aiusd-core

AIUSD Core — structured trading tools and account management for AI agents. Use when user wants to buy/sell assets, check balances, stake, or manage positions.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 37 · 0 current installs · 0 all-time installs

by@tech-FE-aiusd

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

Name/description, required binary (node), and CLI-focused instructions align: a trading/account-management skill legitimately needs node and a CLI entrypoint (npx aiusd-core). No unrelated credentials or binaries are requested.

Instruction Scope

The SKILL.md instructs the agent to run npx -y aiusd-core (dynamic remote code execution), to follow CLI-provided 'next_steps' automatically without re-confirmation, and to use restore flows that accept a local mnemonic file path. Those steps expand the agent's effective privileges (can run whatever the npm package does, read a specified backup path) and can lead to executing additional actions without explicit user reconfirmation.

Install Mechanism

There is no install spec, but runtime use of `npx -y aiusd-core` means the agent will fetch and execute code from the npm registry on demand. npx execution of an external package is a moderate-to-high risk vector (arbitrary remote code executed each run) and there is no integrity / pinned version or verifiable checksum provided in the skill.

ℹ

Credentials

The skill declares no required env vars, which is reasonable. However, the instructions imply handling authentication tokens, wallets, and optional mnemonic restore files (local path). Those are sensitive operations (wallet creation, token storage, and reading mnemonic backups) and the skill gives guidance for performing them but does not describe where tokens are stored or how file access is constrained.

Persistence & Privilege

always:false (good), but the skill allows autonomous invocation (platform default). Combined with the ability to run `npx` (remote code) and the rule to auto-execute 'next_steps' returned by the CLI without re-confirmation, this creates a higher blast radius: the agent could autonomously run fetched code that performs trades or reads backup files. This combination raises operational risk for funds and secrets.

What to consider before installing

This skill is coherent with its stated purpose (a CLI trading toolkit) but carries non-trivial risks: it instructs the agent to fetch and run an npm package at runtime (npx), may read backup mnemonic files if asked, and directs the agent to execute CLI 'next_steps' without re-confirmation. Before installing, verify the npm package identity and source (official npm package name, publisher, and published code), prefer a pinned/versioned install rather than unpinned `npx -y`, require explicit user confirmation for every trade and for any restore-from-file action, and avoid allowing autonomous invocation for this skill unless you trust the package and have reviewed its code. If you plan to use it, ask the publisher for the package repository URL, a reproducible build or checksum, and details about how authentication tokens and mnemonic backups are stored and protected.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk97dqv3z2fk6ny058kzcrnye0s830ht9

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💰 Clawdis

Binsnode

SKILL.md

AIUSD Core

AIUSD Core is a unified trading toolkit that lets agents trade across venues, manage perpetual futures, access prediction markets, earn yield by staking, and manage funds — all through a single CLI.

CLI entry point

All commands in this skill use npx -y aiusd-core as the CLI prefix. This works without any global installation — npx resolves the package from npm automatically.

If aiusd-core is already in PATH (via npm install -g aiusd-core), you may use aiusd-core directly instead.

NEVER use dist/cli.js — it is a library module, not an entry point.

When to use this skill

Trigger this skill when the user wants to:

Trade — buy, sell, or swap any asset across supported venues
Perpetual futures — long, short, or close positions with leverage, TP/SL
Prediction markets — trade on event outcomes, search markets, manage positions
Account & funds — check balances, deposit, withdraw, stake AIUSD for yield
Market intelligence — trending assets, price feeds, holder analysis
Automated trading — monitor signals, set conditional execution rules

Authentication

When a user wants to get started or is not yet logged in, present 2 options:

Create new account — set up a fresh wallet
Browser login — sign in with an existing account via browser

Map the user's choice to the corresponding CLI flag:

Create new account → npx -y aiusd-core login --new-wallet. The CLI creates a wallet, authenticates, and prints a JSON auth_event with the wallet address.
Browser login → two-step flow:
1. Run npx -y aiusd-core login --browser. The CLI prints a JSON with url and session_id, then exits immediately. Send the url to the user — NEVER fabricate or guess it.
2. After sending the URL, run npx -y aiusd-core login --poll-session <session_id>. This blocks until the user signs in, then saves the token and exits with "Login successful".
Restore from backup → npx -y aiusd-core login --restore <path>. Only use when the user explicitly asks to restore from a mnemonic file.

Command	Description
`npx -y aiusd-core login --new-wallet`	Create new wallet and authenticate
`npx -y aiusd-core login --browser`	Print browser login URL and exit
`npx -y aiusd-core login --poll-session <id>`	Wait for browser sign-in to complete
`npx -y aiusd-core login --restore <path>`	Restore from mnemonic backup file
`npx -y aiusd-core login`	Interactive prompt (fallback for manual use)
`npx -y aiusd-core logout`	Sign out and remove stored token

To switch account: npx -y aiusd-core logout, then npx -y aiusd-core login --browser (or --new-wallet).

Capabilities

Before executing commands in a domain, run npx -y aiusd-core guide <domain> to get the latest commands, parameters, and workflows. Follow the guide exactly.

Domain	What it covers	Trigger phrases	Guide
account	Balances, deposit addresses, transaction history, staking, withdrawals, gas top-up	"balance", "deposit", "withdraw", "stake", "transactions", "how much do I have"	`npx -y aiusd-core guide account`
spot	Buy/sell/swap any asset on supported venues	"buy SOL", "sell ETH", "swap TRUMP", "trade", "convert AIUSD to USDC"	`npx -y aiusd-core guide spot`
perp	Perpetual futures — long, short, close, deposit/withdraw, orderbook, trade history	"long ETH", "short BTC", "close position", "leverage", "futures", "perps"	`npx -y aiusd-core guide perp`
hl-spot	HyperLiquid spot trading — buy/sell on HL spot market	"buy HYPE", "HL spot", "HyperLiquid spot"	`npx -y aiusd-core guide hl-spot`
prediction	Polymarket — search markets, buy/sell shares, manage orders and positions	"bet on", "prediction", "Polymarket", "will X happen", "election odds"	`npx -y aiusd-core guide prediction`
monitor	Watch signals for trade execution, set conditional auto-buy orders	"monitor @elonmusk", "watch account", "auto-buy", "conditional order"	`npx -y aiusd-core guide monitor`
market	Trending assets, price feeds, holder analysis	"trending", "hot tokens", "market data", "stock prices", "holders"	`npx -y aiusd-core guide market`

Fallback: if npx -y aiusd-core guide is unreachable, refer to static files in skills/ directory.

Domain Knowledge

AIUSD is not a token

AIUSD is a centralized balance pegged 1:1 to USDT. It is not a tradeable token — there is no contract address or on-chain balance to query. AIUSD can be used to trade any asset on supported venues. The conversion path is handled internally by the CLI; do not attempt to orchestrate it manually.

Always guide before operate

Do not guess command syntax or parameters from memory. Before executing commands in any domain, run npx -y aiusd-core guide <domain> to get the current reference. Guides may change between CLI versions.

Asset names can be ambiguous

The same asset symbol may exist on multiple venues. When the user's intent is ambiguous, ask which venue before executing. If the user has a clear preference from context (e.g., "buy SOL" implies Solana), proceed without asking.

Follow `next_steps`, don't re-confirm

When a command returns action_required with next_steps, execute those steps directly. The user has already confirmed the intent — do not ask again unless the next step involves a different action than what was originally requested.

Rules

Always confirm trades with the user before executing.
Never expose internal details (JSON responses, tool names, file paths) to users.
Present results in clear, conversational language.

Files

8 total

Select a file

Select a file to preview.

Comments

Loading comments…