ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

payment-402

v1.0.1

Access protected APIs and digital resources via the x402 "Payment Required" protocol on Base L2. This skill automates cryptographic handshakes and USDC micro...

0· 163·0 current·0 all-time
by@paynodelabs

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for paynodelabs/payment-402.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "payment-402" (paynodelabs/payment-402) from ClawHub.
Skill page: https://clawhub.ai/paynodelabs/payment-402
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install payment-402

ClawHub CLI

Package manager switcher

npx clawhub@latest install payment-402
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md and the included scripts clearly require a CLIENT_PRIVATE_KEY and Bun to operate and use @paynodelabs/sdk-js to perform x402 handshakes and on-chain payments — this is coherent with the skill's described purpose. However, the registry metadata at the top of the record says "Required env vars: none" and "Primary credential: none", which contradicts the explicit required_env_vars and primary_credential declared in SKILL.md and used by the code. The source/homepage is also missing, which reduces provenance.
Instruction Scope
The runtime instructions and scripts stick to the payment flow: checking balances, minting test tokens (sandbox), requesting a protected resource and resolving 402 challenges via PayNode. They do not attempt to read unrelated host files or external secrets. However, the skill explicitly requires a private key and allows signing/broadcasting transactions; SKILL.md warns about thresholds and autonomous usage, but that capability is powerful and must be treated carefully.
Install Mechanism
This package is provided as source with a package.json and SKILL.md that instructs 'bun install'. The registry metadata claimed 'No install spec / instruction-only', which is inconsistent. Installing pulls dependencies from npm-like registries (@paynodelabs/sdk-js, ethers, dotenv) — expected for this function but moderate-risk compared to instruction-only skills. No suspicious download URLs or archive extracts were observed.
!
Credentials
The only secret requested is CLIENT_PRIVATE_KEY, which is necessary to sign payments and therefore proportionate to the stated purpose. The concern is twofold: (1) the registry metadata omitted this requirement (inconsistency), and (2) the skill requires the user to place a raw private key in a .env file — a sensitive practice. The SKILL.md does advise using a burner wallet and sets a human-approval threshold (>2 USDC), but those are guidance rather than enforced platform controls.
Persistence & Privilege
The skill does not request 'always: true' or elevated platform persistence. It can be invoked autonomously (platform default), which combined with the ability to sign and broadcast transactions increases risk, but autonomy itself is normal and expected for skills. There is no evidence the skill modifies other skills or system-wide settings.
What to consider before installing
This skill appears to implement the described PayNode x402 flow and uses the PayNode SDK and ethers — that is consistent with its purpose. However: (1) the registry metadata omits the fact that the skill requires a CLIENT_PRIVATE_KEY and Bun even though SKILL.md and the scripts require them; this discrepancy reduces trust and you should ask the publisher to correct the metadata and provide a verifiable source/homepage. (2) The skill requires a private key and will sign and broadcast transactions. Only use a dedicated burner wallet with minimal funds (as the README suggests), and never supply keys for your primary/mainnet wallet. (3) Test thoroughly on the provided sandbox/testnet (Base Sepolia) before any mainnet use. (4) Verify the dependency @paynodelabs/sdk-js is legitimate (check registry/package homepage) to avoid typosquatting. (5) If you need stronger controls, require manual human confirmation for any transaction (do not allow autonomous use) or run the skill in an isolated environment. If you are not comfortable with these risks or the missing provenance, do not install until metadata and source are clarified.

Like a lobster shell, security has layers — review code before you run it.

-deprecatedvk97e1vkq4zn47zq33e7v338fkd83gz5ylatestvk97e1vkq4zn47zq33e7v338fkd83gz5y
163downloads
0stars
2versions
Updated 1mo ago
v1.0.1
MIT-0
@paynodelabs
-deprecatedlatest
Download

💳 PayNode 402 Protocol Skill (Base & Bun)

Use this skill to automate Resource-based Billing. The agent interacts with protected APIs that return 402 Payment Required. Every transaction is tied to a specific resource request, ensuring stateless and secure fund allocation.

