ClawHub

Merso Integration

v1.0.5

Integrate Merso PNPL (Play Now, Pay Later) payments into games or digital goods platforms. Use when a user wants to: (1) add Merso installment payments to a...

0· 147·0 current·0 all-time
byAlfredo Bárcena@dreadterror

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for dreadterror/merso-integration.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Merso Integration" (dreadterror/merso-integration) from ClawHub.
Skill page: https://clawhub.ai/dreadterror/merso-integration
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: MERSO_GAME_ID, MERSO_API_KEY, MERSO_ENV
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install merso-integration

ClawHub CLI

Package manager switcher

npx clawhub@latest install merso-integration
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Merso PNPL integration) match the declared requirements (MERSO_ENV, MERSO_GAME_ID, MERSO_API_KEY) and the included reference docs describe API endpoints, webhooks, DB schema and integration flow that a merchant would need.
Instruction Scope
SKILL.md and references provide concrete integration steps (auth, token caching, POST /merso-buy-item, webhook setup/verification, fallback verify endpoint) which are appropriate. Note: it advises caching/auto-renewing tokens and gives a webhook verification example using MERSO_API_KEY as an HMAC secret — valid but implementers should securely store tokens and confirm the actual webhook signing scheme with Merso before trusting production traffic.
Install Mechanism
Instruction-only skill with no install spec and no code files — minimal surface area and nothing is written to disk by the skill itself.
Credentials
Only three environment variables are required and they are directly relevant to a payment integration: environment, game ID, and API key. No unrelated credentials or broad system config are requested.
Persistence & Privilege
Skill is not always-enabled, is user-invocable, and has no install/runtime components that request persistent system-level privileges or modify other skills' configurations.
Assessment
This is a coherent integration guide for Merso and does not request unrelated access. Before installing or using it: (1) treat MERSO_API_KEY as a sensitive secret — never expose it to client-side code and store tokens securely; (2) confirm with Merso the exact webhook signing header and secret (the doc uses MERSO_API_KEY as an example HMAC key — verify this); (3) restrict webhook endpoints (HTTPS, IP allowlist if no signature) and implement idempotent handlers as instructed; (4) test fully in the development base URL (api2.dev.merso.io) before production; (5) be aware the commercial docs make product claims (zero KYC, license expiry model) that you should validate with legal/compliance for your region. The skill is instruction-only, so it itself will not install code or fetch remote binaries.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

EnvMERSO_GAME_ID, MERSO_API_KEY, MERSO_ENV
latestvk97fhnk84w2ek4at35qv1n74mx83jf9h
147downloads
0stars
4versions
Updated 1mo ago
v1.0.5
MIT-0
Alfredo Bárcena@dreadterror
latest
Download

Merso Integration Skill

Merso is a PNPL (Play Now, Pay Later) platform for digital goods for games like NFTs, web2 in-game assets and virtual currency packs. It is not a credit product. It issues software licenses that grant immediate access; the license expires automatically if installment payments stop. Zero KYC, zero underwriting, zero credit risk for the merchant.

Key references

  • Full API + integration guide: See references/api.md
  • Commercial context, case studies, and pitch info: See references/commercial.md

When to load references

  • Load references/api.md for any technical integration task (endpoints, webhooks, DB schema, Node.js config, flow)
  • Load references/commercial.md for pitch preparation, case studies, GMV metrics, or partner context

Integration checklist

  1. Set env vars: MERSO_ENV, MERSO_GAME_ID, MERSO_API_KEY
  2. Authenticate → cache Bearer token (auto-renew 30 min before expiry)
  3. Implement POST /merso-buy-item with a unique itemId per purchase
  4. Register webhook URL via POST /set-webhook-url
  5. Handle webhook events idempotently (check payment status before crediting)
  6. Add fallback: GET /verify-payment-intent/:id if webhook doesn't arrive
  7. Apply Node.js TLS config (SNI) when connecting through Cloudflare — see references/api.md

Minimum item price: $5

Comments

Loading comments...