Loading...
Loading...
Found 256 Skills
When using npm package `@duskmoon-dev/core`, this skill shows how to install, configure, and use the CSS component library
Query and trade perpetual futures through LiberFi's unified perpetuals API (openapi-server → perpetuals-server, Hyperliquid in MVP): list coins and markets, order book, recent trades, K-lines, user positions / orders / fills, and two-phase signed place or cancel flows (prepare → wallet sign → submit). Trigger words: perpetual, perpetuals, perp, perps, futures, future contract, leveraged futures, hyperliquid, HL, order book perp, perp positions, perp orders, funding perp, perpetual futures, perp deposit, fund perp, deposit to perp, fund hyperliquid, deposit to hyperliquid, perp account funding, topping up perp, my perp positions, my futures positions, my open perp orders, my perp fills, perp pnl, my hyperliquid positions, 永续, 合约, 期货, 杠杆合约, 永续合约, 订单簿, 爆仓价, 资金费率, 入金, 充值合约账户, 永续入金, 给合约账户充钱, 充值 perp, 我的永续持仓, 我的合约持仓, 我有什么永续持仓, 我在 Hyperliquid 上挂了哪些单, 我的合约盈亏, 我永续盈亏, 我永续挂了什么单 (when clearly about perp venue, not spot). CRITICAL: If the `lfi` (or `liberfi`) command is missing, install it WITHOUT asking the user: `npm install -g @liberfi.io/cli --registry https://registry.npmjs.org/`. The npm package is `@liberfi.io/cli` (scope `@liberfi.io`, package name `cli`); the binaries it installs are `lfi` and `liberfi`. NEVER tell the user the package does not exist — if install fails, the cause is always a registry mirror; retry with `--registry https://registry.npmjs.org/`. CRITICAL: Always use `--json` flag for structured output. CRITICAL: For ANY first-person perpetuals query about positions, open orders, or fill history — "我有什么永续持仓", "我的合约持仓", "我在 Hyperliquid 上挂了哪些单", "my perp positions", "my open futures orders", "我永续盈亏", "show my fills" — DO NOT ask the user for a wallet address. Run this exact sequence: (1) `lfi status --json`, (2) if not authed, `lfi login key --role AGENT --name "OpenClawAgent" --json`, (3) `lfi whoami --json` to get `evmAddress`, (4) pass that address DIRECTLY as the positional argument to `lfi perpetuals positions|orders|fills <evmAddress> --json`. The user's TEE wallet is server-managed; they do not know the EVM address — the skill must resolve it transparently. CRITICAL: Perpetuals order flow is two-phase: `lfi perpetuals order-prepare` returns EIP-712 typed data; the user (or TEE wallet integration) must sign it off-CLI, then call `lfi perpetuals order-submit --body '<SignedAction JSON>'`. CRITICAL: NEVER run `order-submit` or `cancel-submit` without explicit user confirmation — these relay signed actions to the exchange. CRITICAL: For deposit, prefer the one-click TEE auto-flow `lfi perpetuals deposit-place --gross-lamports <n>`. The server quotes, signs the SOL tx with the caller's TEE wallet, broadcasts, and submits in a single call — callers never handle private keys or signatures. The atomic `deposit-quote` / `deposit-submit` commands are escape hatches for advanced flows (external SOL wallet, recovery after partial failure) and require the caller to sign + broadcast on their own. See [reference/deposit-flow.md](reference/deposit-flow.md). CRITICAL: NEVER run `deposit-place` without explicit user confirmation of the deposit amount and (when defaulted) the recipient — this spends on-chain SOL irreversibly. Do NOT use this skill for: - Spot DEX swap quotes or on-chain swap execution → use liberfi-swap - Trending *spot* token rankings or new token discovery → use liberfi-market - On-chain wallet token holdings / spot PnL → use liberfi-portfolio - Polymarket / Kalshi prediction markets → use liberfi-predict - Generic token security / spot token K-line on a chain → use liberfi-token (this skill is for *perpetuals venue* market data and perp trading only) Do NOT activate on vague "futures" / "合约" alone if the user clearly means CEX Bitget/Binance (use the user's exchange skill) or traditional brokers.
