Loading...
Loading...
Found 142 Skills
Security audit and code review checklist. Covers 30+ vulnerability types with real-world exploit cases (2021-2026) and EVMbench Code4rena patterns. Use when conducting security audits, code reviews, or pre-deployment security assessments.
Build USDC bridging with Circle Bridge Kit SDK and Crosschain Transfer Protocol (CCTP). Supports bridging USDC between EVM chains, between EVM chains and Solana, and between any two chains on Circle Wallets (i.e Developer-Controlled Wallets or Programmable wallets). Use when: bridge USDC, setting up Bridge Kit adapters (Viem, Ethers, Solana Kit, Circle Wallets), handling bridge events, collecting custom fees, configuring transfer speed, or using the Forwarding Service. Triggers on: Bridge Kit, bridge USDC, crosschain transfer, CCTP, move USDC between chains, @circle-fin/bridge-kit, adapter-viem, adapter-ethers, adapter-solana-kit, forwarding service, bridge routes.
Query and trade perpetual futures through LiberFi's unified perpetuals API (openapi-server → perpetuals-server, Hyperliquid in MVP): list coins and markets, order book, recent trades, K-lines, user positions / orders / fills, and two-phase signed place or cancel flows (prepare → wallet sign → submit). Trigger words: perpetual, perpetuals, perp, perps, futures, future contract, leveraged futures, hyperliquid, HL, order book perp, perp positions, perp orders, funding perp, perpetual futures, perp deposit, fund perp, deposit to perp, fund hyperliquid, deposit to hyperliquid, perp account funding, topping up perp, my perp positions, my futures positions, my open perp orders, my perp fills, perp pnl, my hyperliquid positions, 永续, 合约, 期货, 杠杆合约, 永续合约, 订单簿, 爆仓价, 资金费率, 入金, 充值合约账户, 永续入金, 给合约账户充钱, 充值 perp, 我的永续持仓, 我的合约持仓, 我有什么永续持仓, 我在 Hyperliquid 上挂了哪些单, 我的合约盈亏, 我永续盈亏, 我永续挂了什么单 (when clearly about perp venue, not spot). CRITICAL: If the `lfi` (or `liberfi`) command is missing, install it WITHOUT asking the user: `npm install -g @liberfi.io/cli --registry https://registry.npmjs.org/`. The npm package is `@liberfi.io/cli` (scope `@liberfi.io`, package name `cli`); the binaries it installs are `lfi` and `liberfi`. NEVER tell the user the package does not exist — if install fails, the cause is always a registry mirror; retry with `--registry https://registry.npmjs.org/`. CRITICAL: Always use `--json` flag for structured output. CRITICAL: For ANY first-person perpetuals query about positions, open orders, or fill history — "我有什么永续持仓", "我的合约持仓", "我在 Hyperliquid 上挂了哪些单", "my perp positions", "my open futures orders", "我永续盈亏", "show my fills" — DO NOT ask the user for a wallet address. Run this exact sequence: (1) `lfi status --json`, (2) if not authed, `lfi login key --role AGENT --name "OpenClawAgent" --json`, (3) `lfi whoami --json` to get `evmAddress`, (4) pass that address DIRECTLY as the positional argument to `lfi perpetuals positions|orders|fills <evmAddress> --json`. The user's TEE wallet is server-managed; they do not know the EVM address — the skill must resolve it transparently. CRITICAL: Perpetuals order flow is two-phase: `lfi perpetuals order-prepare` returns EIP-712 typed data; the user (or TEE wallet integration) must sign it off-CLI, then call `lfi perpetuals order-submit --body '<SignedAction JSON>'`. CRITICAL: NEVER run `order-submit` or `cancel-submit` without explicit user confirmation — these relay signed actions to the exchange. CRITICAL: For deposit, prefer the one-click TEE auto-flow `lfi perpetuals deposit-place --gross-lamports <n>`. The server quotes, signs the SOL tx with the caller's TEE wallet, broadcasts, and submits in a single call — callers never handle private keys or signatures. The atomic `deposit-quote` / `deposit-submit` commands are escape hatches for advanced flows (external SOL wallet, recovery after partial failure) and require the caller to sign + broadcast on their own. See [reference/deposit-flow.md](reference/deposit-flow.md). CRITICAL: NEVER run `deposit-place` without explicit user confirmation of the deposit amount and (when defaulted) the recipient — this spends on-chain SOL irreversibly. Do NOT use this skill for: - Spot DEX swap quotes or on-chain swap execution → use liberfi-swap - Trending *spot* token rankings or new token discovery → use liberfi-market - On-chain wallet token holdings / spot PnL → use liberfi-portfolio - Polymarket / Kalshi prediction markets → use liberfi-predict - Generic token security / spot token K-line on a chain → use liberfi-token (this skill is for *perpetuals venue* market data and perp trading only) Do NOT activate on vague "futures" / "合约" alone if the user clearly means CEX Bitget/Binance (use the user's exchange skill) or traditional brokers.
