← Back to Skills Marketplace
616
Downloads
2
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install in-app-purchases
Description
Implement in-app purchases and subscriptions across iOS, Android, and Flutter with RevenueCat, paywalls, receipt validation, and subscription analytics.
README (SKILL.md)
When to Use
User needs to implement in-app purchases, subscriptions, paywalls, or monetization flows. Agent handles native APIs (StoreKit 2, Google Play Billing), cross-platform SDKs (RevenueCat, Adapty, Qonversion), paywall design, server verification, and subscription analytics.
Quick Reference
| Topic | File |
|---|---|
| iOS StoreKit 2 | storekit.md |
| Android Billing | google-play.md |
| Flutter packages | flutter.md |
| RevenueCat SDK | revenuecat.md |
| Platform comparison | platforms.md |
| Server verification | server.md |
| Paywall design | paywalls.md |
| Subscription metrics | analytics.md |
| Testing & sandbox | testing.md |
Core Rules
1. Choose Your Architecture
| Approach | When to Use | Tradeoff |
|---|---|---|
| Native only | Single platform, full control | More code, no cross-platform sync |
| RevenueCat/Adapty | Cross-platform, fast launch | 1-2% fee, dependency |
| Hybrid | Native + own backend | Full control, more work |
2. Platform SDKs (Managed)
| Platform | Pricing | Best For |
|---|---|---|
| RevenueCat | Free \x3C$2.5k MTR, then 1% | Most apps, best docs |
| Adapty | Free \x3C$10k MTR, then 0.6% | Cost-conscious, A/B paywalls |
| Qonversion | Free \x3C$10k MTR, then 3% | Simple setup |
| Superwall | Paywall-focused | Paywall A/B only |
| Glassfy | Free \x3C$10k, then 0.5% | Budget option |
3. Product Types
| Type | iOS | Android | Use Case |
|---|---|---|---|
| Consumable | ✅ | ✅ | Credits, coins, lives |
| Non-consumable | ✅ | ✅ | Unlock feature forever |
| Auto-renewable | ✅ | ✅ | Subscriptions |
| Non-renewing | ✅ | ❌ | Season pass, time-limited |
4. Server Verification is Non-Negotiable
Never trust client-side validation alone:
- iOS: App Store Server API with JWS verification
- Android: Google Play Developer API
- RevenueCat: Webhooks + REST API
5. Handle All Transaction States
| State | Action |
|---|---|
| Purchased | Verify → grant → finish |
| Pending | Wait, show pending UI |
| Failed | Show error, don't grant |
| Deferred | Wait for parental approval |
| Refunded | Revoke immediately |
| Grace period | Limited access, prompt payment |
| Billing retry | Maintain access during retry |
6. Subscription Lifecycle Events
Must handle all of these (native or via webhooks):
- INITIAL_PURCHASE → grant access
- RENEWAL → extend access
- CANCELLATION → mark will-expire
- EXPIRATION → revoke access
- BILLING_ISSUE → prompt to update payment
- GRACE_PERIOD → limited access window
- PRICE_INCREASE → consent required (iOS)
- REFUND → revoke + flag user
- UPGRADE/DOWNGRADE → prorate
7. Restore Purchases Always
Required by App Store guidelines:
- Prominent restore button
- Works for logged-out users
- Handles family sharing (iOS)
- Cross-device sync
8. Paywall Best Practices
See paywalls.md for detailed patterns:
- Show value before price
- Anchor pricing (3 options, highlight middle)
- Free trial prominent
- Social proof if available
- A/B test everything
9. Testing Strategy
| Environment | iOS | Android |
|---|---|---|
| Dev/Debug | StoreKit Config file | License testers |
| Sandbox | Sandbox accounts | Internal testing |
| Production | Real accounts | Production |
Sandbox subscription times:
- 1 week → 3 minutes
- 1 month → 5 minutes
- 1 year → 1 hour
10. App Store Guidelines
- No external payment links (anti-steering)
- Must use IAP for digital goods
- Physical goods/services can use Stripe
- Reader apps have exceptions
- 15-30% commission applies
Common Traps
- Testing with real money → use sandbox/test accounts
- Not finishing transactions → auto-refund (Android 3 days)
- Hardcoding prices → always fetch from store (regional pricing)
- Missing transaction observer → lose purchases made outside app
- No server verification → trivially bypassable
- Ignoring grace period → users churn when they could recover
- Poor paywall UX → kills conversion regardless of price
- Not tracking metrics → can't optimize what you don't measure
- Forgetting restore button → App Store rejection
- Not handling family sharing → confused users
Usage Guidance
