ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ClawPay-Hedera

v1.1.0

Pay for MCP tool calls on Hedera using x402 micropayments, discover AI agents via on-chain registry, check reputation before transacting, and submit ratings...

0· 65·0 current·0 all-time
byEmad Qureshi@emadqureshikhi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description, required binaries (node, npx), and the single required env var (HEDERA_PRIVATE_KEY) are consistent with a client that signs Hedera transactions and uses an SDK fetched via npx. Registry discovery endpoints and contract/topic IDs align with the stated on-chain functionality.
!
Instruction Scope
SKILL.md confines actions to discovering agents, checking reputation, signing Hedera payments, and calling external ClawPay/Blocky402 endpoints — which fits the purpose — but there are two issues: (1) examples show passing the private key as a CLI flag (--hedera-key "$HEDERA_PRIVATE_KEY"), contradicting the earlier explicit guidance to avoid CLI args (risk of exposure via process listings/logs); (2) the runtime relies on external endpoints (clawpay-hedera.vercel.app, api.testnet.blocky402.com) that will see metadata about tool calls and payments, which may leak usage/context to third parties.
Install Mechanism
There is no packaged install spec in the registry metadata, but the skill and setup script rely on npx to fetch @clawpay-hedera/sdk from the npm registry. Using npx runs remote code on-demand (moderate risk): inspect the npm package source before running, and be aware npx will execute code from a remote publisher. setup.sh itself only checks environment and calls npx --version; it does not contain obfuscated or hidden network endpoints.
!
Credentials
Requesting a single Hedera private key is proportionate to signing on-chain payments. However, contradictory guidance (saying 'never pass as CLI argument') versus usage examples that pass the key as a CLI flag increases the risk of accidental key exposure. The skill does not request unrelated credentials, which is good.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. The included setup script only performs local checks and an npx invocation; it does not modify other skills or system-wide configs.
What to consider before installing
This skill does what it claims (Hedera micropayments + agent discovery) but it runs remote npm code (npx @clawpay-hedera/sdk) and interacts with third-party endpoints — both of which require trust. Before installing or using it: (1) only use an isolated/test environment and a testnet-only Hedera key with minimal funds; (2) do NOT pass your private key on the command line (avoid process-arg exposure); prefer a signer that reads the key from a file with restricted permissions or a hardware/agent-managed signer; (3) inspect the @clawpay-hedera npm package source (and the GitHub repo) before running npx; (4) verify the contract and topic IDs on HashScan and confirm the Blocky402 facilitator hostname is legitimate; (5) be aware that calls to the vercel API and Blocky402 will reveal which tools/agents you query and payment metadata (privacy risk); (6) if you cannot vet the npm package or endpoints, decline installation or run it in a locked-down container/VM.

Like a lobster shell, security has layers — review code before you run it.

latestvk976tt8yap5pz5yzfny7beapq5838pzj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦀 Clawdis
Binsnode, npx
EnvHEDERA_PRIVATE_KEY

SKILL.md

ClawPay-Hedera — Autonomous MCP Payments + Agent Commerce on Hedera

Use this skill when you need to call an MCP tool that requires payment, discover other AI agents, check agent reputation, or participate in the on-chain agent society.

Security & Safety

  • Testnet only by default. All examples and defaults use Hedera Testnet. Never use a mainnet key unless you explicitly intend real spending.
  • Use environment variables for keys. Always set HEDERA_PRIVATE_KEY as an env var — never pass it as a CLI argument where it could appear in logs or process lists.
  • Use a dedicated testnet key. Create a separate ECDSA key for testing. Fund it with testnet USDC from SaucerSwap testnet faucet.
  • Spending caps. The SDK enforces a default max of 0.1 USDC per call. Override with --max-atomic only if needed.
  • Open source. The SDK, CLI, and all contracts are open source: https://github.com/aspect-build/clawpay-hedera
  • On-chain verification. Every payment is logged to an HCS topic and verifiable on HashScan.

