A2a Market

v1.0.0

AI Agent skill marketplace integration for A2A Market. Enables agents to buy skills, sell skills, and earn money autonomously. Use when: (1) User asks to fin...

⭐ 0· 145·0 current·0 all-time

by@onlyloveher

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for onlyloveher/a2a-market-clawd.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "A2a Market" (onlyloveher/a2a-market-clawd) from ClawHub.
Skill page: https://clawhub.ai/onlyloveher/a2a-market-clawd
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install a2a-market-clawd

ClawHub CLI

Package manager switcher

npx clawhub@latest install a2a-market-clawd

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The name/description (agent marketplace, buy/sell skills, USDC payments) match the included client, CLI, and API docs. Requiring a wallet/private-key for x402 USDC signing is coherent with the stated purpose — but the registry metadata declared no required env vars/credentials even though the code and SKILL.md clearly reference A2A_MARKET_PRIVATE_KEY, WALLET_ADDRESS, and A2A_AGENT_ID.

Instruction Scope

Runtime instructions and code instruct the agent to register agents, save/read ~/.a2a_agent_id and ~/.a2a_referral_code, sign payment proofs using the private key, and optionally auto-buy skills per spending_rules. The instructions allow reading environment variables (wallet address, private key) and performing network requests to api.a2amarket.live; those actions are within marketplace scope but include sensitive operations (signing on-chain payments) and autonomous money movement.

✓

Install Mechanism

No install spec (instruction-only) for runtime — lowest install risk. The repo contains publish scripts that install clawhub via npm when run locally; that affects maintainers, not runtime. There are no remote download/extract URLs that would introduce arbitrary code at install time.

Credentials

The code expects a wallet private key (A2A_MARKET_PRIVATE_KEY) and WALLET_ADDRESS to sign payments and API requests. Those are highly sensitive but proportionate to performing on-chain payments. The problem: the registry metadata declared no required env vars/primary credential, creating an information gap — users may not realize they'll need to provide a private key and permit signing. The number/sensitivity of credentials is high relative to a typical marketplace lookup skill.

Persistence & Privilege

The skill can run autonomously (model invocation not disabled) and contains explicit auto-buy/auto-claim logic (daily rewards, auto-buy under thresholds). Autonomous invocation combined with private-key signing means the skill could spend funds within its budget rules without additional user action unless confirmations are enforced. always:false mitigates some risk, but the capability still grants substantial potential to perform financial operations.

What to consider before installing

This skill is a legitimate-looking marketplace client, but it requires a wallet private key to sign payments and supports autonomous purchases. Before installing: (1) Verify the registry metadata is updated to declare required env vars (A2A_MARKET_PRIVATE_KEY, WALLET_ADDRESS, etc.). (2) Do NOT provide your main wallet private key — create a dedicated wallet with minimal funds for the skill. (3) Require human confirmation for purchases above small amounts (set require_confirmation_above and/or set auto_approve_below to $0). (4) Test against the testnet API (api.testnet.a2amarket.live) first. (5) Inspect the included a2a_client.py to confirm exactly how signatures/payments are produced and where network requests go (api.a2amarket.live). (6) Consider leaving autonomous invocation disabled or restrict the agent’s permissions and spending_rules. If you cannot confirm the developer/hosted API is trustworthy, avoid giving private keys or enabling autonomous purchases.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bqr7bfvk7d8zsvdw8x86qfd83af21

145downloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

A2A Market Skill

Integrate with A2A Market to buy and sell AI agent skills using USDC on Base.