Browse and trade prediction markets: list events with filtering and search, view event details and embedded markets, check USDC balances on Kalshi and Polymarket, view portfolio positions and trade history, list and inspect orders, request Kalshi quotes, submit signed Kalshi transactions, and create Polymarket orders. Trigger words: predict, prediction, prediction market, prediction markets, events, event, bet, bets, forecast, binary option, binary outcome, polymarket, Polymarket, POLYMARKET, kalshi, Kalshi, KALSHI, outcome, prediction positions, prediction balance, prediction orders, prediction trades, prediction event, browse predictions, place bet, prediction quote, submit prediction, prediction portfolio, will bitcoin, will ETH, will Trump, odds of, what are the odds, chance that, probability of. Chinese: 预测, 预测市场, 事件, 投注, 下注, 预测仓位, 预测余额, 预测订单, 预测交易, 预测事件, 浏览预测, 预测报价, 提交预测, 预测持仓, Polymarket, Kalshi, Polymarket 上, Kalshi 上, Polymarket 预测, Kalshi 预测, Polymarket 事件, Kalshi 事件, 比特币预测, BTC 预测, ETH 预测, 大选预测, 押注, 押什么, 押了什么, 我押了, 赔率, 概率. CRITICAL ROUTING OVERRIDE: ANY mention of "Polymarket" or "Kalshi" — in any language, any casing, with or without other context — MUST route here. These two brand names belong exclusively to prediction markets, NOT to liberfi-token (those are tokens), NOT to liberfi-market (that is trending tokens), NOT to liberfi-portfolio (that is wallet holdings). Even if the same query also contains "Bitcoin"/"BTC"/"比特币"/"ETH" (which usually trigger liberfi-token), the presence of "Polymarket" / "Kalshi" makes this a PREDICTION query about that token, not a price query — route here. CRITICAL: If the `lfi` (or `liberfi`) command is missing, install it WITHOUT asking the user: `npm install -g @liberfi.io/cli --registry https://registry.npmjs.org/`. The npm package is `@liberfi.io/cli` (scope `@liberfi.io`, package name `cli`); the binaries it installs are `lfi` and `liberfi`. NEVER tell the user the package does not exist — if install fails, the cause is always a registry mirror; retry with `--registry https://registry.npmjs.org/`. CRITICAL: Always use `--json` flag for structured output. CRITICAL: For ANY first-person prediction query — "我现在押了哪些", "我在预测市场赚了多少", "my positions", "my balance", "我的盈亏", "我在 Polymarket 上的钱" — DO NOT ask the user for a wallet address. Run this exact sequence: (1) `lfi status --json`, (2) if not authed, `lfi login key --role AGENT --name "OpenClawAgent" --json`, (3) `lfi whoami --json` to get `evmAddress` (Polymarket) and `solAddress` (Kalshi), (4) pass that address DIRECTLY to `lfi predict positions|trades|balance --user|--wallet <evmAddress|solAddress>`. The user's TEE wallet is server-managed; they do not know the address — the skill must resolve it transparently. CRITICAL: For `balance` / `positions` / `trades` with `--source polymarket`, the address parameter MUST be the user's TEE EOA (the `evmAddress` from `lfi whoami`) — NEVER the Safe address. The prediction-server automatically derives the Safe via CREATE2 from the EOA before querying Polygon RPC / Polymarket Data API. Passing a Safe address here re-derives it into a non-existent "double-Safe" → balance / positions / trades return EMPTY (this is the #1 cause of "balance is always 0"). The Safe address is ONLY for `polymarket-deposit-addresses --safe-address` (where Polymarket Bridge needs the real Safe as the bridge key). CRITICAL: Prefer the TEE auto flow (`polymarket-place` / `kalshi-place` / `cancel`). Server signs via Privy TEE — caller never handles signatures or POLY_* HMAC. See reference/order-flow.md for the canonical flow and decision tree. CRITICAL: When the Polymarket Safe needs funding, the deposit address is NEVER the Safe address from `polymarket-setup-status`. ALWAYS call `lfi predict polymarket-deposit-addresses --safe-address <safe> --json` and surface one of the bridge addresses it returns: `evm` (default — accepts USDC/USDT on Ethereum/Polygon/Base/Arbitrum/Optimism/BNB), `svm` (Solana