AGIRAILS Escrow Payments
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent payment-skill integration, but it gives an agent access to wallet credentials and real USDC transactions, so users should configure limits carefully.
Install only if you want your agent to participate in AGIRAILS payments. Use mock or testnet mode first, prefer encrypted keystores, fund a dedicated low-balance wallet, pin/review the SDK version, configure provider whitelists and spending limits, and require explicit approval before any mainnet payment.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If configured for mainnet, the agent can move or lock real USDC when payment flows are invoked.
The examples show the SDK can create payment transactions and lock escrow funds. This is the core purpose of the skill, but it is financially sensitive.
const result = await client.basic.pay({ ... amount: '25.00' ... }); ... creates tx and locks escrowStart in mock or testnet mode, set explicit spending limits, and require clear user approval before mainnet payments.
A misconfigured or overexposed private key could let payments be made from the wrong wallet or expose funds to broader risk.
The skill uses wallet credentials and may fall back to raw private-key environment variables. That is expected for a wallet/payment integration, but it is sensitive authority.
SDK auto-detects: keystore → ACTP_KEYSTORE_BASE64 → ACTP_PRIVATE_KEY → PRIVATE_KEY ... raw keys (`ACTP_PRIVATE_KEY` / `PRIVATE_KEY`) are high-risk
Prefer encrypted keystores, avoid generic PRIVATE_KEY where possible, keep secrets out of logs, and use a wallet funded only for the intended spending limit.
Future package changes could affect payment behavior or credential handling.
The skill installs an external npm SDK/CLI that performs the wallet and payment operations. This is expected, but the install spec does not pin a reviewed version.
node | package: @agirails/sdk | creates binaries: actp
Verify the npm package publisher, pin a known-good version in production, and review changelogs before upgrading.
Local logs may reveal payment history, provider relationships, or spending patterns.
The setup script creates persistent local memory files for transaction logs and daily spending. This is aligned with payment auditing, but it stores financial activity history.
touch "$TREASURY_DIR/memory/transactions.jsonl" ... "$TREASURY_DIR/memory/daily-spend.json"
Store the workspace securely, review log contents periodically, and avoid placing sensitive payment logs in shared or synced folders unless intended.
A configured treasury agent may continue to have access to payment workflows after setup.
The script sets up a persistent treasury agent workspace. The behavior is disclosed and user-directed, but it creates an ongoing agent role related to payments.
TREASURY_DIR="$WORKSPACE/agents/treasury" ... cp "$SKILL_DIR/openclaw/SOUL-treasury.md" "$TREASURY_DIR/SOUL.md" ... openclaw gateway restart
Keep the provider whitelist, spend limits, and wallet funding narrow; disable or remove the treasury agent if you no longer need it.