← Back to Skills Marketplace
125
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install agent-fuel
Description
Autonomous agent wallet management with MoonPay auto top-up, x402 payments, and OpenWallet Standard. Agents never run out of gas.
README (SKILL.md)
Agent Fuel — Autonomous Payment & Gas Management
Keep your agent running by automatically managing wallet balances, topping up via MoonPay, and paying for x402-enabled APIs.
Prerequisites
- MoonPay CLI installed and authenticated:
npm install -g @moonpay/cli
mp login
- A funded wallet (can be created via
mp wallet create)
Quick Start
Check Balance
mp wallet balance
Auto Top-Up When Low
When the agent detects low balance (configurable threshold), trigger:
mp buy --amount 20 --currency USDC --chain base
Swap Tokens
mp swap --from ETH --to USDC --amount 0.01 --chain base
x402 Payments
For APIs that return HTTP 402, the agent should:
- Parse the
PAYMENT-REQUIREDheader for amount and payment address - Sign the payment using the agent wallet
- Retry the request with
PAYMENT-SIGNATUREheader - Log the transaction
Balance Monitoring
The agent should periodically check balance and act:
IF balance \x3C minBalance:
IF dailySpend \x3C maxDailySpend:
mp buy --amount {topUpAmount} --currency USDC
notify human "⛽ Auto top-up: ${topUpAmount} USDC"
ELSE:
notify human "⚠️ Daily spend limit reached. Manual top-up needed."
Configuration
Store in ~/clawd/.secrets/agent-fuel.json:
{
"chain": "base",
"currency": "USDC",
"minBalance": 5.0,
"topUpAmount": 20.0,
"maxDailySpend": 100.0,
"alertThreshold": 2.0,
"x402Enabled": true,
"x402MaxPerRequest": 0.10
}
Safety Rules
- NEVER exceed
maxDailySpendwithout human approval - ALWAYS log transactions with reason
- ALERT human when balance drops below
alertThreshold - PAUSE spending if 3+ top-ups in 1 hour (possible loop)
MoonPay CLI Reference
| Command | Description |
|---|---|
mp wallet balance |
Check all wallet balances |
mp wallet create |
Create new wallet |
mp buy --amount N --currency TOKEN |
Buy crypto with fiat |
mp swap --from X --to Y --amount N |
Swap tokens |
mp send --to ADDR --amount N --currency TOKEN |
Send tokens |
mp wallet history |
Transaction history |
mp mcp |
Start MCP server for agent integration |
Usage Guidance
Plain-language checklist before installing or running this skill:
- What it will do: the skill uses the MoonPay CLI ('mp') and your locally-authenticated MoonPay account to check balances, buy/swap tokens and send funds (including automatically paying x402 payment requests). If configured to run as a daemon, it will do these actions periodically.
- Major red flags to address before use:
- The code can pay arbitrary addresses derived from x402 headers. Make sure you understand and trust the services that will receive payments, or implement a recipient whitelist. The README mentions 'whitelist mode' and a 'kill switch' but the provided code does not enforce either.
- The shell script uses eval on a configurable NOTIFY_CMD. If an attacker or misconfigured file can set that field, arbitrary commands could run. Treat NOTIFY_CMD as unsafe unless you control it and avoid embedding user-supplied content there.
- The TypeScript and shell code build shell command strings (execSync/`mp ...` and eval) using config values. This creates command-injection risks if config or payment headers can be manipulated.
- The skill does not declare the sensitive credentials it will use (MoonPay auth is expected but not declared). The skill will rely on your local 'mp login' state to access funds.
- Mitigations and recommendations:
- Audit the code locally. If you want to use it, run it in a safe environment (test account / low-funding wallet) first.
- Add or require an explicit whitelist of allowed payment recipients and/or require human confirmation for top-ups/payments above a small threshold.
- Replace eval usage: change NOTIFY_CMD handling to a safer invocation (e.g., spawn with args array) and avoid evaluating arbitrary strings.
- Sanitize and avoid interpolating user-provided strings into shell commands. Use child_process spawn with argument arrays or validated tokens/currency names.
