ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

A2A Payments

v2.0.1

Blockchain USDC payments via APay — pay services, manage budgets, open streaming channels, and handle x402 protocol.

0· 535·0 current·0 all-time
byLê Minh Hiếu@paparusi
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose is making on-chain USDC payments, opening streaming channels, and auto-paying HTTP 402 endpoints. Those actions normally require a signing key or an API/service credential, yet the skill declares no required environment variables, no wallet configuration, and no primary credential. This is incoherent: either the plugin/service needs access to private keys or server-side signing, or the metadata is incomplete.
!
Instruction Scope
SKILL.md instructs the agent to 'use' apay_* tools (check balance, pay services, auto-pay 402 responses) but is vague about confirmation flows, consent, or limits. The x402 auto-payment description implies automatic detection of 402 responses and paying/retrying requests — a behavior that could cause unexpected spending if consent/limits are not enforced. The instructions do not reference reading local files or extra env vars, but the high-level guidance grants broad authority to execute payments without explicit safety steps.
Install Mechanism
The install spec is an npm package (@a2a/openclaw-plugin). Using npm is a common pattern and not inherently malicious, but it means arbitrary code from the package will run in the agent environment. No homepage, publisher information, or checksum is provided in the skill metadata, so the package's provenance and contents should be inspected before installing.
!
Credentials
No environment variables, keys, or API tokens are declared despite the need to authorize and sign payments. This absence is disproportionate to the stated functionality. If the plugin relies on a remote service to sign payments, that service should require and declare credentials; if it expects local wallets, the skill should declare how keys are provided. The current metadata gives no justification for the missing credentials.
Persistence & Privilege
The skill does not request always:true and keeps default autonomous invocation. Autonomous invocation plus the ability to send payments increases risk because the agent could act without a user prompt. The skill lacks documentation of required user confirmations or spending safeguards, which combined with autonomous invocation is notable but not itself a configuration error.
What to consider before installing
Do not install this skill until you verify how payments are authorized and where signing happens. Ask the publisher for documentation showing: (1) whether payments are signed client-side (and how private keys are provided/stored) or server-side (and what API credentials are required), (2) what safeguards prompt for user consent and enforce spending limits, and (3) the npm package source, version, and audit info. If you proceed, test only on the specified testnet, restrict any credentials to least privilege, and review the @a2a/openclaw-plugin package contents (or its source repository) before granting it network or wallet access.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

💰 Clawdis

Install

Install A2A Corp pluginnpm i -g @a2a/openclaw-plugin
basevk977cvnh1cs2bbd5074dzv7r2981mednblockchainvk977cvnh1cs2bbd5074dzv7r2981mednlatestvk972cyn53g28a4130ekfakwn7581mak0paymentsvk972cyn53g28a4130ekfakwn7581mak0usdcvk972cyn53g28a4130ekfakwn7581mak0
535downloads
0stars
2versions
Updated 5h ago
v2.0.1
MIT-0
Lê Minh Hiếu@paparusi
baseblockchainlatestpaymentsusdc
Download

A2A Payments (APay)

Blockchain-native USDC payments for AI agents on Base chain. Pay for services, manage budgets, and handle micropayments.

Quick Start

Check your balance:

Use apay_check_balance to see my USDC balance

Pay a service:

Use apay_pay_service with serviceId "svc-123" and amount "0.50"

Available Tools

Balance & Budget

ToolDescription
apay_check_balanceCheck USDC balance, daily budget, spending limits
apay_budget_checkVerify if a specific amount is affordable
apay_spending_historyGet spending analytics and history

Payments

ToolDescription
apay_pay_servicePay a service (agent pays gas)
apay_pay_signedGasless signed payment (server submits on-chain)
apay_estimate_costEstimate cost including 0.5% platform fee

Services

ToolDescription
apay_list_servicesList available APay services
apay_get_serviceGet detailed service info

Payment Channels (Streaming)

ToolDescription
apay_channel_statusCheck channel status
apay_stream_openOpen channel with USDC deposit
apay_stream_paySign off-chain micropayment
apay_stream_closeClose channel (refund unspent)

x402 Protocol

ToolDescription
apay_x402_fetchFetch URL with automatic x402 payment on HTTP 402

Workflows

Pay for a tool execution

  1. apay_budget_check — verify affordability
  2. apay_estimate_cost — see total with fees
  3. apay_pay_service — execute payment
  4. Receive payment receipt with tx hash

Streaming micropayments

For services that charge per-request (API calls, data feeds):

  1. apay_stream_open — deposit USDC into channel
  2. apay_stream_pay — sign micropayments (off-chain, instant)
  3. apay_stream_close — settle on-chain, refund remainder

x402 auto-payment

For services using the HTTP 402 payment protocol:

Use apay_x402_fetch with url "https://api.example.com/premium/data" and maxPayment "1.00"

The tool automatically detects 402 responses, pays the required amount, and retries the request.

Network

  • Chain: Base (Coinbase L2)
  • Stablecoin: USDC (6 decimals)
  • Model: Escrow-based sessions with spending limits
  • Testnet: base-sepolia for development

Comments

Loading comments...