For the past few months, the default approach to AI wallets has been: give the agent a wallet, add some guardrails, and ship it. We think that gets one thing fundamentally backwards.

Agents should be able to help with financial execution. They shouldn't hold the keys to your kingdom.

Today we're releasing two MIT-licensed repos: Nunchuk CLI and Agent Skills for Nunchuk CLI.

Nunchuk CLI is a command-line tool that lets AI agents operate Bitcoin wallets safely — inside group wallets and Miniscript wallets where your keys stay in control, and anything above a policy limit still needs your explicit sign-off. The Agent Skills repo gives AI agents a ready-made interface to the CLI, covering setup, wallet creation, invitations, policy configuration, and transactions.

The model: shared control, not full autonomy

Handing an agent a hot wallet and hoping a budget setting holds is not a custody model. It's wishful thinking.

Our model looks like this:

• Your key
• Agent key
• Policy co-signer
• Shared Bitcoin wallet

The agent authenticates, picks a network, creates a wallet sandbox, invites participants, adds signer keys, and finalizes the wallet. From there, Platform key policies define what gets auto-signed and what still needs you. The CLI supports enabling the Platform key, setting spending limits, configuring signing delays, inspecting policy state, and handling approval flows for policy-related transactions.

The core idea is simple: build Bitcoin agents with bounded authority.

Two layers that both matter

At the custody layer, you have a Bitcoin group wallet. At the automation layer, you have policy-controlled co-signing. These aren't the same thing, and they're configured separately on purpose.

The agent can do real work on your behalf — but only inside the authority you've defined. Above the limit, you sign.

Receiving and spending are separate decisions

This is one of the most underappreciated properties of the model.

Receiving funds is a normal wallet operation. Spending authority is configured separately through Platform key policies — limits, delays, approval flows. Funding a wallet doesn't automatically expand what the agent can do.

That separation matters. Funding a wallet and authorizing an agent should not be the same decision, and in this model, they aren't.

What's in the box

The CLI covers: authentication and network selection, local key generation and inspection, wallet sandbox creation and finalization, invitations, receive addresses, transaction create/sign/broadcast flows, transaction history, descriptor and BSMS export and recovery, Platform key policy setup and inspection, and spending limits, signing delays, and dummy transaction approvals.

The Agent Skills repo adds ready-made skills for setup, wallet creation, invitations, policy management, wallet admin, and transactions — plus concrete example prompts like:

• "Create a 2-of-3 wallet named My Wallet"
• "Create a 2-of-3 wallet with a 100 USD daily spending limit"
• "Invite Alice and Bob to my wallet"
• “Send 100 USD to this address, then sign and broadcast the transaction”

Why two repos

Two repos because there are genuinely two problems.

The CLI is the execution surface — authentication, key management, wallet creation, policy configuration, transactions. It's built for developers integrating with the Nunchuk API.

The Agent Skills repo is the agent interface — it teaches AI models how to actually use the CLI across the full workflow. The skills pack installs through Agent Skills; the CLI installs separately and authenticates with a Nunchuk API key.

Keeping them separate means the CLI stays lean as an execution layer while the skills layer can evolve independently.

What you can build on top

Once an agent has a shared Bitcoin wallet with real, bounded authority, the interesting work begins. Some directions worth exploring:

• Human + agent wallets
• Multi-agent wallets
• Bill pay agents
• Treasury and UTXO management
• Privacy-aware spend flows
• Agent-to-agent payment flows

These aren't finished features — they're what becomes possible once an agent can operate inside real Bitcoin wallet boundaries instead of being handed unconstrained control.

A note on Miniscript

The basic use case focuses on the simplest story: a shared wallet with a spending limit. But the CLI is designed for both group wallets and Miniscript wallets, and the same philosophy applies throughout — user keys stay in control, policy limits stay enforced.

That opens up more expressive wallet logic and approval paths over time, not just signer counts.

On open source and portability

Because this is about money, portability isn't optional. The CLI supports exporting wallet descriptors and BSMS backups, and recovering from a backup file. You're not locked into a proprietary format.

You'll need a Nunchuk API key to use the CLI — get one at developer.nunchuk.io.

Getting started

bash

npx skills add nunchuk-io/agent-skills --all --global
npm install -g nunchuk-cli
nunchuk auth login

From there: set the network, generate keys, create a sandbox, invite participants, finalize the wallet, configure policies, get a receive address, and start transacting. The skills repo has example prompts and step-by-step guidance for all of it.

This is the model we hope you explore. Let the agent do useful work. Bound its authority. Keep human approval where it matters. Build on Bitcoin.