← Back to Skills Marketplace
Settld MCP Payments
by
aidenlippert
· GitHub ↗
· v0.1.0
695
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install settld-mcp-payments
Description
Connect OpenClaw agents to Settld MCP for paid tool calls with quote-bound authorization and verifiable receipts.
Usage Guidance
Before installing or running this skill: 1) Treat SETTLD_API_KEY as a sensitive secret — only provide a least-privilege or scoped key. 2) Ask the publisher for provenance: where is the settld-mcp npm package hosted, is there a source repository, a pinned version, and release checksums or signatures? Do not run unpinned npx commands in production. 3) Update the skill manifest or ask the registry owner to declare required env vars so the platform can surface the credential requirement. 4) If you must test, run the MCP server in an isolated environment (sandbox/container) and use test credentials and a billing limit. 5) Monitor billing and receipts for unexpected charges. 6) If you cannot verify the npm package source or author, treat this skill as high-risk and avoid providing real production credentials.
Capability Analysis
Type: OpenClaw Skill
Name: settld-mcp-payments
Version: 0.1.0
The skill bundle is classified as suspicious due to the use of `npx -y settld-mcp` in `SKILL.md` and `mcp-server.example.json`. While `npx` is a legitimate tool, the `-y` flag allows automatic download and execution of an external npm package (`settld-mcp`) without explicit confirmation, introducing a supply chain risk. If the `settld-mcp` package were compromised, it could lead to arbitrary code execution. There is no direct evidence of malicious intent within the provided files, but this execution model represents a significant vulnerability.
Capability Assessment
Purpose & Capability
The SKILL.md purpose (connect to Settld MCP, run paid tool calls, produce receipts) is coherent with needing SETTLD_API_KEY, SETTLD_BASE_URL, and SETTLD_TENANT_ID. However, the registry metadata lists no required environment variables or primary credential despite SKILL.md explicitly naming these secrets. That inconsistency means the package's required privileges are not declared to the platform and may not be surfaced to users.
Instruction Scope
The runtime instructions are narrowly scoped to MCP interactions (calling settld.* tools, returning headers, running an MCP server). They do not instruct reading unrelated files or exfiltrating system data. They do, however, instruct running a server via `npx -y settld-mcp` and using API keys from env vars, which grants an external package the ability to execute arbitrary code at runtime — this broadens the effective scope beyond the written instructions.
Install Mechanism
There is no formal install spec in the skill manifest, but the SKILL.md and mcp-server.example.json direct users/agents to launch `npx -y settld-mcp`. npx dynamically fetches and executes a package from npm; the skill does not pin a package version, provide a checksum, or link to a repository or homepage. Dynamic npm fetch is a moderate-to-high risk without provenance or pinning, because arbitrary code may be downloaded and executed at runtime.
Credentials
The environment variables named in SKILL.md (SETTLD_API_KEY, SETTLD_BASE_URL, SETTLD_TENANT_ID, optional SETTLD_PAID_TOOLS_BASE_URL/SETTLD_PROTOCOL) are appropriate for a payment/settlement integration. However, the skill registry metadata did not declare any required env vars or primary credential, creating an omission that hides the fact that the skill needs sensitive secrets. Requiring live API keys without manifest declaration increases the risk of inadvertent exposure or misuse by runtime code.
Persistence & Privilege
The skill is not marked always:true and has no install-time persistence or config writes in the manifest. Autonomous invocation (default) is allowed; combined with a secret API key and the ability to run an npm package, an agent could autonomously make paid calls. This is not intrinsically incorrect, but users should be aware that the skill can be invoked by the agent and may incur charges if given credentials.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install settld-mcp-payments - After installation, invoke the skill by name or use
/settld-mcp-payments - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial public release: Settld MCP paid tool integration for OpenClaw.
Metadata
Frequently Asked Questions
What is Settld MCP Payments?
Connect OpenClaw agents to Settld MCP for paid tool calls with quote-bound authorization and verifiable receipts. It is an AI Agent Skill for Claude Code / OpenClaw, with 695 downloads so far.
How do I install Settld MCP Payments?
Run "/install settld-mcp-payments" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Settld MCP Payments free?
Yes, Settld MCP Payments is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Settld MCP Payments support?
Settld MCP Payments is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Settld MCP Payments?
It is built and maintained by aidenlippert (@aidenlippert); the current version is v0.1.0.
More Skills