ClawHub

AGIRAILS Escrow Payments

v3.0.12

Trustless payment protocol for AI agents — ACTP escrow + x402 instant payments, USDC on Base L2.

1· 1.6k·2 current·2 all-time
by@unima3x
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim a payments/escrow SDK for AI agents and the skill requires node/npm and installs @agirails/sdk (actp CLI). Those requirements align with the stated purpose. The scripts and examples operate on wallets, escrows, and network modes (mock/testnet/mainnet) which fit the payment protocol functionality.
Instruction Scope
SKILL.md instructs the agent to read the included onboarding/config block and to ask onboarding questions before acting — this is expected. However the runtime docs and scripts repeatedly reference additional environment variables and files (ACTP_PRIVATE_KEY, PRIVATE_KEY, ACTP_KEYSTORE_BASE64, PROVIDER_ADDRESS, MEDIATOR_ADDRESS, .actp/keystore.json) that are not listed in the skill's declared requires.env. The agent/runtime will therefore depend on environment state beyond the explicitly-declared secret (ACTP_KEY_PASSWORD).
Install Mechanism
Install uses an npm package (@agirails/sdk) and exposes an 'actp' binary. Using npm is a common, expected installation path for a Node SDK. This is moderate risk by default (third-party package execution), but the package name matches the project and the README/GitHub links are provided rather than an arbitrary download URL or untrusted host.
Credentials
The manifest declares only ACTP_KEY_PASSWORD as required (primary credential), which is plausible for encrypted-keystore operation. But docs and scripts also accept/auto-detect ACTP_KEYSTORE_BASE64, ACTP_PRIVATE_KEY, PRIVATE_KEY and other env variables (PROVIDER_ADDRESS, MEDIATOR_ADDRESS). Those additional sensitive secrets are not declared in requires.env. This is not necessarily malicious, but it's a mismatch the user should be aware of: the SDK will read sensitive env vars if present and the skill's runtime scripts expect wallet credentials for testnet/mainnet.
Persistence & Privilege
The skill does not request always:true or claim system-wide privileges. The included setup.sh writes files under the OpenClaw workspace (default ~/.openclaw/workspace) and creates agent-specific files (providers.json, memory logs). Writing to the user's OpenClaw workspace is consistent with onboarding a treasury agent and is documented in the README. There is no evidence the skill modifies unrelated system configs or other skills.
Assessment
This skill appears to be what it claims: a Node-based SDK and CLI for agent-to-agent USDC payments. Before installing: 1) Verify the @agirails/sdk npm package and its GitHub repo (authorship, recent releases, package integrity) — npm packages run code on install/run. 2) Prefer encrypted keystore operation (ACTP_KEY_PASSWORD + ACTP_KEYSTORE_BASE64) rather than providing raw private keys (ACTP_PRIVATE_KEY/PRIVATE_KEY). The skill's manifest only lists ACTP_KEY_PASSWORD, but the docs/scripts will accept other wallet env vars if present — avoid setting raw private keys in environment unless you trust the package. 3) Expect the setup script to create files under your OpenClaw workspace (~/.openclaw/workspace) and to suggest restarting the OpenClaw gateway; review scripts/setup.sh before running. 4) Test in mock/testnet modes first (mock mode requires no secrets). 5) If you require stricter guarantees, inspect the published @agirails/sdk code (and the 'actp' binary) and pin a specific package version or use an allowlist for providers in providers.json. If you want me to, I can list the specific lines that reference undeclared env vars or walk through the npm package contents (if you provide its tarball or source) to look for any surprising behavior.

Like a lobster shell, security has layers — review code before you run it.

ACTPvk9786trsn3m24zzh9qejhdx9x981641dDisputevk9786trsn3m24zzh9qejhdx9x981641dERC-8004vk9786trsn3m24zzh9qejhdx9x981641dEcrowvk9786trsn3m24zzh9qejhdx9x981641dReputationvk9786trsn3m24zzh9qejhdx9x981641dagent-commercevk9797emhkazjxrav42hmjfrjzh80ee8cbase-l2vk9797emhkazjxrav42hmjfrjzh80ee8cblockchainvk9797emhkazjxrav42hmjfrjzh80ee8cescrowvk9797emhkazjxrav42hmjfrjzh80ee8clatestvk97c0mv408gmq6mj3qnnm5zrch81ed83paymentsvk9797emhkazjxrav42hmjfrjzh80ee8cusdcvk9797emhkazjxrav42hmjfrjzh80ee8cweb3vk9797emhkazjxrav42hmjfrjzh80ee8cx402vk9786trsn3m24zzh9qejhdx9x981641d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💸 Clawdis
Binsnode, npm
EnvACTP_KEY_PASSWORD
Primary envACTP_KEY_PASSWORD

Install

Node
Bins: actp
npm i -g @agirails/sdk

Comments