← Back to Skills Marketplace

Receipts Guard

Name: Receipts Guard
Author: lazaruseth

by lazaruseth · GitHub ↗ · v0.7.1

cross-platform ⚠ suspicious

2058

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install receipts-guard

Description

ERC-8004 identity, x402 payments, and arbitration protocol for autonomous agent commerce. The three rails for the machine economy.

Usage Guidance

This skill implements on-chain identity, payments, and arbitration and includes Node code that will create and store keys, talk to blockchain RPC endpoints, and can run as a persistent HTTP service. Before installing or running it: 1) Treat RECEIPTS_WALLET_PRIVATE_KEY and any API keys as highly sensitive — do NOT export a long-term mainnet private key into an environment on a shared machine; prefer ephemeral wallets or a signing service/hardware wallet. 2) Inspect the full capture.js (the bundle here is truncated) to verify where secrets are written, whether keys are encrypted at rest, and what external endpoints are contacted. 3) Confirm the skill author and provenance (homepage is missing and owner identity is opaque); the included SECURITY_AUDIT.md appears to be an internal/self-audit—confirm its independence. 4) If you must run it, do so in an isolated environment (container or VM) with limited network access and use testnet/ephemeral keys first. 5) Ask the author to update registry metadata to explicitly list required env vars (wallet key, RPC endpoints, Moltbook key) and to document key-encryption, telemetry, and network endpoints used. These steps will reduce the risk of accidentally exposing private keys or running an unexpectedly persistent service.

Capability Analysis

Type: OpenClaw Skill Name: receipts-guard Version: 0.7.1 The OpenClaw AgentSkills bundle 'receipts-guard' is classified as benign. While it implements powerful features like cryptographic key management, on-chain transactions using a private key, and an HTTP server, these capabilities are directly aligned with its stated purpose as an 'arbitration protocol for autonomous agent commerce'. The `SKILL.md` documentation provides clear instructions for the agent's operation without any evidence of prompt injection attempts to subvert the agent's core directives or exfiltrate unrelated data. The `capture.js` code demonstrates robust security practices, including restricted file permissions (e.g., `0o600` for private keys in `~/.openclaw/receipts/identity/private/`), strong Ed25519 cryptography with replay protection, and a security-hardened HTTP server featuring rate limiting, configurable CORS, API key authentication, DID request signing, and input validation. The `SECURITY_AUDIT.md` further confirms a proactive approach to security, detailing a fixed file permission vulnerability and outlining future enhancements. All identified high-risk capabilities are necessary for the skill's functionality and are handled with appropriate warnings and secure configuration expectations (e.g., `RECEIPTS_WALLET_PRIVATE_KEY` as an environment variable).

Capability Assessment

⚠ Purpose & Capability

The name/description (ERC-8004 identity, x402 payments, arbitration) matches the included code (capture.js) and dependencies (ethers, tweetnacl). That part is coherent. However the registry metadata declares no required environment variables or primary credential, while the SKILL.md and capture.js clearly describe and use sensitive environment variables (RECEIPTS_WALLET_PRIVATE_KEY, ETHEREUM_RPC, BASE_RPC, SEPOLIA_RPC, RECEIPTS_MOLTBOOK_KEY, etc.). The absence of declared required env vars in metadata is an inconsistency and reduces transparency about what secrets the skill actually needs.

⚠ Instruction Scope

SKILL.md and capture.js instruct the agent to create and rotate private keys, anchor DIDs on-chain (which requires a wallet private key), interact with RPC endpoints, run an HTTP server mode, and read/write a persistent directory under the user's home (~/.openclaw/receipts). They also describe human-controller Twitter-based recovery and Moltbook witnessing. These actions involve creating/storing private keys, writing files under home, and making outbound network calls — all broader than a minimal, read-only helper. The instructions reference secrets and external endpoints not declared in the skill metadata and allow deployment as a persistent cloud service.

✓ Install Mechanism

There is no install spec that fetches arbitrary binaries or archives; the bundle includes capture.js and package.json/lock with common npm deps (ethers, tweetnacl). No external download URLs or shorteners are used. Risk from installation is limited to installing/ running the included JavaScript in a Node environment and its declared npm dependencies (standard for this functionality).

⚠ Credentials

The code and SKILL.md expect multiple sensitive environment variables (e.g., RECEIPTS_WALLET_PRIVATE_KEY for on-chain registration and ETHEREUM_RPC/BASE_RPC/SEPOLIA_RPC endpoints, plus optional RECEIPTS_MOLTBOOK_KEY and RECEIPTS_CUSTOM_RULES). The registry metadata listed none. Requesting a wallet private key and API keys is reasonable for on-chain operations, but the metadata should declare them explicitly. Storing or exporting a raw private key via environment variables is high-risk; the skill's instructions also mention filesystem storage of keys under ~/.openclaw/receipts which must be protected. The mismatch between declared and actual secret needs creates an opportunity for accidental secret exposure.

