OpenClaw + Helmet

How the RiskSignal Helmet Works with OpenClaw

SKILL.md + local risksignal.py form a physical bottleneck: Telegram/WhatsApp → OpenClaw → skill → script → Solana. The LLM never builds the tx or sees your keys.

SKILL.md overriderisksignal.py air‑gapRugCheck · Sybil · Jito

The RiskSignal Helmet Stack

Three pieces: SKILL.md routes trading; the LLM runs the script; the script holds keys and blocks or signs.

1. SKILL.md Override

In ~/.openclaw you add a skill (e.g. RiskSignal_Trade.md). YAML trigger on "buy", "snipe", "swap". Instructions: pass Contract Address to local risksignal.py and wait for output.

2. Air‑Gapped Intercept

OpenClaw runs python3 risksignal.py <contract> <amount>. The LLM does not build the Solana tx. Script does ~400ms scan (Helius, RugCheck, Jito, Sybil, LP, mint).

3. Circuit Breaker

Only risksignal.py holds your keys. Scam → script prints FATAL ERROR and halts. Safe → script signs, submits, prints SUCCESS + signature. OpenClaw relays that text to you.

Example: OpenClaw ↔ risksignal.py

Stream active

User (Telegram): Snipe 0.5 SOL of 7zDA...BAGSIntent

OpenClaw: python3 risksignal.py 7zDA...BAGS 0.5Invoke

Script: 🔴 FATAL ERROR: Sybil Cabal Detected. Trade aborted.BLOCKED

OpenClaw → User: RiskSignal blocked this trade. Token is a honeypot controlled by a Sybil cabal.Relay

Sequence Diagram

You (Telegram/WhatsApp)

→

OpenClaw (Gateway/LLM)

→

RiskSignal skill → risksignal.py

→

Solana (only if script signs)

Intent is parsed by OpenClaw; execution and keys live in risksignal.py. Script output is relayed back to you.

Evidence for Audits

Audit = script output (block or success + reason) + signed tx. C2PA‑signed proofs available for ASIC and EU AI Act reviews.

Deployment Journey

Add the RiskSignal skill (e.g. RiskSignal_Trade.md) to ~/.openclaw.
Configure risksignal.py and wallet—keys only in the script.
Define heuristics in the script (RugCheck, Sybil, Jito, LP, mint).
Use OpenClaw via Telegram/WhatsApp; Helmet blocks or allows and relays the result back.