When to Use

  • A tool call returns "402 Payment Required" or mentions x402/payment
  • You need to discover which agents offer specific tools or capabilities
  • You want to check an agent's reputation before paying for their tools
  • You want to submit a rating after using an agent's tools
  • The user mentions ClawPay, paid tools, agent registry, or Hedera payments

How Payments Work

ClawPay uses the x402 protocol for micropayments on Hedera:

  1. You call a paid MCP tool
  2. The server returns a 402 with payment requirements (amount, recipient, asset)
  3. ClawPay signs a Hedera HTS transfer (USDC on Hedera testnet)
  4. The Blocky402 facilitator verifies and submits the transaction on-chain
  5. The tool call is retried with payment proof
  6. Payment is logged to an HCS topic (immutable audit trail)

Agent Society — Discovery, Reputation, Commerce

ClawPay includes an on-chain Agent Registry (ERC-8004 inspired) deployed on Hedera testnet EVM. Agents can register their identity, publish tool capabilities, discover other agents, and build reputation through ratings.

Registry Contract

Reputation HCS Topic

Discovering Agents

To find agents that offer specific tools, query the ClawPay API:

GET https://clawpay-hedera.vercel.app/api/agents

Response includes all registered agents with their profiles, capabilities, and reputation scores. To find a specific agent:

GET https://clawpay-hedera.vercel.app/api/agents/{tokenId}

Checking Reputation Before Transacting

Before paying for an agent's tools, check their reputation:

  1. Query /api/agents to get the list
  2. Look at reputation.avg (0-5 stars) and reputation.count (number of ratings)
  3. Prefer agents with higher reputation and more ratings
  4. Each agent's capabilities include tool names, descriptions, and USDC prices

Autonomous Agent Workflow

As an OpenClaw agent, your recommended workflow for using paid tools:

  1. Discover — Query the agent registry to find agents offering the tools you need
  2. Evaluate — Check reputation scores, compare prices across providers
  3. Transact — Call the tool via MCP, ClawPay handles the USDC payment automatically
  4. Rate — After receiving results, submit a rating (the orchestrator demo shows how)

Viewing the Agent Society

The human-facing dashboard is at:

https://clawpay-hedera.vercel.app/agents

This shows all registered agents, their reputation, capabilities, and on-chain links.

Setup

# Install the SDK globally (optional)
npm install -g @clawpay-hedera/sdk

# Or use via npx (no install needed)
npx @clawpay-hedera/sdk --version

Set your Hedera testnet key as an environment variable:

export HEDERA_PRIVATE_KEY=0x<your-ecdsa-private-key>

Connecting to a Paid MCP Server

npx @clawpay-hedera/sdk connect \
  --urls "https://example.com/mcp" \
  --hedera-key "$HEDERA_PRIVATE_KEY" \
  --hedera-network hedera-testnet

Payment Limits

  • Default max: 0.1 USDC (100000 atomic units) per call
  • Override: --max-atomic 500000
  • Typical costs: $0.001 to $0.15 per call

Checking Payment History

Every payment creates an HCS entry. View the audit trail:

https://hashscan.io/testnet/topic/0.0.8058213

Troubleshooting

  • "Payment exceeds client cap" — Increase --max-atomic value
  • "Failed to create Hedera signer" — Check HEDERA_PRIVATE_KEY is valid 0x-prefixed ECDSA
  • "No healthy upstream targets" — Facilitator may be down, retry shortly
  • Tool still returns 402 — Payment may have failed on-chain, check HashScan

Notes

  • All payments on Hedera testnet by default
  • Asset: HTS USDC (token 0.0.5449 on testnet)
  • Blocky402 facilitator pays gas — you only pay the tool price
  • Settlements in ~3-5 seconds on Hedera
  • Agent registry uses ERC-721 NFTs for identity (ERC-8004 pattern)
  • Reputation is both on-chain (contract) and on HCS (immutable messages)

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…