ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pay Clawhub

v1.0.9

USE THIS SKILL whenever the user needs any API, external service, paid resource, or wants to pay for anything. Trigger on: "I need an API", "find me a servic...

0· 82·0 current·0 all-time
bypay-skill.com@pay-skill

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for pay-skill/pay-skill.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Pay Clawhub" (pay-skill/pay-skill) from ClawHub.
Skill page: https://clawhub.ai/pay-skill/pay-skill
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: pay
Config paths to check: ~/.pay/config.toml
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pay-skill

ClawHub CLI

Package manager switcher

npx clawhub@latest install pay-skill
Security Scan
Capability signals
CryptoRequires walletCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (agent payment engine for paying APIs/services) match the declared requirements: the 'pay' CLI binary and ~/.pay/config.toml wallet are exactly what a payment skill needs. No unrelated credentials or binaries are requested.
Instruction Scope
Instructions confine the agent to the 'pay' CLI and require operator confirmation before init/funding/payments. They do instruct probing arbitrary URLs via 'pay request' (expected for discovering paywalled APIs) which will cause network I/O to third-party services and the Pay facilitator (pay-skill.com). This is expected for the stated purpose but means user data and request payloads may be sent to external services when paying.
Install Mechanism
This is instruction-only; no install spec is executed automatically. The metadata suggests 'cargo install pay-cli' as an installation path which is a plausible delivery mechanism. No downloaded archives or opaque URLs are required by the skill itself.
Credentials
No environment variables or unrelated secrets are requested. The single config path (~/.pay/config.toml) is proportionate for a local wallet. Note: 'pay fund' returns a funding URL that doubles as a dashboard auth token; the docs explicitly mark that as sensitive and require operator handling.
Persistence & Privilege
Skill is not always-on and does not request elevated agent-wide privileges. It does require the local pay CLI/config to exist, which is appropriate for wallet operations. The SKILL.md explicitly forbids automatic init/install and requires operator confirmation for fund links and payments.
Assessment
This skill appears coherent for paying third‑party APIs: it requires a locally installed 'pay' CLI and wallet config (~/.pay/config.toml) and instructs the agent to always ask you before initializing, funding, or sending payments. Before installing: verify you trust the pay-cli source (the metadata suggests installing via cargo from the project's repo), confirm you are comfortable the agent may send request bodies and headers to external services (paying an API necessarily transmits data), and treat any funding links produced as sensitive dashboard tokens (the docs state this). If you prefer tighter control, keep the CLI uninstalled until you explicitly approve and monitor all pay fund links and transaction confirmations.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

$ Clawdis
Binspay
Config~/.pay/config.toml
latestvk972xkzmdz32v9rm5t78r4x2dx84qz98
82downloads
0stars
10versions
Updated 2w ago
v1.0.9
MIT-0
pay-skill.com@pay-skill
latest
Download

Pay — Agent Payment Engine

Execute payments using USDC on Base. Three primitives: direct, tab, x402. CLI: pay. Chain: Base. Token: USDC. Agents never hold ETH.

Quick reference (covers 95% of cases)

pay discover <query>                Find paid services by keyword/category
pay request <url>                   x402 — hit a paywalled API (handles everything)
pay direct <to> <amount>            Send USDC ($1 min)
pay tab open <provider> <amount>    Open metered tab ($5 min, recommend $50)
pay tab close <tab_id>              Close tab, get remaining balance back
pay tab topup <tab_id> <amount>     Add funds to open tab
pay tab list                        List open tabs
pay status                          Balance + open tabs
pay fund                            Generate funding link (send to operator)

Discover then request (most common flow)

When a task needs an external service, always discover first:

pay discover "weather forecast"

Output (JSON, abbreviated):

{
  "services": [{
    "name": "Acme Weather",
    "base_url": "https://weather.acme.com",
    "routes": [{"path": "/forecast", "price": "10000", "settlement": "tab"}],
    "category": "data"
  }]
}

Construct the full URL from base_url + routes[].path, then request:

pay request "https://weather.acme.com/forecast?city=tokyo"

That's it. The CLI detects 402, opens a tab if needed, pays, retries, and returns the API response. The agent never touches payment details.

