← Back to Skills Marketplace
devfaraaz

Kash - Agentic Payment Provider

by DevFaraaz · GitHub ↗ · v1.0.7
cross-platform ✓ Security Clean
398
Downloads
2
Stars
0
Active Installs
8
Versions
Install in OpenClaw
/install kash
Description
Pay for APIs, tools, and services from your agent's Kash wallet. Spends below $5 are autonomous; above $5 requires explicit user YES. Requires KASH_KEY and K...
README (SKILL.md)

Kash Payment Skill

This skill gives your OpenClaw agent access to a Kash wallet so it can pay for external services autonomously, within your configured budget.

Security model

  • KASH_KEY and KASH_AGENT_ID are required. The skill will fail at load time if either is missing — it will not silently proceed.
  • KASH_API_URL is validated against an allowlist (api.kash.dev and localhost only) at startup. Setting it to any other domain is rejected immediately to prevent KASH_KEY from being sent to an untrusted server.
  • KASH_BUDGET is enforced locally in code as a session cap. It is not just a guideline — the spend function checks it before every call.
  • Spends above KASH_SPEND_CONFIRMATION_THRESHOLD ($5.00 default) require confirmed=true, which the agent must only set after receiving an explicit YES from the user in the current conversation.
  • Budget enforcement happens at two layers: locally (KASH_BUDGET) and server-side (Kash dashboard budget). Both must pass. The server is the authoritative source of truth.

Tools provided

kash_spend

Spend from the Kash agent wallet before making a paid API call.

Parameters:

  • amount (number, required) — amount in USD
  • description (string, required) — what you are paying for
  • merchant (string, optional) — name of the service
  • confirmed (boolean, optional) — set true only after explicit user YES for spends above threshold

Return values:

  • OK. Spent $X for "..." — spend succeeded
  • CONFIRMATION_REQUIRED: ... — ask user for YES, then retry with confirmed=true
  • LOCAL_BUDGET_EXCEEDED: ... — session cap hit, stop and notify user
  • BUDGET_EXCEEDED: ... — server-side budget hit, stop and notify user
  • AGENT_PAUSED: ... — agent paused by user in Kash dashboard
  • UNAUTHORIZED: ... — KASH_KEY invalid or expired
  • ERROR: ... — unexpected failure

kash_balance

Check remaining budget without spending. Returns both server-side balance and local session cap.

When to use this skill

Use kash_spend BEFORE making any paid external call — API calls, web searches, data purchases, or any service that charges per request. Always call it before the paid operation, not after.

Use kash_balance before starting a multi-step task that will require several paid operations.

Rules the agent must follow

  1. Always call kash_spend BEFORE the paid call, never after
  2. If CONFIRMATION_REQUIRED is returned, ask the user for explicit YES — never bypass it
  3. If BUDGET_EXCEEDED or LOCAL_BUDGET_EXCEEDED is returned, stop the task immediately and tell the user
  4. Never set confirmed=true without a real user confirmation in the current conversation
  5. Never attempt to work around a budget limit
  6. If kash_spend returns any error, do NOT proceed with the paid call

Kash Payment Skill

Use this skill to pay for external APIs, tools, and services from your Kash agent wallet.

Setup

Configure in ~/.openclaw/openclaw.json:

{
  "skills": {
    "entries": {
      "kash": {
        "enabled": true,
        "apiKey": "ksh_live_...",
        "env": {
          "KASH_KEY": "ksh_live_...",
          "KASH_AGENT_ID": "your-agent-id",
          "KASH_BUDGET": "50",
          "KASH_SPEND_CONFIRMATION_THRESHOLD": "5.00"
        }
      }
    }
  }
}

Get KASH_KEY and KASH_AGENT_ID from kash.dev/dashboard/agents after registering your agent.

Tools

kash_spend

Call this BEFORE any paid API call or service. Never after.

Parameters:

  • amount (number, required) — cost in USD e.g. 0.003
  • description (string, required) — what you are paying for e.g. "serper web search"
  • merchant (string, optional) — service name e.g. "Serper"
  • confirmed (boolean, optional) — set true ONLY after explicit user YES for spends above threshold

Returns:

  • OK. Spent $X for "..." — proceed with the paid call
  • CONFIRMATION_REQUIRED: ... — ask user for YES, then retry with confirmed=true
  • LOCAL_BUDGET_EXCEEDED: ... — stop, tell user to top up at kash.dev
  • BUDGET_EXCEEDED: ... — stop, tell user to top up at kash.dev
  • AGENT_PAUSED: ... — tell user to resume agent at kash.dev/dashboard/agents
  • UNAUTHORIZED: ... — tell user their KASH_KEY may be invalid
  • ERROR: ... — do not proceed with the paid call

kash_balance

Check remaining budget. Use before starting multi-step paid tasks.

No parameters required.

