ClawHub

antom-integration

v1.0.0

A skill dedicated to Antom payment integration, helping merchants select the right product and integration approach based on business needs, and build code....

0· 69·0 current·0 all-time
by@ant-intl

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ant-intl/antom-integration.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "antom-integration" (ant-intl/antom-integration) from ClawHub.
Skill page: https://clawhub.ai/ant-intl/antom-integration
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install antom-integration

ClawHub CLI

Package manager switcher

npx clawhub@latest install antom-integration
Security Scan
Capability signals
CryptoRequires walletCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (payment integration guidance + code examples) align with the actual content: SDK selection, product decision, integration checklist and security rules. No unexpected environment variables or binaries are requested.
Instruction Scope
Instructions are limited to reading online Antom documentation (via curl examples), following SDK guidance, and performing integration validation. They do not instruct reading local secrets or system files. Note: an example curl URL is obfuscated and many referenced docs are hosted on a third-party CDN (cdn.marmot-cloud.com) rather than only antom.com — this is worth verifying before trusting the fetched content.
Install Mechanism
No install spec and no code files — lowest-risk instruction-only skill. Nothing will be written to disk by the skill itself.
Credentials
The skill requests no environment variables or credentials and does not prompt for unrelated secrets. It explicitly warns about security best practices for private keys and async notification verification, which is appropriate for a payments integration guide.
Persistence & Privilege
Skill is not always-enabled and uses default invocation behavior. It does not request persistent system privileges or modification of other skills' configurations.
Assessment
This skill appears coherent for guiding Antom payment integrations and does not ask for credentials or install code, but the skill's source/packaging is unknown and several documentation links point to a third-party CDN (cdn.marmot-cloud.com). Before using: (1) verify that links and code examples come from Antom's official site (https://www.antom.com) or an official CDN, (2) avoid pasting private keys into client-side code and follow the provided security red lines, (3) review any fetched README or SDK downloads for authenticity (TLS certs, checksums), and (4) validate code samples in a safe test environment before deploying to production.

Like a lobster shell, security has layers — review code before you run it.

latestvk976k0kqxe8kbhfg8yjgb2w68d85159q
69downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@ant-intl
latest
Download

All Antom product documentation is available via online dynamic links. Before integration, make sure to read the corresponding product's online documentation to get the latest API parameters and code examples.

Document Access Guidelines

To access Antom online documentation, fetch content directly using curl:

# Example: Get One-time Payments CKP documentation
curl -sL "https://****/****.md"

Important: Before writing code, make sure to read the corresponding product's online documentation via curl. The documentation contains the latest API parameters, code examples, and important notes.

Get Integration Documentation

SDK Selection

  • SDK Selection: To help developers call open interfaces, Alipay provides open platform server-side SDKs, including Java, PHP, Node.js, Python and .NET languages, encapsulating signature and verification, HTTP interface requests and other basic functions. Please download the latest version of the server-side SDK for your language and import it into your development project. SDK Description

Product Selection

Read Product Decision, match keywords based on user input, and only recommend payment products and integration solutions. Always use Clarification Template for product and integration solution confirmation.

Blocking Checkpoint: Product Categories step completion criteria (all of the following must be satisfied before proceeding to subsequent steps)

  • SDK Selection has been read
  • Product documentation has been read (required recursive reading items: Quick Start, API List, Asynchronous Notification, SampleCode Instructions)

Integration Validation

Perform validation during integration and before production launch to ensure signature verification, asynchronous notifications, and exception handling meet specifications. Validation results are for reference only; developers must check against the latest Antom Open Platform documentation. See: Integration Checklist

Information Retrieval

Keys, gateway URL selection, ClientId and all other content retrieval: Antom Official Website

Security Red Lines

⛔ The following rules are security red lines for Antom payment integration. Violations may lead to financial loss or security incidents and must be strictly adhered to.

  • Private Key Must NOT Be Stored on the Client Side: Transaction data construction and signing must be completed on the merchant's server. The private key must absolutely NOT be stored in the merchant's APP client.
  • Private Key Must NOT Be Logged: The private key must not appear in any logs.
  • Private Key Must NOT Be Committed to Public Repositories: The private key must not be uploaded to public code repositories like GitHub or GitLab.
  • Client-side Payment Results Are Untrustworthy: The synchronous redirect result on the client side is untrustworthy. The result must be confirmed via Antom's asynchronous notification (Notify) or by calling the transaction query API.
  • No Repayment Before Confirmation: Before the payment result is confirmed, the user must not be asked to pay again. The payment result must first be confirmed via asynchronous notification or the query API.
  • Asynchronous Notifications Must Be Verified First: Upon receiving an asynchronous notification, signature verification must be performed first to ensure the notification is from Antom.

Comments

Loading comments...