← Back to Skills Marketplace
EM-A2A
by
ypeng1620-beep
· GitHub ↗
· v0.1.0
· MIT-0
33
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install em-a2a
Description
Agent-to-Agent payments on TRON. Use when an agent needs to pay another agent, escrow funds, check credit scores, or verify on-chain identity.
README (SKILL.md)
EM-A2A: Agent-to-Agent Payment Protocol
Agent-to-Agent payments, escrow, credit scoring, and identity on the TRON blockchain.
When to Use This Skill
Use em-a2a when:
- One agent needs to pay another agent for services, data, or compute
- Funds need to be held in escrow until work is delivered and accepted
- You need to check an agent's credit score before trusting them
- You need to verify an agent's on-chain identity (DID + KYA)
- You want to calculate protocol fees before initiating a payment
Not for: Paying API endpoints (use paybot) or HTTP 402 interception (use x402).
Tools
This skill provides 4 MCP tools via @poisonpyf/a2a-mcp:
| Tool | When to Call |
|---|---|
a2a_pay |
Transfer USDC/USDT from one agent to another |
a2a_escrow |
Lock funds before work starts, release on completion, refund on dispute |
a2a_credit |
Check credit score, level, trend, and leaderboard for an agent |
a2a_revenue |
Calculate protocol fee before initiating a transaction |
Typical Workflow
Hiring Another Agent
1. a2a_credit(agentId) → Check seller's reputation
2. a2a_revenue(amount, mode) → Understand the fee structure
3. a2a_escrow(action="lock") → Lock payment in escrow
4. [Seller delivers work]
5. a2a_escrow(action="release") → Release funds on acceptance
Direct Payment (no escrow)
1. a2a_credit(agentId) → Check counterparty reputation
2. a2a_revenue(amount, mode) → Preview fees
3. a2a_pay(from, to, amount) → Execute direct transfer
Setup
Add to your MCP client configuration:
{
"mcpServers": {
"a2a": {
"command": "npx",
"args": ["-y", "@poisonpyf/a2a-mcp"],
"env": {
"A2A_NETWORK": "shasta",
"A2A_PRIVATE_KEY": "your-tron-private-key"
}
}
}
}
Network: Use shasta for testnet, mainnet for production.
Tool Reference
a2a_pay
Transfer tokens between agents. Handles AML screening, revenue calculation, and on-chain execution.
{
"from": "did:bai:tron:TBu...",
"to": "did:bai:tron:TSa...",
"token": "USDC",
"amount": "1000000",
"memo": "Payment for smart contract audit"
}
a2a_escrow
Lock/release/refund funds between agents.
// Lock
{ "from": "...", "to": "...", "amount": "500000000", "action": "lock", "task": "Code review" }
// Release (use escrowId from lock result)
{ "from": "...", "to": "...", "amount": "500000000", "action": "release", "escrowId": "esc_abc123" }
// Refund
{ "from": "...", "to": "...", "amount": "500000000", "action": "refund", "escrowId": "esc_abc123" }
a2a_credit
Check agent reputation and creditworthiness.
{ "agentId": "did:bai:tron:TSa..." }
Returns score (300-950), level (excellent/good/fair/poor/none), trend history, and leaderboard.
a2a_revenue
Preview protocol fees. Two modes:
fixed_tier: Volume-based fixed rates (1.0% default, decreases with volume)variable_float: Risk-adjusted rates (lower risk + higher credit = lower fees)
{ "amount": "100000000", "mode": "fixed_tier" }
Architecture
Agent A (Client) Agent B (Server)
│ │
├─ a2a_credit(agentB) ──→ credit score
├─ a2a_revenue(amount) ─→ fee preview
├─ a2a_escrow(lock) ────→ funds locked
│ │
│ [Agent B delivers work] │
│ │
├─ a2a_escrow(release) ──→ funds released + credit updated
│ │
└────────── TRON blockchain ─────────┘
Links
- GitHub: https://github.com/ypeng1620-beep/EM-A2A
- npm: https://www.npmjs.com/package/@poisonpyf/a2a-mcp
- TRON Shasta Faucet: https://www.trongrid.io/shasta
Usage Guidance
This skill appears to do what it advertises, but it requires handing a TRON private key to a remote npm package executed at runtime. Before installing or using it: (1) verify and audit the npm package and GitHub repo (check publisher, recent commits, and open-source code), (2) prefer using testnet (shasta) and never expose a production mainnet private key until code is reviewed, (3) consider using a signing service or a limited-scope hot wallet address rather than a full private key in env, (4) pin package versions (do not rely on floating 'latest'), (5) run the package in an isolated environment and monitor network traffic, and (6) if you need autonomous agent invocation with the key, remove autonomous invocation or rotate keys frequently. If you cannot audit the upstream package and backend services (credit/AML endpoints), treat this skill as high-risk and avoid giving it access to valuable keys.
Capability Analysis
Type: OpenClaw Skill
Name: em-a2a
Version: 0.1.0
The skill facilitates TRON blockchain transactions and requires a highly sensitive 'A2A_PRIVATE_KEY' environment variable. It executes remote code via 'npx' from the npm package '@poisonpyf/a2a-mcp'. The package name prefix 'poison' is a common red flag in security contexts, and the combination of private key access with dynamic remote code execution poses a significant risk of credential theft, although no explicit malicious logic is present in the SKILL.md instructions.
Capability Tags
Capability Assessment
Purpose & Capability
Name, description, and declared capabilities (payments, escrow, credit, identity on TRON) align with the declared environment variables A2A_NETWORK and A2A_PRIVATE_KEY and the provided toolset (@poisonpyf/a2a-mcp). The requested credentials are consistent with signing TRON transactions.
Instruction Scope
SKILL.md instructs configuring an MCP to run 'npx @poisonpyf/a2a-mcp' with A2A_PRIVATE_KEY in the environment. That means an external, remote package will run with access to the private key and can make arbitrary network calls. The instructions also imply third-party services (credit/leaderboard/AML) without specifying endpoints or data flows, leaving potential for unexpected data transmission.
Install Mechanism
No formal install spec in the skill bundle, but the runtime instructions explicitly run a package from npm via npx. Executing remote npm packages at runtime is a moderate risk because it downloads/executes third-party code on demand; the package scope (@poisonpyf) is not a widely-known vendor, so upstream code should be audited before trusting it with keys.
Credentials
Only A2A_NETWORK and A2A_PRIVATE_KEY are requested, which is proportionate to the stated blockchain payment function. However, the private key is highly sensitive — giving it to a runtime process you do not control (npx-invoked package) creates a high-exposure scenario. No mitigation (e.g., read-only wallet, signing service, or hardware key) is described.
Persistence & Privilege
always:false (normal). The skill permits autonomous model invocation (default), which combined with runtime execution of remote code and access to a private key increases blast radius if the package or upstream services are malicious or compromised. The skill does not request persistent system-level privileges or other skills' configs.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install em-a2a - After installation, invoke the skill by name or use
/em-a2a - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release: A2A payments, escrow, credit scoring on TRON.
Metadata
Frequently Asked Questions
What is EM-A2A?
Agent-to-Agent payments on TRON. Use when an agent needs to pay another agent, escrow funds, check credit scores, or verify on-chain identity. It is an AI Agent Skill for Claude Code / OpenClaw, with 33 downloads so far.
How do I install EM-A2A?
Run "/install em-a2a" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is EM-A2A free?
Yes, EM-A2A is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does EM-A2A support?
EM-A2A is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created EM-A2A?
It is built and maintained by ypeng1620-beep (@ypeng1620-beep); the current version is v0.1.0.
More Skills