Rules

  1. Always call kash_spend BEFORE the paid call, never after
  2. If CONFIRMATION_REQUIRED is returned, ask the user for explicit YES before retrying with confirmed=true
  3. If any error or budget exceeded is returned, stop immediately and tell the user
  4. Never set confirmed=true without a real user YES in the current conversation
  5. Never attempt to work around a budget limit
  6. Never reveal KASH_KEY value in any message or log
Usage Guidance
This skill appears to do what it says: it will send your KASH_KEY to api.kash.dev to make payments. Before installing, consider: 1) Keep KASH_KEY secret and only obtain it from kash.dev; never paste it in chat. 2) If you don't want any autonomous spending, set KASH_SPEND_CONFIRMATION_THRESHOLD=0 so every spend requires an explicit YES. 3) Set a conservative KASH_BUDGET (e.g., small session cap) to limit exposure. 4) Do not set KASH_API_URL to an untrusted domain — the skill allows only api.kash.dev and localhost. 5) Monitor kash.dev/dashboard/transactions and be ready to pause the agent if you see unexpected charges. These mitigations reduce the main risk: automated small charges that occur without per-transaction confirmation.
Capability Analysis
Type: OpenClaw Skill Name: kash Version: 1.0.7 The skill is designed to manage payments and includes robust security measures. The `tools.ts` file implements a strict allowlist for `KASH_API_URL` (`api.kash.dev`, `localhost`, `127.0.0.1`) to prevent `KASH_KEY` exfiltration to untrusted servers. Both `SKILL.md` and `tools.ts` contain explicit instructions and code logic to enforce spending limits and user confirmation for transactions above a threshold, and to prevent the agent from revealing `KASH_KEY`. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection designed for harmful actions.
Capability Assessment
Purpose & Capability
Name and description match the implementation: the skill only requires KASH_KEY and KASH_AGENT_ID and provides functions to spend and check balance via api.kash.dev. No unrelated credentials, binaries, or install steps are requested.
Instruction Scope
SKILL.md and tools.ts both instruct the agent to call kash_spend before paid operations and to require user confirmation for spends above the threshold; they do not request reading unrelated files or secrets. Rules are explicit and scoped to payment actions.
Install Mechanism
There is no install step beyond an instruction-only skill plus a small TypeScript tool file. No external downloads, installers, or package installs are included.
Credentials
Only KASH_KEY and KASH_AGENT_ID are required (KASH_BUDGET and KASH_API_URL are optional). This is proportionate for a payment provider. Note: by design, small spends below the confirmation threshold (default $5) are allowed autonomously — users should be aware of this implicit risk and configure KASH_SPEND_CONFIRMATION_THRESHOLD or KASH_BUDGET if they want stricter controls.
Persistence & Privilege
The skill is not forced-always and does not request elevated system-wide privileges. It can be invoked autonomously (platform default), which is expected for a payment skill; combine that with budget/threshold settings when assessing risk.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install kash
  3. After installation, invoke the skill by name or use /kash
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.7
- Added new file: `tools.ts`. - Internal refactoring or groundwork likely for future tool or API support. - No changes to user-facing features or skill functionality.
v1.0.6
- Added new file: tools.ts. - No other changes to the skill logic, documentation, or behavior. - This update may lay groundwork for future tool or code enhancements.
v1.0.5
**Kash 1.0.5 Changelog** - Simplified and condensed description for easier user understanding. - Added `user-invocable: true` and clarified required environment variables in metadata. - Reorganized and streamlined setup and usage documentation for clarity. - Separated security/rules, setup instructions, and tool usage for better navigation. - Maintained all agent usage constraints and security notes without new functionality changes.
v1.0.4
- Added SECURITY.md detailing security practices. - Updated SKILL.md: clarified description, added publisher/contact/license info, defined risk disclosures, credentials, and expanded documentation for usage and configuration. - Removed the unused tools.ts file. - Improved environment variable documentation and safety explanations. - No changes to payment logic, only documentation and metadata enhancements.
v1.0.3
kash 1.0.3 - Updated environment variable descriptions for clarity and accuracy (SKILL.md). - Improved documentation to emphasize security model and strict local/session budget enforcement. - Clarified tool usage instructions and return values for error handling and confirmation flow. - Added explicit rules for safe agent behavior regarding spend confirmation and budget limits. - No changes to functional code logic; documentation and environment config improvements only.
v1.0.2
- Enforced spend confirmation: Any single transaction above $5.00 now triggers CONFIRMATION_REQUIRED; explicit user approval is needed before proceeding. - New environment variable: Added KASH_SPEND_CONFIRMATION_THRESHOLD to allow customization of the confirmation limit (default: $5.00). - Security improvement: KASH_API_URL now only accepts api.kash.dev or localhost; prevents unintentional API key exposure. - Documentation updated to reflect new enforcement, confirmation process, and configuration options.
v1.0.1
- Added environment variable configuration to SKILL.md for API keys, agent ID, optional budget, and API URL. - Removed README.md file to consolidate documentation. - No changes to main functionality or usage instructions.
v1.0.0
Initial release of Kash Payment Skill. - Enables autonomous payments for APIs, web searches, data services, and other paid resources using the user's Kash wallet. - Includes tools for spending (`kash_spend`) and checking the remaining budget (`kash_balance`). - Enforces safety rules: spending limits, user warnings for low balances, and strict error handling. - Provides clear instructions on usage, budget policies, and error responses for seamless payment management.
Metadata
Slug kash
Version 1.0.7
License
All-time Installs 0
Active Installs 0
Total Versions 8
Frequently Asked Questions

What is Kash - Agentic Payment Provider?

Pay for APIs, tools, and services from your agent's Kash wallet. Spends below $5 are autonomous; above $5 requires explicit user YES. Requires KASH_KEY and K... It is an AI Agent Skill for Claude Code / OpenClaw, with 398 downloads so far.

How do I install Kash - Agentic Payment Provider?

Run "/install kash" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Kash - Agentic Payment Provider free?

Yes, Kash - Agentic Payment Provider is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Kash - Agentic Payment Provider support?

Kash - Agentic Payment Provider is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Kash - Agentic Payment Provider?

It is built and maintained by DevFaraaz (@devfaraaz); the current version is v1.0.7.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments