ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Yield Agent

On-chain yield discovery, transaction building, and portfolio management via the Yield.xyz API. Use when the user wants to find yields, stake, lend, deposit into vaults, check balances, claim rewards, exit positions, compare APYs, or manage any on-chain yield across 80+ networks.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
6 · 1.1k · 0 current installs · 0 all-time installs
by@apurvmishra
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match what the skill does: all scripts call the Yield.xyz API, and required binaries (curl, jq) are appropriate. The skill does not request unrelated credentials or system access.
Instruction Scope
SKILL.md and scripts consistently instruct the agent to fetch yield metadata, build actions, and hand unsigned transactions to a wallet skill for signing. The instructions explicitly forbid modifying unsignedTransaction, and the scripts only call the declared API endpoints and read the local skill manifest for configuration.
Install Mechanism
No remote download/install steps are declared in the package metadata; the skill is delivered as code files and uses only curl/jq at runtime. No arbitrary external installers or URL downloads are used by the skill itself.
Credentials
The skill requires no secrets at runtime, but skill.json ships a shared API key (api.apiKey) and baseUrl. This is convenient for getting started but means the package includes an embedded API key—replace with your own YIELDS_API_KEY for production. The skill does not request unrelated credentials.
Persistence & Privilege
always is false and model invocation is allowed (normal). The package documents and may use a local state file (state/yield-cache.json under the skill directory or ~/.openclaw/...), which is expected for monitoring/superskill features. The skill does not attempt to modify other skills or system-wide configs.
Scan Findings in Context
[base64-block] expected: The SKILL.md and reference docs include many base64/hex examples of unsignedTransaction encodings for different chains (Sui/Aptos/Solana/etc.), which likely triggered this pattern. This appears to be example data/formatting needed for multi-chain signing, not a prompt-injection attempt.
Assessment
This skill appears to do what it claims: it queries Yield.xyz, constructs unsigned transactions, and expects a wallet skill to sign and broadcast them. Before installing: - Replace the embedded shared API key in skill.json with your own YIELDS_API_KEY (the manifest includes a 'free shared key' for convenience). Do not rely on a shared key in production. - Review and trust the wallet skill you pair with this (Crossmint/Privy/Portal/Turnkey). The yield-agent will hand unsigned transactions to that wallet for signing; never provide private keys to this skill. Follow its wallet integration docs. - Be aware the skill may persist a small state file (positions, addresses, alerts) under the skill's state directory (~/.openclaw/skills/yield-agent/state or the skill state/ path). If you run Superskills or scheduling, expect periodic checks and stored metadata; audit or clear that state if needed. - The SKILL.md and scripts repeatedly warn: do NOT modify unsignedTransaction returned by the API — changing it can cause loss of funds. Follow that rule strictly. - The package references an OpenAPI spec and many examples; if provenance matters, verify the upstream repository (the README points to a GitHub org 'stakekit/yield-agent') and confirm the publisher before trusting for production. If you want a stricter review, provide the untruncated openapi.yaml and the identity/URL used to publish this skill so I can check for surprises (hidden endpoints, unexpected third-party hosts, or additional embedded keys).

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.5
Download zip
latestvk97atw83smq0y6a40v3dy0ybas8117zg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📈 Clawdis
Binscurl, jq

SKILL.md

YieldAgent by Yield.xyz

Access the complete on-chain yield landscape through Yield.xyz's unified API. Discover 2600+ yields across staking, lending, vaults, restaking, and liquidity pools. Build transactions and manage positions across 80+ networks.

CRITICAL: Never Modify Transactions From The API

DO NOT MODIFY unsignedTransaction returned by the API UNDER ANY CIRCUMSTANCES.

Do not change, reformat, or "fix" any part of it — not addresses, amounts, fees, encoding, or any other field, on any chain.

If the amount is wrong: Request a NEW action from the API with the correct amount. If gas is insufficient: Ask the user to add funds, then request a NEW action. If anything looks wrong: STOP. Always request a new action with corrected arguments. Never attempt to "fix" an existing transaction.

Modifying unsignedTransaction WILL RESULT IN PERMANENT LOSS OF FUNDS.

Key Rules

The API is self-documenting. Every yield describes its own requirements through the YieldDto. Before taking any action, always fetch the yield and inspect it. The mechanics field tells you everything: what arguments are needed (mechanics.arguments.enter, .exit), entry limits (mechanics.entryLimits), and what tokens are accepted (inputTokens[]). Never assume — always check the yield first.

  1. Always fetch the yield before calling an action. Call GET /v1/yields/{yieldId} and read mechanics.arguments.enter (or .exit) to discover the exact fields required. Each yield is different — the schema is the contract. Do not guess or hardcode arguments.

    Each field in the schema (ArgumentFieldDto) tells you:

    • name: the field name (e.g., amount, validatorAddress, inputToken)
    • type: the value type (string, number, address, enum, boolean)
    • required: whether it must be provided
    • options: static choices for enum fields (e.g., ["individual", "batched"])
    • optionsRef: a dynamic API endpoint to fetch choices (e.g., /api/v1/validators?integrationId=...) — if present, call it to get the valid options (validators, providers, etc.)
    • minimum / maximum: value constraints
    • isArray: whether the field expects an array

    If a field has optionsRef, you must call that endpoint to get the valid values. This is how validators, providers, and other dynamic options are discovered.