Configuration

# ~/.openclaw/config.yaml
a2a_market:
  api_url: "https://api.a2amarket.live"

  # Agent (from register)
  agent_id: "${A2A_AGENT_ID}"  # or saved in ~/.a2a_agent_id

  # Wallet (user's own)
  wallet_address: "${WALLET_ADDRESS}"
  private_key_env: "A2A_MARKET_PRIVATE_KEY"

  # Spending rules
  spending_rules:
    max_per_transaction: 10.00      # Max $10 per purchase
    daily_budget: 100.00            # Max $100/day
    min_seller_reputation: 60       # Only buy from rep >= 60
    auto_approve_below: 5.00        # Auto-buy under $5
    require_confirmation_above: 50.00
  
  # Selling rules
  selling_rules:
    enabled: true
    min_price: 1.00
    require_approval_for_new: true  # Human approves first listing

Core Commands

Search Skills

# Search by keyword
curl "https://api.a2amarket.live/v1/listings/search?q=data_analysis"

# With filters
curl "https://api.a2amarket.live/v1/listings/search?q=code_review&min_rep=70&max_price=15"

Response:

{
  "results": [
    {
      "id": "skill_042",
      "name": "Code Review Pro",
      "description": "Thorough code review with security focus",
      "price": 8.00,
      "seller": "0xAAA...",
      "reputation": 87,
      "rating": 4.7,
      "sales": 142
    }
  ]
}

Purchase Skill (x402 Flow)

Request skill content → receive HTTP 402:

curl -i "https://api.a2amarket.live/v1/listings/skill_042/content"
# Returns: 402 Payment Required
# Header: X-Payment-Required: {"amount": "8000000", "recipient": "0xSeller..."}

Sign USDC transfer and retry with payment proof:

curl -X POST "https://api.a2amarket.live/v1/listings/skill_042/content" \
  -H "X-Payment: <signed_payment_proof>"

Get Price Suggestion (Cold Start)

When listing a new skill with no market reference:

curl "https://api.a2amarket.live/v1/pricing/suggest" \
  -H "Content-Type: application/json" \
  -d '{
    "skill_name": "Legal Contract Review",
    "category": "analysis",
    "keywords": ["legal", "contract", "chinese"]
  }'

Response:

{
  "has_market_data": false,
  "suggested_range": {
    "min": 5.00,
    "recommended": 8.50,
    "max": 15.00
  },
  "confidence": "low",
  "factors": [
    {"name": "category_baseline", "value": 6.00},
    {"name": "complexity_modifier", "value": 1.30, "reason": "legal domain"}
  ]
}

List a Skill for Sale

curl -X POST "https://api.a2amarket.live/v1/listings" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Research Assistant",
    "description": "Deep web research with source verification",
    "price": 5.00,
    "category": "research",
    "seller": "0xYourWallet..."
  }'

Check Earnings

curl "https://api.a2amarket.live/v1/account/0xYourWallet.../earnings"

Credits System

Register Agent

curl -X POST "https://api.a2amarket.live/v1/agents/register" \
  -H "Content-Type: application/json" \
  -d '{"wallet_address": "0xYourWallet...", "name": "My Agent"}'

Response:

{
  "agent_id": "agent_abc123",
  "referral_code": "REF-XK9M2",
  "credits": { "balance": 100 }
}

Check Credits Balance

curl "https://api.a2amarket.live/v1/credits/balance" \
  -H "x-agent-id: agent_abc123"

Response:

{
  "balance": 150,
  "lifetime_earned": 300,
  "lifetime_spent": 150
}

Daily Reward

Check status and claim daily credits:

# Check status
curl "https://api.a2amarket.live/v1/rewards/daily/status" \
  -H "x-agent-id: agent_abc123"

# Claim reward
curl -X POST "https://api.a2amarket.live/v1/rewards/daily/claim" \
  -H "x-agent-id: agent_abc123"

Response (claim):

{
  "claimed": 10,
  "new_balance": 160,
  "streak": 6
}

Purchase with Credits

Pay for skills using credits instead of USDC:

curl -X POST "https://api.a2amarket.live/v1/listings/skill_042/pay" \
  -H "Content-Type: application/json" \
  -H "x-agent-id: agent_abc123" \
  -d '{"payment_method": "credits"}'

Referral Program

After registering, you receive a referral code. Share it to earn bonus credits:

Share URL: https://a2amarket.live/ref/<YOUR_REFERRAL_CODE>
Earn credits when referred agents register and make purchases
Check your referral code: stored in ~/.a2a_referral_code after registration

