\r \r

System Architecture & Security Disclosures\r

\r To clarify the scope of the scripts and justify the requested permissions (credential.read, credential.write, network.outbound), the following underlying operations are declared:\r \r

1. Local State Persistence (Credentials): The credential.read and credential.write permissions are granted solely to read and write the u field inside the local file configs/config.json. No environment variables, system keychain entries, or any other credential stores are accessed.\r \r Why persist the token? The u (user token) is obtained through a multi-step authorization flow (QR code scan → registration polling → token issuance). Persisting it locally avoids requiring the user to re-authorize on every single payment request, which would be impractical. The token is written once during authorization and read on subsequent payment calls.\r \r

   ⚠️ Security Advisory — Credential Hardening:\r \r The u is stored in local. Operators deploying this skill in security-sensitive environments must apply the following protections:\r \r

   1. File permissions: chmod 600 configs/config.json — restrict to owner-only read/write.\r
   2. Directory permissions: chmod 700 configs/ — prevent directory listing by other users.\r
   3. Disk encryption: On shared or multi-tenant hosts, enable full-disk encryption (e.g., FileVault on macOS, LUKS on Linux).\r \r The skill does not use OS keychains, environment variables, or any other credential stores — configs/config.json is the sole persistence point.\r \r

2. External Network Calls: The scripts actively call out to external JD endpoints (e.g., ms.jr.jd.com) over the network to process transactions, fetch authorization/authentication links, and verify token registration status. This justifies the network.outbound permission. No other external domains are contacted.\r \r
3. Bundled Encryption Tooling: To securely handle payment payloads and credentials (such as encrypted_data and payment status decryption), the Python scripts locally invoke a bundled Node.js encryption tool (scripts/encrypt.js + scripts/summer-cryptico-2.0.2.min.js). Node.js (node) is a required runtime dependency — it must be present on the host system before the skill is deployed. This requirement is declared in both the required_binaries field of the registry metadata above and in this section.\r \r
4. Invocation Policy & Trigger Safeguards: This skill allows autonomous model invocation (disable_model_invocation: false) because it is designed to be called by other skills during payment workflows. To mitigate the risk of mis-triggered payment flows, the following safeguards are enforced:\r
   • The skill must only be triggered when: (a) a third-party skill explicitly initiates a clawtip payment request with valid parameters, (b) the user explicitly requests token creation, (c) the user explicitly requests to view their wallet, or (d) the user explicitly requests a registration status query.\r
   • The skill must never be triggered speculatively, predictively, or based on ambient context without an explicit user or skill request.\r
   • All payment operations require valid payTo, amount, and other mandatory parameters — the script will exit with an error if parameters are missing or malformed.\r \r ---\r \r

Process the Payment Request\r

\r

1. Required Parameters\r

\r Provide the following parameters strictly according to their defined formats:\r \r

• payTo (string): The merchant's wallet address (the payTo recipient).\r
• amount (integer): The transaction amount.\r
• order_no (string): The order number from the calling skill's Phase 1.\r
• question (string): The user's original question/request content from the calling skill.\r
• encrypted_data (string): The encrypted data string from Phase 1.\r
• description (string): The description of the resource to be purchased (e.g., answer of user's psychological counseling).\r
• skill_name (string): The name of the calling skill (e.g., a proficient psychological counseling assistant).\r
• resource_url (string): The URL identifying the service resource being paid for.\r \r

2. Hyperparameters\r

\r

• skill-version (string): The version of the skill. Currently set to 1.0.1.\r \r

3. Execution Command\r

\r Execute the script using the following bash command. Replace the placeholders \x3C...> with the validated parameter values. Wrap parameters that may contain spaces in quotes.\r \r