  2. For manage actions, always fetch balances first. Call POST /v1/yields/{yieldId}/balances and read pendingActions[] on each balance. Each pending action tells you its type, passthrough, and optional arguments schema. Only call manage with values from this response.

  3. Amounts are human-readable. "100" means 100 USDC. "1" means 1 ETH. "0.5" means 0.5 SOL. Do NOT convert to wei or raw integers — the API handles decimals internally.

  4. Set inputToken to what the user wants to deposit — but only if inputToken appears in the yield's mechanics.arguments.enter schema. The API handles the full flow (swaps, wrapping, routing) to get the user into the position.

  5. ALWAYS submit the transaction hash after broadcasting — no exceptions. For every transaction: sign, broadcast, then submit the hash via PUT /v1/transactions/{txId}/submit-hash with { "hash": "0x..." }. Balances will not appear until the hash is submitted. This is the most common mistake — do not skip this step.

  6. Execute transactions in exact order. If an action has multiple transactions, they are ordered by stepIndex. Wait for CONFIRMED before proceeding to the next. Never skip or reorder.

  7. Consult {baseDir}/references/openapi.yaml for types. All enums, DTOs, and schemas are defined there. Do not hardcode values.

Quick Start

# Discover yields on a network
./scripts/find-yields.sh base USDC

# Inspect a yield's schema before entering
./scripts/get-yield-info.sh base-usdc-aave-v3-lending

# Enter a position (amounts are human-readable)
./scripts/enter-position.sh base-usdc-aave-v3-lending 0xYOUR_ADDRESS '{"amount":"100"}'

# Check balances and pending actions
./scripts/check-portfolio.sh base-usdc-aave-v3-lending 0xYOUR_ADDRESS

Scripts

ScriptPurpose
find-yields.shDiscover yields by network/token
get-yield-info.shInspect yield schema, limits, token details
list-validators.shList validators for staking yields
enter-position.shEnter a yield position
exit-position.shExit a yield position
manage-position.shClaim, restake, redelegate, etc.
check-portfolio.shCheck balances and pending actions

Common Patterns

Enter a Position

  1. Discover yields: find-yields.sh base USDC
  2. Inspect the yield: get-yield-info.sh <yieldId> — read mechanics.arguments.enter
  3. Enter: enter-position.sh <yieldId> <address> '{"amount":"100"}'
  4. For each transaction: wallet signs → broadcast → submit hash → wait for CONFIRMED

Manage a Position

  1. Check balances: check-portfolio.sh <yieldId> <address>
  2. Read pendingActions[] — each has { type, passthrough, arguments? }
  3. Manage: manage-position.sh <yieldId> <address> <action> <passthrough>

Full Lifecycle

  1. Discover → 2. Enter → 3. Check balances → 4. Claim rewards → 5. Exit

Transaction Flow

After any action (enter/exit/manage), the response contains transactions[]. For EACH transaction:

  1. Pass unsignedTransaction to wallet skill for signing and broadcasting
  2. Submit the hashPUT /v1/transactions/{txId}/submit-hash with { "hash": "0x..." }
  3. Poll GET /v1/transactions/{txId} until CONFIRMED or FAILED
  4. Proceed to next transaction

Every transaction must follow this flow. Example with 3 transactions:

TX1: sign → broadcast → submit-hash → poll until CONFIRMED
TX2: sign → broadcast → submit-hash → poll until CONFIRMED
TX3: sign → broadcast → submit-hash → poll until CONFIRMED

unsignedTransaction format varies by chain. See {baseDir}/references/chain-formats.md for details.

API Endpoints

All endpoints documented in {baseDir}/references/openapi.yaml. Quick reference:

MethodEndpointDescription
GET/v1/yieldsList yields (with filters)
GET/v1/yields/{yieldId}Get yield metadata (schema, limits, tokens)
GET/v1/yields/{yieldId}/validatorsList validators
POST/v1/actions/enterEnter a position
POST/v1/actions/exitExit a position
POST/v1/actions/manageManage a position
POST/v1/yields/{yieldId}/balancesGet balances for a yield
POST/v1/yields/balancesAggregate balances across yields/networks
PUT/v1/transactions/{txId}/submit-hashSubmit tx hash after broadcasting
GET/v1/transactions/{txId}Get transaction status
GET/v1/networksList all supported networks
GET/v1/providersList all providers

References

Detailed reference files — read on demand when you need specifics.

  • API types and schemas: {baseDir}/references/openapi.yaml — source of truth for all DTOs, enums, request/response shapes
  • Chain transaction formats: {baseDir}/references/chain-formats.mdunsignedTransaction encoding per chain family (EVM, Cosmos, Solana, Substrate, etc.)
  • Wallet integration: {baseDir}/references/wallet-integration.md — Crossmint, Portal, Turnkey, Privy, signing flow
  • Agent conversation examples: {baseDir}/references/examples.md — 10 conversation patterns with real yield IDs
  • Safety checks: {baseDir}/references/safety.md — pre-execution checks, constraints

Error Handling

The API returns structured errors with message, error, and statusCode. Read the message. Error shapes are in {baseDir}/references/openapi.yaml. Respect retry-after on 429s.

Add-on Modules

Modular instructions that extend core functionality. Read when relevant.

  • {baseDir}/references/superskill.md — 40 advanced capabilities: rate monitoring, cross-chain comparison, portfolio diversification, rotation workflows, reward harvesting, scheduled checks

Resources

Files

16 total
Select a file
Select a file to preview.

Comments

Loading comments…