← Back to Skills Marketplace
CAPTCHAS OpenClaw
by
CAPTCHASCO
· GitHub ↗
· v1.0.1
2149
Downloads
2
Stars
4
Active Installs
2
Versions
Install in OpenClaw
/install captchas-openclaw
Description
OpenClaw integration guidance for CAPTCHAS Agent API, including OpenResponses tool schemas and plugin tool registration.
README (SKILL.md)
CAPTCHAS + OpenClaw
Use this skill when integrating CAPTCHAS with OpenClaw via OpenResponses tools or OpenClaw plugin tools.
Configuration
Set environment variables:
CAPTCHAS_ENDPOINT=https://agent.captchas.coCAPTCHAS_API_KEY=\x3Cyour-api-key>
Headers:
x-api-key: required (useCAPTCHAS_API_KEY).x-domain: optional; validated if provided.
Notes:
site_keyis optional; if omitted, it resolves from the API key or account default.- Avoid sending PII in
signals.
OpenResponses Tool Schemas (OpenClaw Gateway)
Use the OpenClaw tools array shape when calling the Gateway /v1/responses endpoint.
{
"tools": [
{
"type": "function",
"function": {
"name": "captchas_agent_verify",
"description": "Run CAPTCHAS Agent Verify and return a decision (allow|deny|challenge).",
"parameters": {
"type": "object",
"properties": {
"site_key": {"type": "string"},
"action": {"type": "string"},
"signals": {"type": "object", "additionalProperties": true},
"capabilities": {
"oneOf": [
{"type": "object", "additionalProperties": true},
{"type": "array", "items": {"type": "string"}}
]
},
"verification_mode": {"type": "string", "enum": ["backend_linked", "agent_only"]},
"challenge_source": {"type": "string", "enum": ["bank", "ai_generated"]},
"input_type": {"type": "string", "enum": ["choice", "image", "behavioral"]},
"media_url": {"type": "string"},
"media_type": {"type": "string"}
},
"required": [],
"additionalProperties": false
}
}
},
{
"type": "function",
"function": {
"name": "captchas_agent_challenge_complete",
"description": "Complete a challenge and mint a verification token when passed.",
"parameters": {
"type": "object",
"properties": {
"challenge_id": {"type": "string"},
"site_key": {"type": "string"},
"answer": {"type": "string"}
},
"required": ["challenge_id", "answer"],
"additionalProperties": false
}
}
},
{
"type": "function",
"function": {
"name": "captchas_agent_token_verify",
"description": "Verify an opaque CAPTCHAS token before completing a sensitive action.",
"parameters": {
"type": "object",
"properties": {
"token": {"type": "string"},
"site_key": {"type": "string"},
"domain": {"type": "string"}
},
"required": ["token"],
"additionalProperties": false
}
}
}
]
}
OpenClaw Plugin Tool Registration
Register tools using api.registerTool(...) and the same JSON Schema parameters as above.
Example:
api.registerTool({
name: "captchas_agent_verify",
description: "Run CAPTCHAS Agent Verify and return a decision (allow|deny|challenge).",
parameters: {
type: "object",
properties: {
site_key: { type: "string" },
action: { type: "string" },
signals: { type: "object", additionalProperties: true }
},
required: [],
additionalProperties: false
},
async execute(_id, params) {
return { content: [{ type: "text", text: JSON.stringify(params) }] };
}
});
References
- Use
/v1/agent/verify,/v1/agent/challenge/:id/complete, and/v1/agent/token-verifyas the canonical API calls. - See
captchas-human-verification/SKILL.mdfor workflow guidance.
Usage Guidance
This skill is coherent for integrating CAPTCHAS with OpenClaw. Before installing, store CAPTCHAS_API_KEY securely and confirm CAPTCHAS_ENDPOINT is correct. Be cautious about what you include in the 'signals' object — avoid PII or sensitive tokens, since the schema allows arbitrary fields. Replace the example execute() that echoes params before using in production (echoing inputs can leak sensitive data to logs or assistant outputs). Finally, ensure API keys are scoped/minimized and rotated regularly.
Capability Analysis
Type: OpenClaw Skill
Name: captchas-openclaw
Version: 1.0.1
The skill bundle defines tools and configuration for integrating with a CAPTCHAS API. The `SKILL.md` provides schemas for CAPTCHA verification, challenge completion, and token verification, along with an example `execute` function that merely echoes its input. While the `signals` parameter in `captchas_agent_verify` allows arbitrary data, the documentation explicitly warns against sending PII, and there are no instructions for the agent to perform malicious actions, exfiltrate data, or execute arbitrary commands. All content aligns with the stated purpose of CAPTCHA integration and lacks any clear evidence of intentional harmful behavior or high-risk prompt injection.
Capability Assessment
Purpose & Capability
Name/description (CAPTCHAS integration) aligns with declared env vars (CAPTAS_API_KEY, CAPTCHAS_ENDPOINT) and the API endpoints referenced. Requested credentials and endpoint are expected for this integration.
Instruction Scope
SKILL.md contains only API integration guidance and tool schemas. It does not instruct the agent to read unrelated system files or other credentials. Note: the 'signals' parameter is free-form (additionalProperties allowed) and the doc warns to avoid PII but does not enforce it — this is a possible data-exposure risk if callers put sensitive user data into signals. The example plugin's execute() simply returns JSON.stringify(params), which in a real integration could cause sensitive inputs to be reflected into tool output/logs.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install posture; nothing is written to disk or downloaded by the skill itself.
Credentials
Only two environment variables are required: CAPTCHAS_API_KEY (primary credential) and CAPTCHAS_ENDPOINT. Both are appropriate and necessary for an API integration; no unrelated credentials or broad config paths are requested.
Persistence & Privilege
Skill is not always-enabled and does not request system-wide privileges or attempt to modify other skills. Default autonomous invocation is allowed (platform default) but not combined with other concerning privileges here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install captchas-openclaw - After installation, invoke the skill by name or use
/captchas-openclaw - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Reference to a user-specific file path was replaced with a generic `captchas-human-verification/SKILL.md` workflow reference.
- No other content changes were made in this version.
v1.0.0
Initial release of OpenClaw integration guidance for the CAPTCHAS Agent API.
- Provides environment variable setup and required headers for API authentication.
- Documents OpenResponses tool schemas for CAPTCHAS verification, challenge completion, and token verification.
- Includes example for plugin tool registration with JSON Schema parameter definitions.
- References canonical API endpoints and workflow guidance sources.
Metadata
Frequently Asked Questions
What is CAPTCHAS OpenClaw?
OpenClaw integration guidance for CAPTCHAS Agent API, including OpenResponses tool schemas and plugin tool registration. It is an AI Agent Skill for Claude Code / OpenClaw, with 2149 downloads so far.
How do I install CAPTCHAS OpenClaw?
Run "/install captchas-openclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is CAPTCHAS OpenClaw free?
Yes, CAPTCHAS OpenClaw is completely free (open-source). You can download, install and use it at no cost.
Which platforms does CAPTCHAS OpenClaw support?
CAPTCHAS OpenClaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created CAPTCHAS OpenClaw?
It is built and maintained by CAPTCHASCO (@captchasco); the current version is v1.0.1.
More Skills