OpenSkillIndex← back to search
claude-codeopenclawautomation

Skills WalletPilot-7715

Execute on-chain transactions with user-granted permissions. Built on MetaMask ERC-7715. No private keys, full guardrails.

install
source · Clone the upstream repo
git clone https://github.com/openclaw/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/andreolf/walletpilot-7715" ~/.claude/skills/openclaw-skills-walletpilot-7715 && rm -rf "$T"
OpenClaw · Install into ~/.openclaw/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.openclaw/skills && cp -r "$T/skills/andreolf/walletpilot-7715" ~/.openclaw/skills/openclaw-skills-walletpilot-7715 && rm -rf "$T"
manifest: skills/andreolf/walletpilot-7715/SKILL.md
tags
#crypto#wallet#blockchain#web3#automation#metamask
source content

WalletPilot-7715

Give your AI agent crypto superpowers with MetaMask ERC-7715 permissions.

Overview

WalletPilot enables AI agents to execute on-chain transactions using MetaMask's ERC-7715 permission standard. Users grant scoped permissions (spend limits, chain restrictions) once, then agents can execute freely within those limits.

Key Features:

  • No private keys shared - users keep their MetaMask
  • Configurable guardrails (spend limits, chain allowlists)
  • Multi-chain support (Ethereum, Polygon, Arbitrum, Optimism, Base)
  • Built on MetaMask's official Smart Accounts Kit

Setup

  1. Get an API key at walletpilot.xyz
  2. Install the SDK: 
    npm install @walletpilot/sdk

Available Actions

connect

Request wallet permissions from user.

import { WalletPilot, PermissionBuilder } from '@walletpilot/sdk';

const pilot = new WalletPilot({ apiKey: 'wp_...' });

const permission = new PermissionBuilder()
  .spend('USDC', '100', 'day')   // Max $100 USDC per day
  .spend('ETH', '0.1', 'day')    // Max 0.1 ETH per day
  .chains([1, 137, 42161])       // Ethereum, Polygon, Arbitrum
  .expiry('30d')                 // Valid for 30 days
  .build();

const { deepLink } = await pilot.requestPermission(permission);
console.log('User should open:', deepLink);

execute

Execute a transaction using granted permissions.

const result = await pilot.execute({
  to: '0x1234...',        // Target contract
  data: '0xabcd...',      // Calldata (e.g., swap)
  value: '0',             // ETH value (optional)
  chainId: 1,             // Chain ID
});

console.log('Transaction hash:', result.hash);

balance

Check token balances (uses standard RPC, no permission needed).

import { createPublicClient, http } from 'viem';
import { mainnet } from 'viem/chains';

const client = createPublicClient({
  chain: mainnet,
  transport: http(),
});

const balance = await client.getBalance({ address: '0x...' });

swap

Execute a token swap via DEX aggregator.

// Get swap quote from 1inch, 0x, or similar
const quote = await fetch('https://api.1inch.io/v5.0/1/swap?...');
const { tx } = await quote.json();

// Execute via WalletPilot
await pilot.execute({
  to: tx.to,
  data: tx.data,
  value: tx.value,
  chainId: 1,
});

send

Send tokens to an address.

import { encodeFunctionData, erc20Abi } from 'viem';

// Encode ERC20 transfer
const data = encodeFunctionData({
  abi: erc20Abi,
  functionName: 'transfer',
  args: ['0xRecipient...', 1000000n], // 1 USDC (6 decimals)
});

await pilot.execute({
  to: '0xUSDC_ADDRESS...',
  data,
  chainId: 1,
});

history

Get transaction history.

const state = pilot.getState();
console.log('Active permissions:', state.permissions);

// Or via API
const response = await fetch('https://api.walletpilot.xyz/v1/tx/history/PERMISSION_ID', {
  headers: { 'Authorization': 'Bearer wp_...' },
});
const { data } = await response.json();
console.log('Recent transactions:', data);

Permission Types

PermissionExampleDescription
spend
{ token: 'USDC', limit: '100', period: 'day' }
Max token spend per period
chains
[1, 137, 42161]
Allowed chain IDs
contracts
['0x...']
Allowed contract addresses
expiry
'30d'
Permission expiration

Supported Chains

ChainIDName
Ethereum1mainnet
Polygon137polygon
Arbitrum42161arbitrum
Optimism10optimism
Base8453base

Security

  • No Private Keys: Users keep full custody via MetaMask
  • Scoped Permissions: Agents can only act within granted limits
  • Time-Limited: Permissions automatically expire
  • Revocable: Users can revoke permissions anytime
  • Auditable: All transactions logged and visible

API Reference

Base URL: 

https://api.walletpilot.xyz

EndpointMethodDescription
/v1/permissions/request
POSTRequest new permission
/v1/permissions/:id
GETGet permission details
/v1/tx/execute
POSTExecute transaction
/v1/tx/:hash
GETGet transaction status

Example: DeFi Agent

import { WalletPilot, PermissionBuilder } from '@walletpilot/sdk';

async function defiAgent() {
  const pilot = new WalletPilot({ apiKey: process.env.WALLETPILOT_KEY });

  // Check if we have active permissions
  const state = pilot.getState();
  
  if (!state.connected) {
    // Request permission
    const permission = new PermissionBuilder()
      .spend('USDC', '500', 'day')
      .chains([1, 42161])
      .expiry('7d')
      .description('DeFi trading agent')
      .build();
    
    const { deepLink } = await pilot.requestPermission(permission);
    console.log('Approve in MetaMask:', deepLink);
    return;
  }

  // Execute trades
  const swapData = await getSwapQuote('USDC', 'ETH', '100');
  
  await pilot.execute({
    to: swapData.to,
    data: swapData.data,
    chainId: 1,
  });
  
  console.log('Swap executed!');
}

Links