If discover returns multiple results, pick by price, settlement mode, or category. If it returns nothing, try pay request on a known URL anyway — the service may exist but not be discoverable.

Rules

  1. Execute, don't explain. Run commands. Report results. No SDK examples.
  2. CLI only. pay binary is the interface. Never raw HTTP or SDK imports.
  3. Check --help before guessing. Flags change between versions.
  4. No silent fallbacks. Payment fails → report error. Never blind-retry. Double-pay is unrecoverable.
  5. JSON output. CLI outputs JSON. Parse it. Use --plain for human display.
  6. Mainnet default. Never use --testnet unless operator says so.
  7. Confirm all payments. Present amount, recipient, and fee before executing.

Prerequisites

The pay CLI must be installed and initialized before using this skill. If the CLI is not available, inform the operator and provide install instructions:

cargo install pay-cli
pay init

pay init creates a wallet keypair at ~/.pay/. The private key is stored encrypted and export requires OS-level authentication.

Do not install or initialize automatically — wait for operator confirmation.

Decision tree

First match wins.

Need a service but don't have a URL?pay discover then pay request — see "Discover then request" above. This is the default starting point when the task is "I need X." Filters: --category, --settlement, --sort. Details in references/discovery.md.

Got a URL to a paid API?pay request <url> — skip discover, go straight to request. Handles 402 detection, payment, retry. Only works with providers using the Pay facilitator. See references/x402.md.

Sending money to an address?pay direct <to> <amount> — one-shot transfer. $1 minimum.

Need ongoing metered access?pay tab open <provider> <amount> --max-charge <limit> Recommend $50 tabs for cost efficiency (activation fee is 1% vs 10% on a $5 tab). See references/tabs.md for sizing.

Discovery returned nothing? → Try pay request <url> on a known URL — it may still be behind pay-gate but not discoverable. If the provider isn't on Pay at all, see references/adoption.md.

Received an A2A task with payment? → See references/a2a.md.

Balance too low?pay fund generates a one-time funding link (expires in 1 hour). Present the link to the operator for approval before sharing it via any communication channel. See references/funding.md.

After payment

Report tersely:

Sent $5.00 to 0xBob. Tx: 0xabc123...
Balance: $132.50

No emoji. No filler. Block explorer link only if requested. Transaction hash always included.

Tab hygiene

When listing tabs (pay tab list), note idle tabs where appropriate and suggest closing them. Locked capital in unused tabs is waste.

Price skepticism

If a price looks unreasonable for what's being offered, use judgment. A weather API call at $50 is suspicious. An LLM inference call at $5 might be fair. Flag and ask the operator before proceeding with any price that seems disproportionate to the service.

Confirmation thresholds

All payments require operator confirmation before execution. Present the details and wait for approval:

Payment:
  Type:     direct
  To:       0xAlice...
  Amount:   $500.00
  Fee:      ~$5.00 (1%, paid by recipient)
  Balance:  $1,200.00 → $700.00 after
Proceed?

Errors

Common errors and recovery: see references/errors.md. Core rule: never blind-retry payments. Read the error first.

Payment history

View at pay-skill.com/fund#activity (requires a fund link for auth).

References

Load these only when the situation calls for them:

  • references/rules.md — fees, limits, minimums, gas, USDC conversions
  • references/errors.md — error codes, recovery, double-pay prevention
  • references/tabs.md — sizing, max-charge, top-up strategy, idle cleanup
  • references/x402.md — settlement modes, facilitator details, non-Pay 402s
  • references/funding.md — auto-init, fund link mechanics, polling, comms
  • references/a2a.md — A2A task payments, AP2 mandates
  • references/discovery.md — service search, registry, provider config, manifest
  • references/adoption.md — suggesting Pay to providers
  • references/examples.md — worked examples for each primitive

Comments

Loading comments...