ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Paid Actions

v0.2.2

Use the openclaw_paid_action tool to list actions, generate USDC invoices, and execute only after manual payment confirmation on Solana.

0· 518·1 current·1 all-time
byIcey@icetroll
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (paid actions, USDC invoices, Solana confirmation) match the declared needs: node binary, a payment recipient (OPENCLAW_USDC_PAY_TO), an invoice signing secret, and an invoice store path. Config keys are scoped to plugins.entries.openclaw-paid-actions, which is coherent for a plugin.
Instruction Scope
SKILL.md is instruction-only and instructs the agent to call an external tool openclaw_paid_action to list/quote/invoice/confirm/wait/execute. It documents that action inputs are surfaced to executed commands via OPENCLAW_PAID_ACTION_INPUT_JSON. This is expected for the purpose but means any configured action command will run with that input and can access local system resources; verify that configured commands are reviewed and safe before enabling autonomous execution.
Install Mechanism
No install spec and no code files are present (instruction-only). This lowers delivery risk because nothing is downloaded or written by an installer from the skill bundle itself. However the skill assumes an out-of-band implementation of openclaw_paid_action is already installed and trusted.
Credentials
Requested env vars are appropriate for a payment/invoice plugin (pay-to address, signing secret, persistent store path). The invoice secret is a sensitive credential and invoiceStorePath implies file-system persistence; ensure the secret's scope and storage permissions are limited. No unrelated credentials are requested.
Persistence & Privilege
The skill declares required config paths under plugins.entries.openclaw-paid-actions.* which implies it will be enabled/configured in agent plugin settings and may persist secrets/config. always is false (not force-included). This is reasonable for a plugin but be aware enabling it grants the plugin ability to run configured commands and store invoices/secrets in the agent's config/storage.
Assessment
What to check before installing: 1) Confirm you have a trusted implementation of the openclaw_paid_action tool (source, release, or vendor) because the SKILL is instruction-only. 2) Review every configured action command (e.g., scripts/paid-actions/*) before enabling; those commands execute with the agent's privileges and receive the action input via OPENCLAW_PAID_ACTION_INPUT_JSON. 3) Store OPENCLAW_PAID_ACTIONS_INVOICE_SECRET securely and consider using a signing key with limited scope/funds for testing. 4) Ensure invoice store path is on a secure filesystem and that the agent's config storage is trusted. 5) Limit tools.allow and do not enable autonomous invocation unless you trust the configured actions and have enforced reviewed-scripts policy. 6) If you need higher assurance, ask the publisher for source code or a release URL and verify the openclaw_paid_action implementation before enabling the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fhqbqqecfvnxcy8csmn0a6181d86m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💸 Clawdis
Binsnode
EnvOPENCLAW_USDC_PAY_TO, OPENCLAW_PAID_ACTIONS_INVOICE_SECRET, OPENCLAW_PAID_ACTIONS_INVOICE_STORE_PATH
Configplugins.entries.openclaw-paid-actions.enabled, plugins.entries.openclaw-paid-actions.config.payTo, plugins.entries.openclaw-paid-actions.config.invoiceSecret, plugins.entries.openclaw-paid-actions.config.invoiceStorePath, plugins.entries.openclaw-paid-actions.config.actions

SKILL.md

OpenClaw Paid Actions

Use this skill when an action must be paid before it runs.

Tool: openclaw_paid_action

This skill is instruction-only. It expects a trusted installed implementation of the openclaw-paid-actions plugin that provides openclaw_paid_action.

Actions:

  • list: List configured paid actions.
  • quote: Build USDC payment instructions for an action.
  • invoice: Create a signed invoice token for an action/input.
  • status: Check current invoice payment status.
  • wait: Poll until the invoice is paid (or timeout/expiry).
  • confirm (or pay alias): Validate payment transaction on-chain, then mark invoice paid.
  • execute: Run the action after invoice is confirmed paid.

Typical Flow

  1. Call openclaw_paid_action with action: "list" to discover action IDs.
  2. Call openclaw_paid_action with action: "invoice" and actionId (plus optional input, recipient, memo).
  3. Send the returned invoiceMessage or paymentInstructions to the payer.
  4. After payment is received, call openclaw_paid_action with action: "confirm" and invoice (or invoiceId) plus transaction to validate on-chain and mark paid. You can also pass paymentProofText with the raw user reply; the tool extracts the Solana tx signature automatically.
  5. Call openclaw_paid_action with action: "wait" (or status) to know when it is paid.
  6. Call openclaw_paid_action with action: "execute" and invoice to run after payment.

Plugin Config

Configure under plugins.entries.openclaw-paid-actions.config:

{
  "network": "solana:mainnet",
  "payTo": "${OPENCLAW_USDC_PAY_TO}",
  "invoiceSecret": "${OPENCLAW_PAID_ACTIONS_INVOICE_SECRET}",
  "invoiceStorePath": "${OPENCLAW_PAID_ACTIONS_INVOICE_STORE_PATH}",
  "allowRunAsRoot": false,
  "requirePersistentInvoiceSecret": true,
  "requireInvoiceStorePath": true,
  "enforceReviewedScripts": true,
  "reviewedScriptsRoot": "scripts/paid-actions",
  "requiredNodeMajor": 20,
  "defaultInvoiceWaitSeconds": 900,
  "invoicePollIntervalMs": 3000,
  "maxTimeoutSeconds": 120,
  "defaultTaskTimeoutMs": 30000,
  "maxOutputBytes": 32768,
  "actions": {
    "x-shoutout": {
      "description": "Post a paid shoutout on X",
      "command": ["node", "scripts/paid-actions/x-shoutout.mjs"],
      "cwd": ".",
      "price": "0.03",
      "timeoutMs": 45000
    }
  }
}

Notes:

  • Each action runs exactly the configured command array.
  • Invoice execution uses the input embedded in the invoice token.
  • Action input is exposed as OPENCLAW_PAID_ACTION_INPUT_JSON.
  • Command output is truncated at maxOutputBytes.
  • If notifySessionKey is set on invoice creation, the gateway emits a system event when payment is recorded.
  • The tool is optional in OpenClaw; add openclaw_paid_action to agent tools.allow.
  • Production defaults block startup if invoiceSecret or invoiceStorePath is missing.
  • Production defaults block unreviewed commands; keep actions under scripts/paid-actions.
  • Review every configured action command before enabling autonomous execution.

Real Action Inputs

For x-shoutout:

{
  "handle": "openclaw",
  "message": "Huge shoutout to @openclaw for supporting this build!",
  "link": "https://x.com/openclaw"
}

For discord-shoutout:

{
  "name": "Daniel",
  "note": "Thanks for supporting the build."
}

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…