API key increases Etherscan limits)
All commands return JSON with optional human-readable formatting.
Core Commands
balance <address> [chain]
Get native token balance for a wallet.
Parameters:
address- Blockchain addresschain(optional) - Chain identifier. Auto-detects from address format if omitted.- EVM:
ethereum,sepolia,bsc,polygon,arbitrum,base,optimism,avalanche, and more - Non-EVM:
bitcoin,solana
- EVM:
Example:
crypto-analytics balance 0x742d35Cc6634C0532925a3b8D4C9db96C4b4Db45 ethereum
Output:
{
"chain": "ethereum",
"chainid": 1,
"address": "0x742d35cc6634c0532925a3b8d4c9db96c4b4db45",
"balance_wei": 1234567890000000000,
"balance_native": 1.23456789,
"formatted_balance": "1.234568 ETH"
}
transactions <address> [chain] [limit=20]
Get recent transaction history.
Parameters:
address- Wallet addresschain(optional) - Chain identifier (auto-detected if omitted)limit(optional) - Maximum transactions to return (default 20, max 100)
Example:
crypto-analytics transactions 0x742d35Cc6634C0532925a3b8D4C9db96C4b4Db45 bsc 50
Output:
{
"chain": "bsc",
"chainid": 56,
"address": "...",
"count": 150,
"transactions": [ /* array of tx objects */ ]
}
tx <txhash> <chain>
Get full transaction details.
Parameters:
txhash- Transaction hashchain- Chain identifier (required)
Example:
crypto-analytics tx 0x123abc... ethereum
Output:
{
"chain": "ethereum",
"chainid": 1,
"txhash": "0x123abc...",
"transaction": { /* full tx object */ }
}
validate <address>
Check address validity and detect chain.
Parameters:
address- Address to validate
Example:
crypto-analytics validate bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh
Output:
{
"valid": true,
"chain": "bitcoin",
"normalized": "bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh",
"error": null
}
chains
List all supported blockchains with their specs.
Example:
crypto-analytics chains
gas [chain=ethereum]
Get current gas price estimates including Safe, Standard, and Fast rates, plus base fee (EIP-1559).
Parameters:
chain(optional) - Chain identifier (default: ethereum)
Example:
crypto-analytics gas ethereum
Output:
{
"chain": "ethereum",
"chainid": 1,
"low": 20000000000,
"standard": 50000000000,
"fast": 80000000000,
"base_fee": 15000000000,
"timestamp": 1700000000,
"formatted": "=== Gas Price Tracker ===\nSafe: 20.00 Gwei\nStandard: 50.00 Gwei\nFast: 80.00 Gwei\nBase Fee: 15.00 Gwei\nUpdated: 2023-11-14 10:00:00 UTC"
}
token <address> <token_contract> [chain]
Get ERC-20 token balance for a specific token contract, with symbol and formatted human-readable value.
Parameters:
address- Wallet addresstoken_contract- ERC-20 token contract addresschain(optional) - Chain identifier (auto-detected if omitted)
Example:
crypto-analytics token 0xYourAddress 0xA0b86991c6218b36c1d19D4a2e9bB0e3606EB48 ethereum
Output:
{
"chain": "ethereum",
"contract": "0xa0b86991c6218b36c1d19d4a2e9bb0e3606eb48",
"owner": "0xYourAddress",
"balance": 1000000,
"symbol": "USDC",
"name": "USD Coin",
"decimals": 6,
"formatted": "=== Token Balances ===\nUSDC (USD Coin)\n Balance: 1.000000\n Contract: 0xa0b86991c6218b36c1d19d4a2e9bb0e3606eb48\n"
}
tokens <address> [chain] [limit=20]
Get all ERC-20 token balances for a wallet by auto-discovering tokens from recent transfer history. Returns non-zero balances with symbols and decimals.