This package is a set of documentation and code examples for implementing in-app purchases and appears coherent for that purpose, but note the source is unknown and the docs include code that requires sensitive credentials (App Store JWT private key, Google service-account.json, RevenueCat secret API keys, and webhooks). Before using: (1) verify the skill's origin or prefer official vendor docs if provenance matters, (2) never paste private keys or service-account files into public chat — store them securely (secrets manager, environment variables, or vault) and use least-privilege service accounts, (3) implement webhook verification and JWT signature checks as shown to avoid spoofed events, (4) test thoroughly in sandbox environments (StoreKit/Play Console/RevenueCat sandbox) before production, and (5) review the sample server code to ensure you apply secure coding practices (rate limiting, idempotency, logging/audit, and secure storage of raw receipts).
Capability Analysis
Type: OpenClaw Skill
Name: in-app-purchases
Version: 1.0.0
The OpenClaw AgentSkills skill bundle 'in-app-purchases' is benign. It provides comprehensive documentation and code examples for implementing in-app purchases across various platforms (iOS, Android, Flutter) and using different SDKs (RevenueCat, Adapty). The content covers client-side integration, server-side receipt verification, analytics, and testing. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts against the agent, or obfuscation. While the `server.md` file discusses handling sensitive application-level credentials (e.g., Apple App Store Connect private keys, Google service account JSON) for legitimate IAP verification, this is standard practice for secure backend operations and does not indicate malicious intent within the skill bundle itself.
Capability Assessment
Purpose & Capability
Name/description (implement IAPs, subscriptions, RevenueCat, paywalls, receipt validation) match the content of SKILL.md and the included platform/server/paywall docs and code examples. Required env/config/binaries are minimal (none declared) which is reasonable for an instruction-only reference.
Instruction Scope
SKILL.md and the included files focus on platform SDKs, RevenueCat, server verification, webhooks and testing — all in scope. The docs include sample server endpoints, webhook handlers, and examples that show handling receipts, webhooks, and storing raw receipts; these are expected for the stated purpose but mean the implementer will be asked to handle sensitive data and run networked endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files to execute — low installation risk. All code appears as examples in markdown; nothing is being downloaded or written by the skill itself.
Credentials
The skill declares no required environment variables or credentials, but many examples reference sensitive secrets (App Store JWT private key, Google service-account.json, RevenueCat API keys, webhook endpoints). That is expected for this functionality, but the skill does not itself request or manage those secrets — you will need to supply and protect them when you implement.
Persistence & Privilege
Skill is not marked always:true and does not request persistent system privileges. It is user-invocable and can be invoked autonomously (platform default), which is expected for a skill; nothing in the package attempts to modify other skills or global agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install in-app-purchases - After installation, invoke the skill by name or use
/in-app-purchases - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is In-App Purchases?
Implement in-app purchases and subscriptions across iOS, Android, and Flutter with RevenueCat, paywalls, receipt validation, and subscription analytics. It is an AI Agent Skill for Claude Code / OpenClaw, with 616 downloads so far.
How do I install In-App Purchases?
Run "/install in-app-purchases" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is In-App Purchases free?
Yes, In-App Purchases is completely free (open-source). You can download, install and use it at no cost.
Which platforms does In-App Purchases support?
In-App Purchases is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).
Who created In-App Purchases?
It is built and maintained by Iván (@ivangdavila); the current version is v1.0.0.
More Skills