ℹ Persistence & Privilege

The skill does not request always:true and allows user invocation/autonomous invocation by default (normal). However capture.js writes persistent data to ~/.openclaw/receipts and includes a 'serve' HTTP server mode plus a fly.toml for cloud deployment — so it is designed to run as a persistent agent/service if you choose. That increases exposure over a purely transient helper but is functionally coherent for a service that anchors identities and manages receipts.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install receipts-guard
After installation, invoke the skill by name or use /receipts-guard
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.7.1

receipts-guard v0.7.1 - 🔐 Added HTTP API authentication with API Key and DID signature support - 🛡️ Authorization checks: only counterparties can accept proposals via API - 🌐 CORS restricted: default block, configurable allowed origins - ⚡ Implemented rate limiting (100 requests/min per IP) - ✅ Input validation for payment address, amount, and deadlines on proposals - Clear separation of protected vs public HTTP endpoints in server mode

v0.7.0

- Integrates ERC-8004 for on-chain agent identity registration on Ethereum and Base chains - Adds x402 protocol support for paid arbitration and automated settlement using USDC/ETH - Introduces cloud deployment: Dockerfile and Fly.io Sprites support with HTTP REST API mode - New commands: `identity anchor` (on-chain registration), `identity resolve` (chain DID lookup) - Enables proposals and arbitration flows that require and verify payment proofs (x402 native) - Generalizes local-first design to support cloud and persistent deployments

v0.6.0

v0.6.0: Self-Sovereign Agent Identity - DID-based identity with Ed25519 signatures, key rotation with proof chain, human controller recovery

v0.5.0

RECEIPTS Guard v0.5.0 introduces a full agent-to-agent arbitration protocol for autonomous commerce: - Adds arbitration lifecycle: proposal → agreement → fulfillment/dispute → ruling. - Introduces PAO (Programmable Agreement Object) with canonical termsHash and mutual signatures. - Supports selection of a mutually agreed arbiter for binding rulings. - Adds structured commands for proposing, accepting, fulfilling, disputing, and ruling on agreements. - Implements Legal Provenance Review (LPR) timelines for evidentiary transparency. - Evidence capture and submission workflows enhanced for arbitration and dispute resolution.

v0.4.0

RECEIPTS Guard v0.4.0: Major feature update with new agent-to-agent commitment capture, decentralized witnessing, enhanced exports, and customization. - Added agent-to-agent commitment capture: record outbound and inbound promises, not just website ToS. - Integrated decentralized witnessing: anchor evidence hashes to Moltbook and/or Bitcoin. - Introduced PDF export: generate courtroom-ready evidence documents. - Enabled custom rulesets: define or import risk detection rules for industry-specific needs. - Provided direct framework integration: new hooks for agent workflows (OpenClaw, n8n, LangGraph). - Updated documentation and quickstart with new commands and usage examples.

v0.3.0

**Major update: Adds consent proof features and improved dispute handling.** - Consent Proofs: Capture not only what was agreed, but also how consent was given (explicit, implicit, continued_use). - Implicit Consent Detection: Flags "continued use = acceptance" patterns for increased transparency. - Diff Generation: See precise changes between Terms of Service versions. - Dispute Packages: Generate comprehensive, ready-to-use evidence reports for legal disputes. - Legal Disclaimer: Now displays a warning that this tool is not a substitute for legal review. - New query options and expanded risk pattern detection.

v0.2.0

Version 0.2.0 - Added the ability to query receipts by merchant, risk level, or date. - Change detection now alerts when terms of service have changed since the last capture. - Receipts can be exported to JSON or CSV for evidence and backup. - Smart deduplication flags duplicate captures automatically. - New index file enables fast local searching without scanning all receipt files.

v0.1.1

- Now performs all evidence capture and risk analysis completely locally—no cloud or API required; your data stays on your device. - Removes dependence on external API keys—RECEIPTS_API_KEY is no longer required. - Updates documentation to reflect local-only operation and clarifies that all agreement data and risk analysis remain on your machine. - Expanded documentation on what risk clauses the tool detects during agreement capture. - Local capture now includes a document hash and explicit statement of local storage in output for easier auditing and privacy.

v0.1.0

Initial release of receipts-guard. - Captures and verifies agreements before agent actions (e.g., accepting terms, making payments). - Provides immutable audit trails, risk analysis, trust scoring, and dispute evidence for autonomous transactions. - API integration to analyze agreements and recommend actions: proceed, require approval, or block. - CLI interface for capturing agreements and payments, storing receipt IDs, and handling risk flags. - Configuration via OpenClaw agent settings with API key support. - Full documentation for setup, usage, examples, and troubleshooting.

Metadata

Slug receipts-guard

Version 0.7.1

License —

All-time Installs 3

Active Installs 1

Total Versions 9

Frequently Asked Questions

What is Receipts Guard?

ERC-8004 identity, x402 payments, and arbitration protocol for autonomous agent commerce. The three rails for the machine economy. It is an AI Agent Skill for Claude Code / OpenClaw, with 2058 downloads so far.

How do I install Receipts Guard?

Run "/install receipts-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Receipts Guard free?

Yes, Receipts Guard is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Receipts Guard support?

Receipts Guard is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Receipts Guard?

It is built and maintained by lazaruseth (@lazaruseth); the current version is v0.7.1.

More Skills