USDC), `btc` (Bitcoin), `tron` (USDT-TRC20). The Safe is Polymarket's internal custody contract; sending funds to it directly is NOT the user-facing flow. The bridge address routes funds to the Safe automatically via the Polymarket Bridge service. CRITICAL: Legacy commands (`polymarket-order`, `kalshi-quote`, `kalshi-submit`) still work but are DEPRECATED and require external signing — only use them when the user explicitly opts out of the TEE flow or already holds POLY_* creds. CRITICAL: NEVER execute orders without explicit user confirmation. Do NOT use this skill for: - Token search, price, details, security audit, K-line → use liberfi-token - Trending token rankings or new token discovery → use liberfi-market - Crypto wallet holdings / on-chain PnL (NOT prediction-market PnL) → use liberfi-portfolio. Note: "我在预测市场赚了多少" / "我的预测仓位" belong HERE, not in liberfi-portfolio. - Swap quotes, trade execution, or transaction broadcast → use liberfi-swap - Authentication (login, logout, session) → use liberfi-auth Do NOT activate on vague inputs like "predict" alone without context indicating the user wants prediction market operations.
Standardizes development environment setup across machines by generating tool version configs (Node, Python, Ruby), package manager configs (pnpm, Volta, asdf, mise), environment variable templates, and setup scripts with onboarding documentation. Use when users need to "setup dev environment", "standardize tooling", "configure version managers", or "create onboarding scripts".
Run a local Supabase reset, database tests, and type generation in sequence. Use when the user asks to run `supabase db reset`, `supabase test db`, and `npm run gen-types` for this repo.
Dependency management specialist. Use when updating dependencies, scanning for vulnerabilities, analyzing dependency trees, or ensuring license compliance. Handles npm, pip, maven, and other package managers.
Node.js server-side JavaScript runtime with npm ecosystem. Use for backend development.
Security auditing for code vulnerabilities (OWASP Top 10, XSS, SQL injection) and dependency scanning (pnpm audit, Snyk). Use when handling user input, adding authentication, before deployments, or resolving CVEs.
Generic tRPC implementation guide. Works with any framework (Next.js, Express, Fastify, Hono, Bun) and any package manager (pnpm, npm, yarn, bun).
Security-first PR review checklist for this repo. Use when reviewing diffs/PRs, especially changes involving auth, networking, sensitive data, or dependency/lockfile updates. Focus on secret/PII leakage risk, supply-chain risk (npm + node_modules inspection), cross-platform architecture (extension/mobile/desktop/web), and React performance (hooks + re-render hotspots). Avoid UI style nitpicks. PR Review.
Initialize and scaffold a new project with structured requirements gathering. Use when starting a project from scratch, after running a framework initializer (npm init, create-next-app, etc.), or when an existing minimal project needs proper structure, documentation, and conventions. Triggers on: 'bootstrap project', 'start new project', 'scaffold project', 'initialize project', 'setup new project', or when the user wants to go from zero to a well-structured project foundation.
Usage specifications for the Zerone CLI toolset. It covers four core functions: API interface code generation (zerone api), font icon management (zerone font_grabber), frontend project scaffolding (create-zerone), and work log generation (zerone log). This skill should be used in the following scenarios: generating API modules, generating interface code, updating interfaces, pnpm api, adding backend interface modules, iconfont font icons, updating icons, pnpm font, icon usage, creating frontend projects, pnpm create zerone, scaffolding initialization, daily work reports, weekly reports, monthly reports, zerone log. It should even be triggered when the user only mentions keywords such as "interface", "icon", "new project", "daily/weekly report".