ClawHub

FluxA Agent Wallet for x402 Resources Payment

v1.0.0

A FluxA Agent Wallet skill that enables agents to request budgets, sign x402 payments, and call paid endpoints autonomously. It walks through the full flow—from mandate creation to X-PAYMENT execution—so agents can perform paid actions without human intervention.

1· 1.5k·1 current·1 all-time
by@cpppppp7
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (create mandates, sign x402 payments, call paid endpoints) matches the included CLI bundle which talks to a FluxA Agent ID service and Wallet API. However the package metadata declares no required environment variables or config paths while the code clearly uses/accepts many env vars (AGENT_ID_API, WALLET_API, WALLET_APP, FLUXA_DATA_DIR, AGENT_ID, AGENT_TOKEN, AGENT_JWT, AGENT_EMAIL, AGENT_NAME, CLIENT_INFO). That mismatch (declaring nothing but requiring/reading env vars and writing config files) is an incoherence that should be resolved.
!
Instruction Scope
SKILL.md instructs the agent to run the bundled CLI to register agents, create mandates, request payments, and send X-PAYMENT headers to external paid endpoints — which is consistent with the purpose. However initialize-agent-id.md tells the agent to 'Generate these parameters yourself' and 'Do not ask the user to fill them in' (email, name, client info). That instruction encourages the agent to fabricate/automatically register identities and proceed without explicit user-provided identity data or explicit user approval, which is scope-creep and a privacy/consent concern. The SKILL.md also does not explicitly disclose the external endpoints the bundle will contact (defaults are baked into the script), so runtime network targets are under-documented.
Install Mechanism
No install spec / no download from external arbitrary URLs; the skill is instruction-only plus a bundled JS CLI that runs locally. There is no packaged install step that fetches remote code at install-time. This reduces install-time supply-chain risk compared to remote downloads.
!
Credentials
The registry metadata lists no required credentials or env vars, but the code reads multiple environment variables and will persist agent credentials (agent_id, token, jwt) into a config file under the user's home directory (default ~/.fluxa-ai-wallet-mcp/config.json) and append to an audit.log. The skill will POST registration data (email, name, client_info) and payment requests to external FluxA endpoints. Requesting or persisting credentials and generating identities without declaring these requirements is disproportionate and under-documented.
!
Persistence & Privilege
The CLI writes a config file and an audit log into the user's home directory (or FLUXA_DATA_DIR if set), and will save JWTs/tokens there. It does not change other skills or system settings, and always:false is set, but persisting authentication tokens and logs in user home is a material persistence/privacy action that should have been declared and consented to. Combined with autonomous agent invocation (the platform default), this increases the blast radius if the skill is granted permission without scrutiny.
What to consider before installing
Before installing or enabling this skill, consider the following: - The skill will contact external FluxA endpoints (agentid.fluxapay.xyz, walletapi.fluxapay.xyz, wallet.fluxapay.xyz by default) and will POST registration info (email, agent name, client info) and payment requests to those services. Verify you trust those endpoints and the skill author — no homepage or source is provided. - The bundle writes persistent files into your home directory (default: ~/.fluxa-ai-wallet-mcp/config.json and audit.log) and will store agent_id / token / jwt there. If you do not want credentials persisted on disk or want isolation, do not install or run it on a host with sensitive data; consider a disposable VM or container. - The runtime docs instruct the agent to auto-generate registration info and explicitly tell the agent not to ask the user for those fields. That behavior could lead to creating identities and requesting budgets/payments without explicit human-provided identity or stricter user confirmation. Require human approval before the skill registers an agent or requests budgets. - The registry metadata omits environment/config requirements even though the code reads many env vars and supports overriding endpoints and data directory. Ask the developer to update the manifest to declare required env vars and the config path, and to document network endpoints and what data is transmitted. - If you still want to use it, test in an isolated environment, inspect the bundled script yourself (it is provided), and restrict the skill from autonomous use (if the platform allows disabling autonomous invocation) until you trust it. If you cannot verify the FluxA endpoints or the author, do not enable the skill on production or on an account containing sensitive credentials. Confidence note: I am medium-confident because the behavior of the code aligns with the skill's described functionality, but the missing manifest declarations, the 'generate identity yourself' instruction, and the lack of a verifiable source/homepage raise non-trivial trust and privacy concerns. Additional information that would raise confidence to high: an authoritative source/homepage for the project, a signed/reputable publisher, explicit manifest entries listing env vars and config paths, and an explicit note in SKILL.md that the agent must get explicit user approval before creating/using an agent ID or spending funds.

Like a lobster shell, security has layers — review code before you run it.

latestvk977m6zmss9kjfgv5zv2963m0h809m9x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments