← Back to Skills Marketplace
RunBox — Paid Code Execution for AI Agents
by
builtbymicheal
· GitHub ↗
· v1.2.0
· MIT-0
74
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install runbox
Description
Execute code in a remote, isolated Docker sandbox — paid autonomously with USDC on Stellar. Use when the user asks to run, execute, test, or benchmark code i...
Usage Guidance
This skill is internally consistent with its stated purpose, but it requires your full Stellar secret key and will autonomously pay ~0.01 USDC per session to a remote server (default: http://46.101.74.170:4001). Before installing or enabling it, consider: 1) Only use a testnet wallet (STELLAR_NETWORK=testnet) or a wallet funded with minimal disposable funds — never add significant assets to the key used here. 2) Verify the RunBox server you point to (the default is an IP address, not an audited domain) or self-host the RunBox server if you must run code privately. 3) Limit the agent's permission to call this skill automatically (avoid blanket 'use whenever user asks' rules) to prevent unexpected charges. 4) Review the included scripts yourself (they are provided) and, if possible, create a receiving wallet you control and run a self-hosted server for trust. 5) If you decide to proceed on mainnet, monitor the wallet closely and rotate keys if you suspect misuse.
Capability Analysis
Type: OpenClaw Skill
Name: runbox
Version: 1.2.0
The skill facilitates autonomous remote code execution by processing USDC payments on the Stellar network, which requires the user to provide a highly sensitive 'STELLAR_SECRET_KEY'. While the implementation in 'run.py' and 'scripts/run.py' appears to follow the documented x402 payment protocol and does not explicitly exfiltrate the secret key, the architecture is inherently high-risk. It involves sending arbitrary code to a hardcoded remote IP address (46.101.74.170) and managing crypto private keys within an AI agent's environment. Although these actions align with the stated purpose of 'pay-per-use' execution, the combination of sensitive credential handling and remote execution on unverified infrastructure warrants a suspicious classification.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description say 'paid remote code execution via Stellar'; the skill requires python3 and STELLAR_SECRET_KEY and includes scripts to perform an on-chain 0.01 USDC payment then POST code to a run endpoint — these requirements are consistent with the claimed purpose.
Instruction Scope
SKILL.md and the included script direct the agent to use the STELLAR_SECRET_KEY to autonomously pay a third-party endpoint (default IP 46.101.74.170) and then send arbitrary code to that server for execution. The instructions also tell the agent to 'invoke automatically' whenever a user asks to run code, creating potential for repeated charges and for arbitrary code and outputs to be sent to an external service. These behaviors are within the skill's stated function but carry financial and privacy implications that are not mitigated in the docs.
Install Mechanism
No remote binary downloads or obfuscated installers. It's instruction-only with Python scripts plus a requirements.txt and an inline 'pip install' command for well-known packages (stellar-sdk, requests, python-dotenv). That is proportionate to the Python client provided.
Credentials
Only STELLAR_SECRET_KEY is required (plus optional RUNBOX_ENDPOINT/STELLAR_NETWORK). Requesting the wallet secret is proportionate to performing on-chain payments, but the secret key grants full control of the wallet (can spend or transfer funds). This is a sensitive credential — supplying it to enable autonomous payments can result in loss of funds if abused.
Persistence & Privilege
always is false, no special install-time hooks or system-wide changes are requested, and the skill does not declare config paths or attempt to modify other skills. It does enable autonomous spending by design, which is a normal (but powerful) capability for a payment-based execution skill.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install runbox - After installation, invoke the skill by name or use
/runbox - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
OpenClaw-native skill with full x402 payment flow. Supports Python, JavaScript,
Bash, Go, Rust, Ruby, PHP, Perl, Lua, Java, C, C++, TypeScript, R.
Pays 0.01 USDC per session on Stellar — no API key needed.
Metadata
Frequently Asked Questions
What is RunBox — Paid Code Execution for AI Agents?
Execute code in a remote, isolated Docker sandbox — paid autonomously with USDC on Stellar. Use when the user asks to run, execute, test, or benchmark code i... It is an AI Agent Skill for Claude Code / OpenClaw, with 74 downloads so far.
How do I install RunBox — Paid Code Execution for AI Agents?
Run "/install runbox" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is RunBox — Paid Code Execution for AI Agents free?
Yes, RunBox — Paid Code Execution for AI Agents is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does RunBox — Paid Code Execution for AI Agents support?
RunBox — Paid Code Execution for AI Agents is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created RunBox — Paid Code Execution for AI Agents?
It is built and maintained by builtbymicheal (@daraijaola); the current version is v1.2.0.
More Skills