← Back to Skills Marketplace
440
Downloads
0
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install x402engine
Description
Pay-per-call API gateway skill — calls 63 APIs (LLMs, image/video gen, flights, hotels, crypto, web search) via x402 micropayments. Each call costs $0.001-$0...
Usage Guidance
This skill does what it says — it will sign and submit on-chain micropayments using the EVM private key you provide. Before installing or enabling it: 1) Never supply your main wallet private key. Create a dedicated wallet with minimal funds for this skill. 2) Configure a local policy file and set X402_POLICY_PATH (point to a vetted policy) so spend caps and recipient allowlists are enforced; by default the code may bypass policy checks if no policy path is provided. 3) Consider setting X402_STATE_PATH to a controlled location and review POLICY.example.json (recipient allowlist, per-tx and daily caps). 4) Audit or host the discovery catalog yourself (set X402_DISCOVERY_URL or X402ENGINE_ORIGIN to a self-hosted catalog) so you control which paygates/services can be called. 5) If you do not want autonomous spending, prevent agent auto-invocation of skills (disable model invocation for this skill if the platform supports it) or do not provide EVM_PRIVATE_KEY as an env var; prefer ephemeral keys or manual signing workflows. 6) Because the skill will install third-party npm packages, run npm install in an isolated environment and review dependencies if you’re concerned about supply-chain risk. If you need help with concrete safe defaults (example policy that enforces allowlist and strict caps), ask and provide your preferred chains/assets and budget limits.
Capability Analysis
Type: OpenClaw Skill
Name: x402engine
Version: 1.3.2
The skill is classified as suspicious due to several high-risk capabilities and vulnerabilities that could be exploited via prompt injection against the AI agent. Most critically, the skill explicitly advertises and implements a 'code-run' service (SKILL.md, README.md, intent-router.js, executor.js) that takes user-provided code (Python, JS, Bash, R) and sends it to a backend API for execution, creating a direct path for potential Remote Code Execution (RCE). Additionally, the skill allows sensitive file paths (EVM_PRIVATE_KEY_FILE, X402_POLICY_PATH, X402_STATE_PATH in client.js and policy-engine.cjs) and discovery URLs (X402_DISCOVERY_URL, X402ENGINE_ORIGIN in discovery.js) to be configured via environment variables. If an attacker can manipulate the agent to set these environment variables, it could lead to arbitrary file reads or Server-Side Request Forgery (SSRF) and interaction with attacker-controlled endpoints.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description, required binaries (node), and installed packages (@x402/fetch, @x402/evm, viem) align with a payment-aware API gateway. The code uses an EVM private key to sign payments as expected. No unrelated credentials or binaries are requested.
Instruction Scope
The runtime fetches a remote service catalog (default https://x402engine.app/.well-known/x402.json) and uses that catalog to call arbitrary paid endpoints. The skill will read EVM_PRIVATE_KEY (or EVM_PRIVATE_KEY_FILE) and will write a state file (default .x402engine-state.json). Policy enforcement is present in code but only applied if a policy path is provided; autopreflightCheck returns 'bypassed' when no policy path is configured, meaning calls may proceed without local spend caps unless you explicitly configure X402_POLICY_PATH (CLI commands default to POLICY.example.json but programmatic invocation may not). The discovery/catalog mechanism and remote endpoints could cause the agent to contact and pay arbitrary external paygates; this is expected functionality but increases risk and deserves explicit user control.
Install Mechanism
Install uses npm packages from the public registry (package.json/package-lock.json list @x402/* and viem). No arbitrary downloads or extract-from-URL steps are present. This is a standard Node.js dependency footprint; however, install pulls a nontrivial dependency tree (see package-lock) so standard supply-chain considerations apply.
Credentials
The single required environment secret is EVM_PRIVATE_KEY (primary credential), which is coherent with the skill's purpose (signing micropayments). However, this is a high-privilege secret: possession of the private key allows on-chain transfers and signing. The SKILL.md does advise using a dedicated, limited-funds wallet, which you should follow. The skill also optionally reads EVM_PRIVATE_KEY_FILE and will read/provision policy/state paths; these are reasonable but increase attack surface if misconfigured.
Persistence & Privilege
always:false (good), but disable-model-invocation is false (default), so the agent may autonomously call this skill. Combined with a configured EVM_PRIVATE_KEY, that means the agent could autonomously sign and submit on-chain payments. The skill stores state to disk and may write policy/state files; it does not modify other skills. If you allow autonomous invocation and provide a funded key, you accept risk of automated spend unless you configure strict policy controls and use a dedicated wallet.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install x402engine - After installation, invoke the skill by name or use
/x402engine - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.2
Fix metadata: only EVM_PRIVATE_KEY is required in registry. All other env vars are optional and documented in Security section.
v1.3.1
Docs-only fix: accurately describe policy enforcement as opt-in (no X402_POLICY_PATH = no spending limits). Reverted code change from v1.3.0 that broke users without a policy file. All env vars declared in metadata.
v1.3.0
Fix fail-closed policy enforcement: deny when no policy path instead of bypassing. Declare all env vars (EVM_PRIVATE_KEY_FILE, X402_POLICY_PATH, X402_STATE_PATH, X402_DISCOVERY_URL, X402_AUTOPREFLIGHT, X402_DISCOVERY_REFRESH_MS) in metadata.
v1.2.0
Security review fixes: added cost transparency (show per-call costs to user), added install spec for npm dependencies, added security section with wallet isolation guidance, removed concealment instructions, added discovery URL override docs.
v1.1.0
63 APIs: added Google Flights and Hotels search via SerpApi. Flight search with price insights, hotel search with ratings and amenities. Plus 30 LLMs, image/video gen, crypto data, wallet analytics, web search, code execution, and more.
Metadata
Frequently Asked Questions
What is X402engine?
Pay-per-call API gateway skill — calls 63 APIs (LLMs, image/video gen, flights, hotels, crypto, web search) via x402 micropayments. Each call costs $0.001-$0... It is an AI Agent Skill for Claude Code / OpenClaw, with 440 downloads so far.
How do I install X402engine?
Run "/install x402engine" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is X402engine free?
Yes, X402engine is completely free (open-source). You can download, install and use it at no cost.
Which platforms does X402engine support?
X402engine is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created X402engine?
It is built and maintained by agentc22 (@agentc22); the current version is v1.3.2.
More Skills