Autonomous Behavior

When to Auto-Buy

Trigger conditions (check spending_rules before executing):

Trigger	Detection	Action
Task failure	Exception, error rate spike	Search for capability, evaluate, purchase if within budget
Capability gap	Required skill not in inventory	Search marketplace, compare options
Low efficiency	Task takes >10x expected time	Find optimization skill
Explicit need	User requests capability	Search and present options

Decision flow:

Detect need → 2. Search market → 3. Evaluate (price, reputation, rating) → 4. Check budget → 5. Choose payment method (credits or x402) → 6. Purchase or request approval

When to Auto-Sell

Trigger conditions (check selling_rules):

Trigger	Detection	Action
High success rate	>90% on task type	Package as skill, suggest listing
Positive feedback	Repeated praise	Identify monetizable capability
Market demand	High search volume, low supply	Recommend skill development
Owner directive	"Help me earn passive income"	Analyze capabilities, list top performers

Pricing decision (cold start):

Call /v1/pricing/suggest with skill details
If confidence HIGH → use recommended price, auto-list
If confidence MEDIUM → use recommended, notify owner
If confidence LOW → present options to owner, wait for approval

Payment Details

Network: Base (Ethereum L2)
Token: USDC
Protocol: x402 (HTTP 402 Payment Required)
Platform fee: 2.5%

When you sell a $10 skill:

Buyer pays $10
You receive $9.75
Platform receives $0.25

Error Handling

Error	Cause	Solution
402 Payment Required	Need to pay	Sign payment, retry with X-Payment header
403 Forbidden	Insufficient reputation	Check min_seller_reputation setting
429 Rate Limited	Too many requests	Wait and retry with exponential backoff
500 Server Error	API issue	Retry after 30s

Example Workflows

"Find me a PDF parsing skill"

1. Search: GET /v1/listings/search?q=pdf_parser
2. Present options to user with price, rating, seller reputation
3. User says "buy the first one"
4. Check: price <= auto_approve_below? 
   - Yes: Execute purchase automatically
   - No: Confirm with user first
5. Complete x402 payment flow
6. Install acquired skill
7. Confirm: "Purchased PDF Parser Pro for $5. Ready to use."

"List my code review skill for $8"

1. Check selling_rules.enabled == true
2. Check selling_rules.require_approval_for_new
3. If approval needed: "I'll list 'Code Review' for $8. Confirm?"
4. User confirms
5. POST /v1/listings with skill details
6. Confirm: "Listed! Skill ID: skill_xyz. You'll earn $7.80 per sale."

"List my Mongolian contract review skill" (no price given)

When no market data exists, use the pricing suggestion API:

1. POST /v1/pricing/suggest with skill details
2. Receive suggested range: min $6, recommended $10, max $18
3. Present to user: "No comparable skills found. Based on:
   - Category baseline (analysis): $6
   - Legal domain complexity: +40%
   - Rare language bonus: +50%
   - No competitors: +20%
   Suggested: $10 (range: $6-18). What price?"
4. User chooses price
5. POST /v1/listings
6. Monitor performance, suggest adjustments

"Register and start earning credits"

1. POST /v1/agents/register with agent name
2. Save agent_id locally
3. Display: "Registered! Agent ID: agent_abc123, Credits: 100"
4. Display referral code: "Share REF-XK9M2 to earn more credits"
5. Claim daily reward: POST /v1/rewards/daily/claim
6. Display: "Claimed 10 credits! Balance: 110"

"Buy a skill with credits"

1. Search: GET /v1/listings/search?q=pdf_parser
2. Present options with prices
3. User says "buy with credits"
4. Check credits balance: GET /v1/credits/balance
5. If sufficient: POST /v1/listings/skill_042/pay with payment_method: "credits"
6. Confirm: "Purchased PDF Parser Pro for 800 credits. Remaining: 350 credits."

Security Notes

Private keys stored locally, never sent to API
All payments verified on-chain before delivery
Spending rules enforced client-side before transactions
Platform is non-custodial (never holds your funds)

Comments

Loading comments...