ClawHub
Code Pluginsource linked

Stellar Agent Walletv1.7.0

Stellar USDC wallet for AI agents. Pay 402-gated APIs (x402 or MPP Router), check balances, add USDC trustlines, swap XLM→USDC on the DEX, and send/bridge USDC cross-chain to EVM, Solana, or back to Stellar via Rozo. File-based secret storage, sponsored mode, testnet and mainnet.

stellar-agent-wallet·runtime stellar-agent-wallet·by @shawnmuggle
Community code plugin. Review compatibility and verification before install.
openclaw plugins install clawhub:stellar-agent-wallet
Latest release: v1.7.0Download zip

Capabilities

Tags
executes-code
configSchema
Yes
Executes code
Yes
HTTP routes
0
Runtime ID
stellar-agent-wallet

Compatibility

Built With Open Claw Version
2026.3.24-beta.2
Min Gateway Version
2026.3.24-beta.2
Plugin Api Range
>=2026.3.24-beta.2
Plugin Sdk Version
2026.3.24-beta.2
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Functionality in the code (build/sign XDRs, MPP/x402 support, Rozo bridging, catalog lookups) matches the description: paying 402-gated APIs, swapping, bridging, and local file-based secrets. However registry metadata declares no required credentials/config paths while the code relies on a file secret (default .stellar-secret) and accepts legacy STELLAR_SECRET env keys — that mismatch is noteworthy but explainable (author chose file-based secrets rather than platform-declared envs).
!
Instruction Scope
Runtime code reads a local secret file (default .stellar-secret) and will fallback to .env.prod/.env or env vars (STELLAR_SECRET etc.) if the file is missing. It also writes an autopay directive into the same secret file (writeAutopayCeiling). The skill performs network calls to hardcoded endpoints (apiserver.mpprouter.dev and intentapiv4.rozo.ai) and will submit signed transaction XDRs to remote services. Reading/writing the secret file and sending signed payloads are within wallet scope, but the fallback to env files and the automatic modification of the secret file are scope-creep risks if you didn't expect local file mutation or env-file scanning.
Install Mechanism
There is no separate install spec; the package includes code and a package.json with npm dependencies. That means runtime scripts depend on node packages (e.g., @stellar/stellar-sdk, mppx). Absence of an install spec is not itself dangerous, but it's an operational inconsistency you should be aware of (installers may need to run npm install / have Node >=18). No remote arbitrary binary downloads are used.
!
Credentials
Registry metadata lists no required env vars or config paths, yet the code requires a Stellar signing key stored in a file (or falling back to STELLAR_SECRET / .env.*). The code also scans .env.prod/.env for legacy env keys. The secret handling is mostly cautious (file mode 600, a redactor to avoid accidental prints), but the skill can read environment files and will modify the secret file to store 'autopay-ceiling-usd' directives — these accesses and writes are not declared in the registry metadata and are sensitive operations.
Persistence & Privilege
always:false and no plugin registration/privileged registration. The skill does modify its own secret file (writes autopay directive) and installs a process-local stdout/stderr redactor at runtime (side-effect). It does not appear to change other skills' configuration or system-wide agent settings. The ability to write the user's secret file is a privilege the user should accept consciously.
What to consider before installing
This skill is reasonably coherent as a Stellar agent wallet, but proceed only after you understand the following: - Secrets: The wallet expects a secret key file (default .stellar-secret) and will fall back to .env.prod/.env or STELLAR_SECRET-style env vars if the file is missing. The registry metadata did not declare required credentials — make sure you provide the secret in the intended file and not expose it in environment variables unless you accept that risk. - File writes: The skill can write an autopay directive into your secret file (writeAutopayCeiling). If you prefer the plugin not to modify your secret file, do not use autopay or inspect/modify code to disable that behavior. - Remote endpoints: The client code calls hardcoded endpoints (apiserver.mpprouter.dev and intentapiv4.rozo.ai). Those are legitimate for the advertised features (MPP Router, Rozo), but you should confirm you trust those services and review network activity if you require a different provider (some modules do not expose an override and require editing source to change the base URL). - What to audit before trusting/installing: review scripts/src/stellar-signer.ts and the sign/send code paths to ensure no raw private key is ever transmitted (only signatures/transaction XDRs should be). Confirm you are comfortable with the skill reading .env files in the same directory and with it modifying the secret file. Test thoroughly on testnet before using mainnet funds. - Operational note: dependencies are declared in package.json but there is no install spec; ensure Node >=18 and that dependency installation is handled in your environment. If you want, I can (a) list the exact files and lines where secrets are read/written, (b) inspect stellar-signer.ts to confirm whether the raw secret is ever transmitted, or (c) suggest minimal code edits to avoid writing to the secret file or to make the Rozo/MPP endpoints configurable.

Verification

Tier
source linked
Scope
artifact only
Summary
Validated package structure and linked the release to source metadata.
Source
github.com/mpprouter/stellar-agent-wallet-skill
Commit
2a345c7
Tag
1.7.0
Provenance
No
Scan status
pending

Tags

latest
1.7.0