python3 scripts/payment_process.py \x3CpayTo> \x3Camount> \x3Corder_no> \x3Cquestion> \x3Cencrypted_data> \x3Cdescription> \x3Cskill_name> \x3Cresource_url> \x3Cskill-version>\r
```\r
\r
## 4. Result Processing Rules\r
\r
Analyze the standard output of the execution command and strictly follow these response protocols **in the given order**. **Stop at the first matching step; do not continue to subsequent steps.**\r
\r
### ⚡ Global Priority Rule\r
\r
> If the output contains `支付凭证: \x3CCREDENTIAL>`, **go to Step 2 (Obtain Credential) first** to return the credential to the calling skill for decryption.\r
>\r
> **However**, if the output **also** contains `授权链接: \x3CAUTH_URL>` or `鉴权链接: \x3CAUTH_URL>`, you **MUST preserve** the full original output (including the authorization/authentication URL) in memory. This is because the credential may decrypt to a **failed** status, in which case you will need to **fall back to Step 3** using the preserved authorization/authentication URL.\r
>\r
> **In summary:**\r
> 1. If `支付凭证:` is present → go to **Step 2** first.\r
> 2. After the calling skill decrypts the credential and reports the status:\r
>    - If the decrypted status is **成功** → go to **Step 4 Case A**. Done.\r
>    - If the decrypted status is **处理中** → go to **Step 4 Case B**. Done.\r
>    - If the decrypted status is **失败 (FAIL)** → go to **Step 2.1 (Credential Decryption Fallback)** to check whether a preserved `授权链接:` or `鉴权链接:` exists, and if so, fall back to **Step 3**.\r
> 3. If `支付凭证:` is **NOT** present → evaluate **Step 1**, then **Step 3** in order.\r
\r
---\r
\r
### **Step 1 — Network/System Failure (check first)**\r
\r
* **Trigger:** The output contains `网络或系统异常:`.\r
* **Action:** Report the specific error returned by the script. Additionally, if the output contains `返回消息: \x3CMESSAGE>`, display the `\x3CMESSAGE>` to the user as supplementary error context. Advise the user on the next steps. **Stop here; do not proceed to Step 2.**\r
\r
---\r
\r
### **Step 2 — Obtain Credential**\r
\r
* **Trigger:** The output matches the pattern `支付凭证: \x3CCREDENTIAL>`.\r
* **Meaning:** The HTTP request reached the server successfully. The `\x3CCREDENTIAL>` is an encrypted blob; **the actual payment status is encoded inside it**. The script cannot determine the status on its own.\r
* **Action:**\r
  1. **Preserve the full original script output** in memory (including any `授权链接:` or `鉴权链接:` if present, and any `返回消息:` if present). You may need it later in Step 2.1.\r
  2. Display the credential and return it to the calling skill for further processing:\r
     > **支付凭证：** `\x3CCREDENTIAL>`\r
     \r
     将此支付凭证返回给调用方 skill，由调用方负责解密并根据其中的支付状态进行后续处理。\r
\r
* **After returning the credential:** Wait for the calling skill to report the decrypted `PAY_STATUS`. Then proceed to **Step 4** to route by decrypted status. If the status is **失败 (FAIL)**, Step 4 Case C will direct you to **Step 2.1**.\r
\r
---\r
\r
### **Step 2.1 — Credential Decryption Fallback (回退处理)**\r
\r
> This step is triggered **only** when the calling skill decrypts the credential and the resulting status is **失败 (FAIL)**.\r
\r
* **Trigger:** The calling skill reports `PAY_STATUS: FAIL` (or equivalent 失败 status) after decrypting the credential from Step 2.\r
* **Action:** Check the **preserved original script output** from Step 2 for the presence of authorization/authentication URLs:\r
\r
  #### **Case A: Preserved output contains `授权链接: \x3CAUTH_URL>`**\r
  \r
  * **Meaning:** The user has not yet been authorized. The credential contained a failure status because the payment could not proceed without authorization. The `授权链接` was present in the original output but was deferred in favor of credential processing.\r
  * **Action:** Fall back to **Step 3 Case A** — treat this as an authorization-required scenario. Execute all actions defined in Step 3 Case A using the preserved `\x3CAUTH_URL>`.\r
\r