Parameters:
address- Wallet addresschain(optional) - Chain identifier (auto-detected if omitted)limit(optional) - Maximum number of tokens to check (default 20)
Example:
crypto-analytics tokens 0xYourAddress ethereum 10
Output:
{
"chain": "ethereum",
"address": "0xYourAddress",
"count": 2,
"tokens": [
{
"contract": "0xa0b86991c6218b36c1d19d4a2e9bb0e3606eb48",
"balance": 1000000,
"symbol": "USDC",
"name": "USD Coin",
"decimals": 6
},
{
"contract": "0xdac17f958d2ee523a2206206994597c13d831ec7",
"balance": 500000,
"symbol": "USDT",
"name": "Tether USD",
"decimals": 6
}
],
"formatted": "=== Token Balances ===\nUSDC (USD Coin)\n Balance: 1.000000\n Contract: 0xa0b8...\nUSDT (Tether USD)\n Balance: 0.500000\n Contract: 0xdac1..."
}
spl-tokens <owner>
Get SPL token accounts for a Solana wallet. Returns mint addresses and token amounts (human-readable).
Parameters:
owner- Solana wallet address (Base58)
Example:
crypto-analytics spl-tokens 7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAsU
Output:
{
"owner": "7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAsU",
"tokens": [
{
"mint": "EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v",
"amount": 10.5,
"decimals": 9
}
],
"formatted": "Owner: 7xKX...\\nToken count: 1\\n EPjF...: 10.50000000\\n"
}
When to Use This Skill
Use crypto-analytics when you need to:
- Check wallet balances across multiple blockchains
- Investigate wallet activity and transaction patterns
- Look up specific transaction details
- Validate blockchain addresses
- Determine which chains are supported
- Integrate live blockchain data into OpenClaw automations
Example Scenarios
"Check my ETH balance"
balance 0x... ethereumor auto-detect if address starts with 0x
"How much BNB do I have on BSC?"
balance 0x... bsc
"Show me recent transactions for this Bitcoin address"
transactions 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa bitcoin
"Is this a valid address and what chain is it on?"
validate <address>
"What chains do you support?"
chains
"Get details for tx 0xabc... on Arbitrum"
tx 0xabc... arbitrum
"Check my USDC balance on Ethereum"
token 0x... 0xA0b86991c6218b36c1d19D4a2e9bB0e3606EB48 ethereum
"Show all tokens I have on Ethereum"
tokens 0x... ethereum
"What's the current gas price on Arbitrum?"
gas arbitrum
Implementation Notes
API Providers
- Etherscan V2: Unified endpoint for 60+ EVM chains. Free tier: ~5 calls/sec, 5k-100k/day depending on chain. API key significantly increases limits.
- Blockchair: Bitcoin, Litecoin, Dogecoin, etc. Free: 100 req/min, 4k/day.
- Solana RPC: Public endpoints (rate-limited) for balances only.
Caching & Rate Limiting
- TTL: 300 seconds (5 minutes)
- Cache location:
~/.openclaw/cache/crypto-analytics/api_responses/ - Rate delays: Enforced to stay within free tier limits
- Batching: Multiple queries in same session use cache
Configuration
Set API keys in .env:
ETHERSCAN_API_KEY=YourEtherscanKeyHere
Key optional for low-volume usage but recommended.
See references/api_index.md for full API documentation and references/chains.md for chain specifications.
Limitations & Future
Current limitations:
- Solana transaction history requires specialized indexer (Solscan API)
- Solana token metadata (symbol, name) not available; only mint addresses are shown
- No batch multi-address queries
- Free tier rate limits apply
Planned enhancements:
- Transaction tracing and money flow analysis
- Contract ABI decoding for read calls
- Additional chain-specific features
- Enhanced Solana token metadata (via token list)
Resources
This skill bundles useful reference material:
references/chains.md- Chain specifications, address formats, explorersreferences/api_index.md- API endpoints, parameters, examples
These files are loaded into context only when needed.
Files
9 totalSelect a file
Select a file to preview.
Comments
Loading comments…