Mayar.id Payment

Integrate Mayar.id for Indonesian payments to create invoices, generate payment links, track transactions, manage subscriptions, and automate payment workflo...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 1.5k · 0 current installs · 0 all-time installs

by@ahsanatha

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The SKILL.md and README clearly describe a Mayar.id payment integration (invoice creation, transaction queries, webhooks) and the included references align with that purpose. HOWEVER the registry metadata did not declare any required credentials or binaries even though the documentation requires an API key, mcporter, and Node/npx — this metadata omission is an inconsistency.

ℹ

Instruction Scope

Instructions stay within the payment-integration scope (create credentials file, add mcporter server, call mcporter tools, register webhooks). They do instruct writing credentials to ~/.config/mayar/credentials and embedding the API token into config/mcporter.json Authorization header (which is functionally necessary but can leak if configs are not handled securely). No instructions ask the agent to read unrelated system files or exfiltrate data to unexpected endpoints; endpoints referenced are Mayar domains.

Install Mechanism

There is no formal install spec (instruction-only), but the mcporter configuration calls npx mcp-remote at runtime. That implies dynamic download-and-execute of the 'mcp-remote' npm package when mcporter starts. The skill/package does not declare or vet that package in the metadata; dynamic npx execution is a higher-risk behavior and should be reviewed (verify the npm package source and integrity) before enabling.

Credentials

The skill requires a sensitive Mayar API JWT token (documented in SKILL.md) but the registry metadata declares no required env vars or primary credential — a mismatch. The instructions ask you to store the token in a local credentials file and to place it in the mcporter.json Authorization header; this is proportional to the payment use-case but is sensitive and should be protected (platform-managed secret store preferred).

✓

Persistence & Privilege

The skill does not request always:true, does not modify other skills, and has no install that writes persistent system-wide components. Its persistence is limited to the user-supplied credential file and mcporter configuration, which is expected for this integration.

What to consider before installing

This skill looks like a real Mayar payment integration, but take care before installing: 1) The package metadata doesn't list the API key or required binaries even though SKILL.md requires a Mayar JWT and mcporter/Node (metadata mismatch). 2) Review and protect your API token — the docs tell you to store it in ~/.config/mayar/credentials and to embed it in config/mcporter.json; prefer using your platform's secret storage if available and avoid committing configs to VCS. 3) The mcporter config uses `npx mcp-remote`, which will fetch and execute code from npm at runtime — verify the 'mcp-remote' package (author, version, audit) before enabling, since dynamic npx execution can run arbitrary code. 4) Test in a sandbox/sandbox Mayar environment (web.mayar.club) first and validate webhook handling and token scope. 5) If you need higher assurance, ask the skill author for the exact npm package version, a checksum, or a signed release and for updated registry metadata that declares the required credential and binaries.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk971rpjbnhh6ekaq6ndnxd5f0h808tsx

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Mayar Payment Integration

Integrate Mayar.id payment platform via MCP (Model Context Protocol) for Indonesian payment processing.

Prerequisites

Mayar.id account - Sign up at https://mayar.id
API Key - Generate from https://web.mayar.id/api-keys
mcporter configured - MCP must be set up in Clawdbot

Setup

1. Store API Credentials

mkdir -p ~/.config/mayar
cat > ~/.config/mayar/credentials << EOF
MAYAR_API_TOKEN="your-jwt-token-here"
EOF
chmod 600 ~/.config/mayar/credentials

2. Configure MCP Server

Add to config/mcporter.json:

{
  "mcpServers": {
    "mayar": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote",
        "https://mcp.mayar.id/sse",
        "--header",
        "Authorization:YOUR_API_TOKEN_HERE"
      ]
    }
  }
}

Replace YOUR_API_TOKEN_HERE with actual token.

3. Test Connection

mcporter list mayar

Should show 15+ available tools.