  #### **Case B: Preserved output contains `鉴权链接: \x3CAUTH_URL>`**\r
  \r
  * **Meaning:** The payment failed because authentication was not completed. The `鉴权链接` was present in the original output but was deferred.\r
  * **Action:** Fall back to **Step 3 Case B** — treat this as an authentication-required scenario. Execute all actions defined in Step 3 Case B using the preserved `\x3CAUTH_URL>`.\r
\r
  #### **Case C: Preserved output contains NEITHER `授权链接:` NOR `鉴权链接:`**\r
  \r
  * **Meaning:** The payment genuinely failed due to business logic, and there is no authorization/authentication recovery path.\r
  * **Action:** Report the failure to the user. Emphasize that the transaction was declined due to business logic. Report any error code and reason provided by the calling skill. Additionally, if the **preserved original script output** contains `返回消息: \x3CMESSAGE>`, display the `\x3CMESSAGE>` to the user as supplementary failure context. If no specific error details were provided, inform the user that the payment failed and suggest they contact support or retry later.\r
\r
---\r
\r
### **Step 3 — Authorization / Authentication Required**\r
\r
> ⚠️ **PREREQUISITE CHECK:** This step is evaluated in two scenarios:\r
> 1. The original script output does **NOT** contain `支付凭证:` at all.\r
> 2. You were directed here from **Step 2.1** after a credential decryption failure with a preserved authorization/authentication URL.\r
\r
#### **Case A: 失败 + 授权链接 → 待授权 (Authorization Required)**\r
\r
* **Trigger (direct):** The output contains **ALL** of the following:\r
  1. `支付状态: 失败` ← **REQUIRED** (exact match)\r
  2. `授权链接: \x3CAUTH_URL>` ← **REQUIRED**\r
  3. Does **NOT** contain `支付凭证:` ← **REQUIRED**\r
\r
* **Trigger (fallback from Step 2.1 Case A):** The calling skill reported `PAY_STATUS: FAIL` after credential decryption, and the preserved original output contains `授权链接: \x3CAUTH_URL>`.\r
\r
* **Meaning:** The user has not yet been authorized. The payment cannot proceed until the user completes authorization via the provided link.\r
* **Action:**\r
  1. Provide the extracted `\x3CAUTH_URL>` to the user as the official **authorization** link. Additionally, if the output (or preserved output) contains `返回消息: \x3CMESSAGE>`, display the `\x3CMESSAGE>` to the user as supplementary context.\r
  2. Extract `{clawtip_id}` from the authorization URL (the `clawtipId` query parameter, e.g., `...?clawtipId={clawtip_id}`).\r
  3. Create a `scheduled task` to query the user's registration status:\r
      * **Query Phrase:** Use a phrase like `查询token注册状态 {clawtip_id}` or `query token register status {clawtip_id}`.\r
      * **Frequency & Duration:** Execute once per minute for the next 5 executions(afer complete, you should notice user in the main session).\r
      * **Crucial Note:** **Check the registration status, NOT the payment result.**\r
      * **Execution Limit:** If it exceeds 5 times, cancel the scheduled task (`clawtip-payment user token register status {clawtip_id}`).\r
      * **Conflict Handling:** Cancel any currently running scheduled tasks related to `查询token注册状态` before starting the new one.\r
      * **Task Name:** `clawtip-payment user token register status {clawtip_id}`。当用户需要授权，并创建了授权任务后，需要显示提示用户可以说当用户扫码完成授权后，可以说`我已授权`或`我已完成授权`以继续之前的流程\r
\r
#### **Case B: 处理中 + 鉴权链接 → 待鉴权 (Authentication Required)**\r
\r
* **Trigger (direct):** The output contains **ALL** of the following:\r
  1. `支付状态: 处理中` ← **REQUIRED** (exact match)\r
  2. `鉴权链接: \x3CAUTH_URL>` ← **REQUIRED**\r
  3. Does **NOT** contain `支付凭证:` ← **REQUIRED**\r
\r
* **Trigger (fallback from Step 2.1 Case B):** The calling skill reported `PAY_STATUS: FAIL` after credential decryption, and the preserved original output contains `鉴权链接: \x3CAUTH_URL>`.\r
\r
* **Meaning:** The payment is pending authentication. The user must complete authentication before the transaction can proceed.\r