🚀 Pre-execution Readiness

Before any request, verify the environment and balances:

  1. Initialize Dependencies: Run bun install once within this directory.
  2. Verify Environment: Ensure a .env file is created in the root directory. The agent MUST verify the existence and exact format of this variable before proceeding: 
    # [REQUIRED] PayNode Burner Wallet Private Key
# Format: 66-character hex string MUST start with '0x'
CLIENT_PRIVATE_KEY=0xYourBurnerWalletPrivateKeyHere...
  3. Check Balances: Run bun run check-wallet --json --network <NETWORK>.
  4. Validate Readiness: Ensure checks.can_pay is true.

Expected check-wallet Output:

{
  "status": "success",
  "address": "0x...",
  "eth": 0.01,
  "usdc": 100.0,
  "checks": {
    "gas_ready": true, // Has > 0.001 ETH for gas
    "tokens_ready": true, // Has USDC for payments
    "can_pay": true // Ready for x402 flow
  }
}

🛠️ x402 Execution Workflow

Follow this sequence to unlock protected resources.

Step 1: Identify Resource

Determine the URL of the protected API you need to access.

Step 2: Request & Handle Challenge

Run bun run request "<URL>" --json --network <NETWORK>.

  • Reason: This script detects the x402 header challenge, performs the cryptographic handshake with the PayNode Gateway, signs the authorization, and retries the request with the proof-of-payment.

Step 3: Capture Resource

Upon success, capture the JSON response. The txHash will be included in the logs if a payment occurred.

🛡️ Security Rules & Agent Safety

[!IMPORTANT] ADHERE TO THESE RULES TO PROTECT FUNDS.

💸 Burner Wallet Policy (Minimal Exposure)

The CLIENT_PRIVATE_KEY MUST belong to a dedicated "burner" wallet acting as petty cash. NEVER hold excessive funds. Maintain balances strictly sufficient for immediate tasks (e.g., < 10 USDC). If a balance exceeding operational needs is detected, you MUST alert the human operator immediately to sweep the funds to cold storage.

🤖 Autonomous Usage & Human Consent

If you are operating autonomously, be aware that this skill can sign and broadcast blockchain transactions without manual confirmation.

  • Threshold Limit: For any single transaction exceeding 2.0 USDC, you MUST request explicit human approval before execution.
  • Merchant Verification: Before initial payment to a new domain, perform a read_url_content check on the merchant's reputation (if possible) or alert the user.

🕵️ Zero-Trust Pre-Flight Validation (Resource Consistency)

Prevent "Confused Deputy" attacks. Before calling request, you MUST logically verify that the target URL matches your specific objective.

  • Ask: Is this resource exactly what I need? Is the cost reasonable for this resource?
  • If the endpoint is unrelated to your goal or the required payment is anomalously high, ABORT and report to the human.
  • Sandbox-First: Whenever testnet is available, prioritize testing against sandbox endpoints (Sepolia/Base-Sepolia) before using real funds.

⚠️ Gotchas & Troubleshooting

  • Handshake Failures: If request fails with a 402 exit code, the gateway may be down or the merchant's contract is invalid.
  • Private Key Format: The CLIENT_PRIVATE_KEY MUST start with 0x.
  • Gas vs. Tokens: You can have $1M USDC but if gas_ready is false (low ETH), the transaction WILL fail.
  • Exit Codes:
    • 2: Invalid arguments.
    • 3: Auth Failure (Check .env key format).
    • 4: Network/RPC Failure.
    • 402: Challenge detected but automated resolution failed.

🧪 Sandbox & Testing

Always test against sandbox endpoints first.

  • Mint Test Tokens: bun run mint-test-tokens --json
  • Test Merchant (Doodle Wall): https://paynode.dev/api/pom?network=testnet (Note: Use &network=mainnet for mainnet Doodle Wall)
  • Reference: See Testing Guide for more details.

🔗 References

Comments

Loading comments...