Core Workflows

Create Invoice with Payment Link

Most common use case: Generate payment link for customer.

mcporter call mayar.create_invoice \
  name="Customer Name" \
  email="email@example.com" \
  mobile="\"628xxx\"" \
  description="Order description" \
  redirectURL="https://yoursite.com/thanks" \
  expiredAt="2026-12-31T23:59:59+07:00" \
  items='[{"quantity":1,"rate":500000,"description":"Product A"}]'

Returns:

{
  "id": "uuid",
  "transactionId": "uuid", 
  "link": "https://subdomain.myr.id/invoices/slug",
  "expiredAt": 1234567890
}

Key fields:

mobile - MUST be string with quotes: "\"628xxx\""
expiredAt - ISO 8601 format with timezone
items - Array of {quantity, rate, description}
redirectURL - Where customer goes after payment

WhatsApp Integration Pattern

// 1. Create invoice
const invoice = /* mcporter call mayar.create_invoice */;

// 2. Format message
const message = `
✅ *Order Confirmed!*

*Items:*
• Product Name
  Rp ${amount.toLocaleString('id-ID')}

*TOTAL: Rp ${total.toLocaleString('id-ID')}*

💳 *Pembayaran:*
${invoice.data.link}

⏰ Berlaku sampai: ${expiryDate}

Terima kasih! 🙏
`.trim();

// 3. Send via WhatsApp
message({
  action: 'send',
  channel: 'whatsapp',
  target: customerPhone,
  message: message
});

Check Payment Status

# Get latest transactions (check if paid)
mcporter call mayar.get_latest_transactions page:1 pageSize:10

# Get unpaid invoices
mcporter call mayar.get_latest_unpaid_transactions page:1 pageSize:10

Filter by status: "created" (unpaid) → "paid" (success).

Other Operations

# Check account balance
mcporter call mayar.get_balance

# Get customer details
mcporter call mayar.get_customer_detail \
  customerName="Name" \
  customerEmail="email@example.com" \
  page:1 pageSize:10

# Filter by time period
mcporter call mayar.get_transactions_by_time_period \
  page:1 pageSize:10 \
  period:"this_month" \
  sortField:"createdAt" \
  sortOrder:"DESC"

Common Patterns

Multi-Item Invoice

items='[
  {"quantity":2,"rate":500000,"description":"Product A"},
  {"quantity":1,"rate":1000000,"description":"Product B"}
]'
// Total: 2M (2×500K + 1×1M)

Subscription/Recurring

Use membership tools:

mcporter call mayar.get_membership_customer_by_specific_product \
  productName:"Premium Membership" \
  productLink:"your-product-link" \
  productId:"product-uuid" \
  page:1 pageSize:10 \
  memberStatus:"active"

Payment Confirmation Flow

Option A: Webhook (Real-time)

Register webhook URL with Mayar
Receive instant payment notifications
Best for production

Option B: Polling (Simpler)

Poll get_latest_transactions every 30-60s
Check for new payments
Best for MVP/testing

Troubleshooting

404 on payment link:

Link format: https://your-subdomain.myr.id/invoices/slug
Check dashboard for correct subdomain
Default may be account name

Invalid mobile number:

Mobile MUST be string: "\"628xxx\"" (with escaped quotes)
Format: 628xxxxxxxxxx (no + or spaces)

Expired invoice:

Default expiry is expiredAt timestamp
Customer can't pay after expiration
Create new invoice if needed

Reference Documentation

API Details: See references/api-reference.md
Integration Examples: See references/integration-examples.md
MCP Tools Reference: See references/mcp-tools.md

Production Checklist

Use production API key (not sandbox)
Setup webhook for payment notifications
Error handling for failed invoice creation
Store invoice IDs for tracking
Handle payment expiration
Customer database integration
Receipt/confirmation automation

Environments

Production:

Dashboard: https://web.mayar.id
API Base: https://api.mayar.id/hl/v1/

Sandbox (Testing):

Dashboard: https://web.mayar.club
API Base: https://api.mayar.club/hl/v1/

Files

5 total

Select a file

Select a file to preview.

Comments

Loading comments…