EM-A2A

v0.1.0

Agent-to-Agent payments on TRON. Use when an agent needs to pay another agent, escrow funds, check credit scores, or verify on-chain identity.

⭐ 0· 20·0 current·0 all-time

by@ypeng1620-beep

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ypeng1620-beep/em-a2a.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "EM-A2A" (ypeng1620-beep/em-a2a) from ClawHub.
Skill page: https://clawhub.ai/ypeng1620-beep/em-a2a
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: A2A_NETWORK, A2A_PRIVATE_KEY
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install em-a2a

ClawHub CLI

Package manager switcher

npx clawhub@latest install em-a2a

Security Scan

Capability signals

CryptoRequires walletCan make purchasesRequires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

Name, description, and declared capabilities (payments, escrow, credit, identity on TRON) align with the declared environment variables A2A_NETWORK and A2A_PRIVATE_KEY and the provided toolset (@poisonpyf/a2a-mcp). The requested credentials are consistent with signing TRON transactions.

Instruction Scope

SKILL.md instructs configuring an MCP to run 'npx @poisonpyf/a2a-mcp' with A2A_PRIVATE_KEY in the environment. That means an external, remote package will run with access to the private key and can make arbitrary network calls. The instructions also imply third-party services (credit/leaderboard/AML) without specifying endpoints or data flows, leaving potential for unexpected data transmission.

ℹ

Install Mechanism

No formal install spec in the skill bundle, but the runtime instructions explicitly run a package from npm via npx. Executing remote npm packages at runtime is a moderate risk because it downloads/executes third-party code on demand; the package scope (@poisonpyf) is not a widely-known vendor, so upstream code should be audited before trusting it with keys.

Credentials

Only A2A_NETWORK and A2A_PRIVATE_KEY are requested, which is proportionate to the stated blockchain payment function. However, the private key is highly sensitive — giving it to a runtime process you do not control (npx-invoked package) creates a high-exposure scenario. No mitigation (e.g., read-only wallet, signing service, or hardware key) is described.

ℹ

Persistence & Privilege

always:false (normal). The skill permits autonomous model invocation (default), which combined with runtime execution of remote code and access to a private key increases blast radius if the package or upstream services are malicious or compromised. The skill does not request persistent system-level privileges or other skills' configs.

What to consider before installing

This skill appears to do what it advertises, but it requires handing a TRON private key to a remote npm package executed at runtime. Before installing or using it: (1) verify and audit the npm package and GitHub repo (check publisher, recent commits, and open-source code), (2) prefer using testnet (shasta) and never expose a production mainnet private key until code is reviewed, (3) consider using a signing service or a limited-scope hot wallet address rather than a full private key in env, (4) pin package versions (do not rely on floating 'latest'), (5) run the package in an isolated environment and monitor network traffic, and (6) if you need autonomous agent invocation with the key, remove autonomous invocation or rotate keys frequently. If you cannot audit the upstream package and backend services (credit/AML endpoints), treat this skill as high-risk and avoid giving it access to valuable keys.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

⚡ Clawdis

EnvA2A_NETWORK, A2A_PRIVATE_KEY

Primary envA2A_PRIVATE_KEY

latestvk97dt9b29kkepevhg2t7wq3g3x85pq91

20downloads

0stars

1versions

Updated 8h ago

v0.1.0

MIT-0

EM-A2A: Agent-to-Agent Payment Protocol

Agent-to-Agent payments, escrow, credit scoring, and identity on the TRON blockchain.

When to Use This Skill

Use em-a2a when:

One agent needs to pay another agent for services, data, or compute
Funds need to be held in escrow until work is delivered and accepted
You need to check an agent's credit score before trusting them
You need to verify an agent's on-chain identity (DID + KYA)
You want to calculate protocol fees before initiating a payment

Not for: Paying API endpoints (use paybot) or HTTP 402 interception (use x402).

Tools

This skill provides 4 MCP tools via @poisonpyf/a2a-mcp:

Tool	When to Call
`a2a_pay`	Transfer USDC/USDT from one agent to another
`a2a_escrow`	Lock funds before work starts, release on completion, refund on dispute
`a2a_credit`	Check credit score, level, trend, and leaderboard for an agent
`a2a_revenue`	Calculate protocol fee before initiating a transaction

Typical Workflow

Hiring Another Agent

1. a2a_credit(agentId)           → Check seller's reputation
2. a2a_revenue(amount, mode)     → Understand the fee structure
3. a2a_escrow(action="lock")     → Lock payment in escrow
4. [Seller delivers work]
5. a2a_escrow(action="release")  → Release funds on acceptance

Direct Payment (no escrow)

1. a2a_credit(agentId)           → Check counterparty reputation
2. a2a_revenue(amount, mode)     → Preview fees
3. a2a_pay(from, to, amount)     → Execute direct transfer

Setup

Add to your MCP client configuration:

{
  "mcpServers": {
    "a2a": {
      "command": "npx",
      "args": ["-y", "@poisonpyf/a2a-mcp"],
      "env": {
        "A2A_NETWORK": "shasta",
        "A2A_PRIVATE_KEY": "your-tron-private-key"
      }
    }
  }
}

Network: Use shasta for testnet, mainnet for production.

Tool Reference

a2a_pay

Transfer tokens between agents. Handles AML screening, revenue calculation, and on-chain execution.

{
  "from": "did:bai:tron:TBu...",
  "to": "did:bai:tron:TSa...",
  "token": "USDC",
  "amount": "1000000",
  "memo": "Payment for smart contract audit"
}

a2a_escrow

Lock/release/refund funds between agents.

// Lock
{ "from": "...", "to": "...", "amount": "500000000", "action": "lock", "task": "Code review" }

// Release (use escrowId from lock result)
{ "from": "...", "to": "...", "amount": "500000000", "action": "release", "escrowId": "esc_abc123" }

// Refund
{ "from": "...", "to": "...", "amount": "500000000", "action": "refund", "escrowId": "esc_abc123" }

a2a_credit

Check agent reputation and creditworthiness.

{ "agentId": "did:bai:tron:TSa..." }

Returns score (300-950), level (excellent/good/fair/poor/none), trend history, and leaderboard.

a2a_revenue

Preview protocol fees. Two modes:

fixed_tier: Volume-based fixed rates (1.0% default, decreases with volume)
variable_float: Risk-adjusted rates (lower risk + higher credit = lower fees)

{ "amount": "100000000", "mode": "fixed_tier" }

Architecture

Agent A (Client)                    Agent B (Server)
     │                                    │
     ├─ a2a_credit(agentB) ──→ credit score
     ├─ a2a_revenue(amount) ─→ fee preview
     ├─ a2a_escrow(lock) ────→ funds locked
     │                                    │
     │         [Agent B delivers work]    │
     │                                    │
     ├─ a2a_escrow(release) ──→ funds released + credit updated
     │                                    │
     └────────── TRON blockchain ─────────┘

Comments

Loading comments...