- Keep maxDailySpend and x402MaxPerRequest very low during testing and ensure logging/alerts are routed to a channel you control.
- Consider running the skill with a dedicated MoonPay account or test wallet that only holds limited funds.
- Final decision guidance: if you need autonomous on-chain top-ups and are comfortable reviewing and hardening the code (implement whitelist/kill-switch, remove eval, sanitize inputs), this skill is usable. If you cannot review and secure it, do not grant it access to a funded MoonPay account — treat it as suspicious and test only with minimal funds.
Capability Analysis
Type: OpenClaw Skill
Name: agent-fuel
Version: 1.0.0
The 'agent-fuel' skill automates cryptocurrency transactions and wallet management using the MoonPay CLI. It contains significant security vulnerabilities, specifically shell injection risks via the use of 'eval' in 'src/agent-fuel.sh' and 'execSync' with unvalidated inputs from external x402 headers in 'src/monitor.ts'. While these appear to be unintentional flaws in a tool designed for autonomous payments, the high-risk nature of automated financial operations combined with these vulnerabilities warrants a suspicious classification.
Capability Assessment
Purpose & Capability
High-level purpose (auto top-up via MoonPay and x402 payments) aligns with the provided code: both shell and TypeScript components call the 'mp' CLI to check balances, buy tokens, swap and send funds. However there are internal inconsistencies: the registry metadata claims 'no install spec / instruction-only' while package.json and SKILL.md include an npm install instruction for @moonpay/cli. README promises features (whitelist mode, kill switch) that are not implemented in the provided code. These contradictions reduce confidence in the skill's claims.
Instruction Scope
SKILL.md instructs the agent to run the MoonPay CLI and to auto-pay x402 402 responses — the code implements automatic payments to addresses supplied by the payment header. The shell script evaluates a NOTIFY_CMD from config with eval, and the TS code builds shell commands with string interpolation passed to execSync. Both are within the scope of 'manage payments', but they introduce command-execution and injection-sensitive behaviors and the code does not implement an explicit whitelist for payment recipients despite README claiming a whitelist mode. The instructions/config allow storing commands and payment settings under ~/clawd/.secrets which the skill reads and executes behavior from.
Install Mechanism
No remote download URL or suspicious archives are used. The SKILL.md and package.json expect installation of the @moonpay/cli npm package (npm global). npm is a common mechanism and the package is explicit. The discrepancy between 'no install spec' in registry metadata and the embedded npm install instruction is notable but the install mechanism itself (npm) is not unusually risky compared to arbitrary remote downloads.
Credentials
The skill requests no declared environment variables or explicit primary credential, yet requires the user to run 'mp login' (MoonPay credentials will be stored locally) and the code will use that account to initiate fiat->crypto purchases and to send funds. The skill thus gains access to a user-controlled monetary account without declaring or gating that access. Additionally, config values (notify command, wallet name, chain, payTo addresses from x402 headers) are interpolated into shell commands, which is a privilege disproportionate to a simple monitoring script unless the user explicitly trusts the config sources and sets strict spending limits/whitelists.
Persistence & Privilege
The skill does not set always:true and does not appear to alter other skills or global system configs. It offers a daemon mode that periodically runs checks (normal for a monitor). However autonomous invocation combined with the ability to initiate purchases and send funds increases blast radius: if an agent is allowed to call this skill autonomously, it can execute purchases or payments without additional human confirmation unless the operator configures manual approval or strict limits.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install agent-fuel - After installation, invoke the skill by name or use
/agent-fuel - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: MoonPay CLI auto top-up, x402 payments, OpenWallet Standard
Metadata
Frequently Asked Questions
What is Agent Fuel?
Autonomous agent wallet management with MoonPay auto top-up, x402 payments, and OpenWallet Standard. Agents never run out of gas. It is an AI Agent Skill for Claude Code / OpenClaw, with 125 downloads so far.
How do I install Agent Fuel?
Run "/install agent-fuel" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Agent Fuel free?
Yes, Agent Fuel is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Agent Fuel support?
Agent Fuel is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Agent Fuel?
It is built and maintained by Zedit42 (@zedit42); the current version is v1.0.0.
More Skills