* **Action:** Provide the extracted `\x3CAUTH_URL>` to the user as the official **authentication** link. Additionally, if the output (or preserved output) contains `返回消息: \x3CMESSAGE>`, display the `\x3CMESSAGE>` to the user as supplementary context.\r
\r
> **Stop here if Step 3 matched; do not proceed to Step 4.**\r
\r
---\r
\r
### **Step 4 — Route by Decrypted Status**\r
\r
After the calling skill decrypts the credential and reports the status, follow the corresponding case:\r
\r
#### **Case A: 成功 (Transaction Success)**\r
\r
* **Trigger:** The decrypted status is **成功**.\r
* **Action:**\r
  1. Confirm to the user that the payment has been processed successfully.\r
  2. Display the full decrypted payment info clearly:\r
     **Payment Success Info:** `\x3CDECRYPTED_PAY_INFO>`\r
\r
---\r
\r
#### **Case B: 处理中 (Processing)**\r
\r
* **Trigger:** The decrypted status is **处理中**.\r
* **Action:** Inform the user that the payment is still being processed. Suggest they wait a moment and then check the payment status again.\r
\r
---\r
\r
#### **Case C: 失败 (Failed)**\r
\r
* **Trigger:** The decrypted status is **失败** (or `FAIL`).\r
* **Action:** **Go to Step 2.1 (Credential Decryption Fallback)** to determine whether a recovery path (authorization/authentication) is available from the preserved original output. Do **NOT** simply report the failure here — always check Step 2.1 first.\r
\r
---\r
\r
# Create User Payment Token\r
\r
When the user explicitly requests to create a token with a phrase like `创建token xxx` or `create token xxx`, execute the following command.\r
\r
## 1. Required Parameters\r
\r
Provide the following parameters strictly according to their defined formats:\r
\r
* **`user_token`** (string): the user's token provided by `xxx` of  `创建token xxx` .\r
\r
## 2. Execution Command\r
\r
```bash\r
python3 scripts/create_token.py \x3Cuser_token>\r
```\r
\r
## 3. Other Actions\r
\r
You should check and cancel the running scheduled task about `查询token注册状态` if it is running (named `clawtip-payment user token register status ${device_id}`). The `device_id` is a flexible value.\r
\r
---\r
\r
# Query the User Register Status\r
\r
When the user explicitly requests to query the user register status with a phrase like `查询token注册状态 xxx` or `query token register status xxx`, or `我已注册`, execute the following command.\r
\r
## 1. Required Parameters\r
\r
Provide the following parameter:\r
\r
* **`device_id`** (string): The user's device ID.\r
\r
## 2. Execution Command\r
\r
```bash\r
python3 scripts/check_register_status.py \x3Cdevice_id>\r
```\r
\r
## 3. Result Processing Rules\r
\r
Analyze the standard output of the execution command and strictly follow these response protocols:\r
\r
### **Case A: Processing**\r
\r
* **Trigger:** The output matches the pattern `Status: processing`.\r
* **Action:** Inform the user that the registration is still processing, and optionally tell them the current count.\r
\r
### **Case B: Successful**\r
\r
* **Trigger:** The output matches the pattern `Status: successful`.\r
* **Action:** Confirm to the user that the registration is successful, and they have obtained the user token. You should check and cancel the running scheduled task about `查询token注册状态` if it is running (named `clawtip-payment user token register status ${device_id}`). The `device_id` is a flexible value.\r
\r
### **Case C: Execution Failure**\r
\r
* **Trigger:** Any error message, timeout, or failure to match the patterns above.\r
* **Action:** Report the specific error returned by the script.\r
\r
---\r
\r
# View Clawtip Wallet\r
\r
When the user requests to view their clawtip wallet with phrases like `查看我的clawtip钱包`, `查看钱包`, `打开clawtip钱包`, `查看clawtip钱包`,`clawtip钱包管理` or `view my clawtip wallet`, respond with the following:\r
\r
> 您可以通过以下链接，扫描二维码查看您的 clawtip 钱包：\r
>\r
> 👉 [查看 Clawtip 钱包](https://clawtip.jd.com/qrcode?bizUrl=https://jpay.jd.com/ecnya2a/claw/index)\r
>\r
> 请在浏览器中打开此链接然后扫描二维码以查看您的钱包详情。