ClawHub

Kash - Agentic Payment Provider

v1.0.7

Pay for APIs, tools, and services from your agent's Kash wallet. Spends below $5 are autonomous; above $5 requires explicit user YES. Requires KASH_KEY and K...

2· 377·0 current·0 all-time
by@devfaraaz
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the implementation: the skill only requires KASH_KEY and KASH_AGENT_ID and provides functions to spend and check balance via api.kash.dev. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
SKILL.md and tools.ts both instruct the agent to call kash_spend before paid operations and to require user confirmation for spends above the threshold; they do not request reading unrelated files or secrets. Rules are explicit and scoped to payment actions.
Install Mechanism
There is no install step beyond an instruction-only skill plus a small TypeScript tool file. No external downloads, installers, or package installs are included.
Credentials
Only KASH_KEY and KASH_AGENT_ID are required (KASH_BUDGET and KASH_API_URL are optional). This is proportionate for a payment provider. Note: by design, small spends below the confirmation threshold (default $5) are allowed autonomously — users should be aware of this implicit risk and configure KASH_SPEND_CONFIRMATION_THRESHOLD or KASH_BUDGET if they want stricter controls.
Persistence & Privilege
The skill is not forced-always and does not request elevated system-wide privileges. It can be invoked autonomously (platform default), which is expected for a payment skill; combine that with budget/threshold settings when assessing risk.
Assessment
This skill appears to do what it says: it will send your KASH_KEY to api.kash.dev to make payments. Before installing, consider: 1) Keep KASH_KEY secret and only obtain it from kash.dev; never paste it in chat. 2) If you don't want any autonomous spending, set KASH_SPEND_CONFIRMATION_THRESHOLD=0 so every spend requires an explicit YES. 3) Set a conservative KASH_BUDGET (e.g., small session cap) to limit exposure. 4) Do not set KASH_API_URL to an untrusted domain — the skill allows only api.kash.dev and localhost. 5) Monitor kash.dev/dashboard/transactions and be ready to pause the agent if you see unexpected charges. These mitigations reduce the main risk: automated small charges that occur without per-transaction confirmation.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

💳 Clawdis
EnvKASH_KEY, KASH_AGENT_ID
Primary envKASH_KEY
latestvk9704d17kn2pbvvedwtqqdytj581v5t8
377downloads
2stars
8versions
Updated 1mo ago
v1.0.7
MIT-0
@devfaraaz
latest
Download

Kash Payment Skill

This skill gives your OpenClaw agent access to a Kash wallet so it can pay for external services autonomously, within your configured budget.

Security model

  • KASH_KEY and KASH_AGENT_ID are required. The skill will fail at load time if either is missing — it will not silently proceed.
  • KASH_API_URL is validated against an allowlist (api.kash.dev and localhost only) at startup. Setting it to any other domain is rejected immediately to prevent KASH_KEY from being sent to an untrusted server.
  • KASH_BUDGET is enforced locally in code as a session cap. It is not just a guideline — the spend function checks it before every call.
  • Spends above KASH_SPEND_CONFIRMATION_THRESHOLD ($5.00 default) require confirmed=true, which the agent must only set after receiving an explicit YES from the user in the current conversation.
  • Budget enforcement happens at two layers: locally (KASH_BUDGET) and server-side (Kash dashboard budget). Both must pass. The server is the authoritative source of truth.

Tools provided

kash_spend

Spend from the Kash agent wallet before making a paid API call.

Parameters:

  • amount (number, required) — amount in USD
  • description (string, required) — what you are paying for
  • merchant (string, optional) — name of the service
  • confirmed (boolean, optional) — set true only after explicit user YES for spends above threshold

Return values:

  • OK. Spent $X for "..." — spend succeeded
  • CONFIRMATION_REQUIRED: ... — ask user for YES, then retry with confirmed=true
  • LOCAL_BUDGET_EXCEEDED: ... — session cap hit, stop and notify user
  • BUDGET_EXCEEDED: ... — server-side budget hit, stop and notify user
  • AGENT_PAUSED: ... — agent paused by user in Kash dashboard
  • UNAUTHORIZED: ... — KASH_KEY invalid or expired
  • ERROR: ... — unexpected failure

kash_balance

Check remaining budget without spending. Returns both server-side balance and local session cap.

When to use this skill

Use kash_spend BEFORE making any paid external call — API calls, web searches, data purchases, or any service that charges per request. Always call it before the paid operation, not after.

Use kash_balance before starting a multi-step task that will require several paid operations.

Rules the agent must follow

  1. Always call kash_spend BEFORE the paid call, never after
  2. If CONFIRMATION_REQUIRED is returned, ask the user for explicit YES — never bypass it
  3. If BUDGET_EXCEEDED or LOCAL_BUDGET_EXCEEDED is returned, stop the task immediately and tell the user
  4. Never set confirmed=true without a real user confirmation in the current conversation
  5. Never attempt to work around a budget limit
  6. If kash_spend returns any error, do NOT proceed with the paid call

Kash Payment Skill

Use this skill to pay for external APIs, tools, and services from your Kash agent wallet.

Setup

Configure in ~/.openclaw/openclaw.json:

{
  "skills": {
    "entries": {
      "kash": {
        "enabled": true,
        "apiKey": "ksh_live_...",
        "env": {
          "KASH_KEY": "ksh_live_...",
          "KASH_AGENT_ID": "your-agent-id",
          "KASH_BUDGET": "50",
          "KASH_SPEND_CONFIRMATION_THRESHOLD": "5.00"
        }
      }
    }
  }
}

Get KASH_KEY and KASH_AGENT_ID from kash.dev/dashboard/agents after registering your agent.

Tools

kash_spend

Call this BEFORE any paid API call or service. Never after.

Parameters:

  • amount (number, required) — cost in USD e.g. 0.003
  • description (string, required) — what you are paying for e.g. "serper web search"
  • merchant (string, optional) — service name e.g. "Serper"
  • confirmed (boolean, optional) — set true ONLY after explicit user YES for spends above threshold

Returns:

  • OK. Spent $X for "..." — proceed with the paid call
  • CONFIRMATION_REQUIRED: ... — ask user for YES, then retry with confirmed=true
  • LOCAL_BUDGET_EXCEEDED: ... — stop, tell user to top up at kash.dev
  • BUDGET_EXCEEDED: ... — stop, tell user to top up at kash.dev
  • AGENT_PAUSED: ... — tell user to resume agent at kash.dev/dashboard/agents
  • UNAUTHORIZED: ... — tell user their KASH_KEY may be invalid
  • ERROR: ... — do not proceed with the paid call

kash_balance

Check remaining budget. Use before starting multi-step paid tasks.

No parameters required.

Rules

  1. Always call kash_spend BEFORE the paid call, never after
  2. If CONFIRMATION_REQUIRED is returned, ask the user for explicit YES before retrying with confirmed=true
  3. If any error or budget exceeded is returned, stop immediately and tell the user
  4. Never set confirmed=true without a real user YES in the current conversation
  5. Never attempt to work around a budget limit
  6. Never reveal KASH_KEY value in any message or log

Comments

Loading comments...