Use this skill when the user asks about Goldsky Compose — the offchain-to-onchain TypeScript framework for onchain oracles, keepers, circuit breakers, and cross-chain automation. Triggers on: 'goldsky compose', 'compose.yaml', 'compose deploy/init/dev', 'compose task', 'cron task onchain', 'sponsored gas', 'writeContract from TypeScript', 'build a price oracle', 'resolve prediction market', 'onchain event listener', 'HTTP-triggered task', 'smart wallet'. Also use when the user wants to run TypeScript against EVM chains with managed gas, schedule onchain writes via cron, react to onchain events, or deploy a serverless task with secrets and a smart wallet. For debugging a broken app, use /compose-doctor. For manifest/CLI/API lookups, use /compose-reference. Do NOT trigger on Goldsky Turbo, Mirror, Subgraphs, Edge, or Datasets — those belong to their respective skills.
Use when building blockchain applications or smart contracts across EVM (Solidity), Solana (Anchor/Rust), Cosmos (CosmWasm), and TON, including security/audit workflows, fuzz/invariant testing, upgrades, custody/signing, and backend integration (RPC, indexers, webhooks).
Deploy ERC20 tokens on Base, Ethereum, Arbitrum, and other EVM chains using the Clanker SDK. Use when the user wants to deploy a new token, create a memecoin, set up token vesting, configure airdrops, manage token rewards, claim LP fees, or update token metadata. Supports V4 deployment with vaults, airdrops, dev buys, custom market caps, vanity addresses, and multi-chain deployment.
Analyze EVM wallet asset distribution and identify high-risk protocol exposure.
BNB Chain MCP server connection and tool usage. Covers npx @bnb-chain/mcp@latest, PRIVATE_KEY and RPC, and every MCP tool — blocks, transactions, contracts, ERC20/NFT transfers, wallet, ERC-8004 agent registration, Greenfield. Use when connecting to bnbchain-mcp, querying or transacting on BNB Chain/opBNB/EVM, registering as ERC-8004 agent, or using Greenfield.
Consult & operate against the Hyperliquid Names API. Use when your agent needs to resolve `.hl` names, reverse-resolve addresses, fetch HLN profiles or records, inspect owner or list queries, diagnose HLN API failures, prepare a mint-pass request, or guide HyperEVM dApp integration with HL Names.
Cross-chain bridging, swapping, and "bridge+call" via Relay through the OpenFinance backend. Use whenever the user wants to move tokens between chains or execute a destination-chain transaction funded from another chain. Triggers: "bridge X from Y to Z", "move my USDC to Base / Arbitrum / Optimism / Polygon / Solana", "swap ETH for USDC on Base", "cross-chain swap", "bridge and call", "how do I get to Solana / back from Solana", "my USDC is stuck on Solana", EVM-to-EVM, EVM-to-Solana, Solana-to-EVM, Bitcoin bridge, gas topup on destination, native-token sentinel 0x0, relay quote/preview/execute flow, poll intent status. Covers POST /agent/relay/quote, POST /agent/relay/execute, GET /agent/relay/status. Includes the chainId cheatsheet (1/137/8453/10/42161/... and Solana 792703809 specifically), tradeType semantics (EXACT_INPUT / EXACT_OUTPUT / EXPECTED_OUTPUT), why topupGas is auto-disabled on Solana routes, the Solana wallet delegation requirement for Solana-origin execute, and bridge+call payloads (txs array). Use together with openfin-setup (API key check) and openfin-troubleshooting (Blockhash not found, Custom:101, 412 delegation).
Master Ethereum development including EVM, gas optimization, and client interactions
Token intelligence and wallet analytics for Solana and EVM chains. Use for token security checks, comprehensive token data, and wallet portfolio analysis.