← Back to Skills Marketplace

x402 Payments

Name: x402 Payments
Author: adlai88

by AD88 · GitHub ↗ · v1.0.8 · MIT-0

cross-platform ⚠ suspicious

1083

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install simmer-x402

Description

Make x402 payments to access paid APIs and gated content. Use when a skill needs to fetch data from x402-gated endpoints (like Kaito mindshare API, Simmer pr...

Usage Guidance

This skill will sign and send USDC payments using whatever private key you provide. That is coherent with its purpose, but it means you should only install/run it if you trust the skill and the endpoints it will contact. Recommendations before installing: 1) Use a dedicated wallet with minimal USDC and no long-term funds (do not use your primary wallet). 2) Set a low X402_MAX_PAYMENT_USD both in env and config.json to cap accidental spend. 3) Inspect the x402 SDK package and this skill's code yourself or run it in an isolated environment. 4) Prefer testnet (set X402_NETWORK=testnet) until you confirm behavior. 5) Remove the EVM_PRIVATE_KEY from shared shells/CI and avoid persisting it in insecure places. Finally, note SKILL.md references 'simmer-sdk' even though the bundled requirements don't — that mismatch should be clarified by the publisher.

Capability Analysis

Type: OpenClaw Skill Name: simmer-x402 Version: 1.0.8 The skill facilitates automated cryptocurrency payments (USDC on Base) using the x402 protocol, which is a high-risk capability. It requires a plaintext private key (EVM_PRIVATE_KEY) and includes logic in x402_cli.py to automatically sign and send funds when encountering HTTP 402 errors. While it includes a safety cap (max_payment_usd), the x402_rpc function lacks the explicit limit check found in x402_fetch, potentially allowing higher-than-expected spending. Additionally, a custom V2HeaderTransport in x402_cli.py dynamically modifies HTTP headers based on response body content to satisfy SDK requirements, which is a sensitive manipulation of network traffic.

Capability Tags

cryptorequires-walletcan-make-purchasesrequires-sensitive-credentials

Capability Assessment

✓ Purpose & Capability

Name/description match what the code does: it fetches URLs and, on HTTP 402, uses an x402 SDK to sign/pay USDC on Base. Required packages (x402, eth-account, httpx) and the EVM private key are appropriate for this functionality. Minor mismatch: SKILL.md suggests installing 'simmer-sdk' but the code and requirements.txt do not import or require simmer-sdk — this appears to be an extraneous instruction.

✓ Instruction Scope

SKILL.md and x402_cli.py restrict actions to: reading a skill-local config.json, reading env vars, making HTTP requests to user-specified URLs, and signing/sending payments via the x402 SDK. There is no evidence the skill reads unrelated system files or transmits data to hidden endpoints. Note: the agent will autonomously attempt real payments to arbitrary URLs you ask it to fetch, so misuse or unintended fetches can spend funds.

✓ Install Mechanism

No remote download/extract install steps; dependencies are standard Python packages (x402, httpx, eth-account) declared in requirements.txt. This is a typical pip-based install surface (moderate risk only because PyPI packages execute code). The SKILL.md extra instruction to 'pip install simmer-sdk' is not reflected in requirements.txt and appears unnecessary.

ℹ Credentials

The skill requires an EVM private key (EVM_PRIVATE_KEY or WALLET_PRIVATE_KEY fallback) — this is logically required to sign payments. This is highly sensitive: possession of the private key grants the skill full ability to move funds from that wallet. The skill exposes a per-request USD cap (X402_MAX_PAYMENT_USD / config.json) which mitigates but does not eliminate risk.

✓ Persistence & Privilege

always:false (not forced into every agent run). disable-model-invocation is false (normal), so the agent may invoke the skill autonomously; combined with a supplied private key this increases operational risk, but this privilege is expected for a payments skill.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install simmer-x402
After installation, invoke the skill by name or use /simmer-x402
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.8

Schema fix: primaryEnv + envVars with required:false for optional credentials. Clears OpenClaw 'disproportionate requirements' verdict.

v1.0.7

Declare WALLET_PRIVATE_KEY in requires.env for OpenClaw moderation alignment.

v1.0.6

Add pip install simmer-sdk to setup flow

v1.0.5

- Added Simmer premium endpoint `/api/sdk/markets/import` ($0.005/request) to the list of supported x402 providers. - No other functional or configuration changes; updated documentation only.

v1.0.4

AgentSkills format — moved platform config to clawhub.json for cross-agent compatibility

v1.0.3

- Added "difficulty: advanced" field to metadata in SKILL.md. - No functional or code changes; documentation only.

v1.0.2

- Added required pip dependency (x402[httpx,evm]) to metadata for automatic installation. - Updated skill version to 1.0.2.

v1.1.1

- Added a private key safety section under Security, providing best practices for storing and protecting your private key. - No functional or interface changes; documentation update only.

v1.1.0

Adds Quicknode x402 pay-per-request blockchain RPC support and related CLI command. - New CLI command: `python x402_cli.py rpc <network> <method> [params...]` enables on-demand blockchain RPC via Quicknode x402 (no API key needed). - Documentation and examples for Quicknode RPC added to SKILL.md, including supported networks and usage instructions. - Quicknode x402 is now listed as a supported x402 provider. - No breaking changes to existing payment or fetch functionality.

v1.0.1

No functional or documentation changes in this release. - Version bump: 1.0.1 (no file changes detected) - No additions, removals, or modifications to the SKILL.md or source files

v1.0.0

simmer-x402 1.0.0 – Initial Release - Enables automatic USDC payments on Base for accessing x402-gated APIs and content. - Handles HTTP 402 Payment Required responses and integrates directly with the official Coinbase x402 Python SDK. - Supports popular paid endpoints from Kaito, AlphaKek, CoinGecko, and Simmer, with detailed CLI commands for balance checks and gated API access. - Provides environment/configuration options for wallet management and payment limits. - Includes troubleshooting tips and dry-run mode for secure, controlled payments.

Metadata

Slug simmer-x402

Version 1.0.8

License MIT-0

All-time Installs 6

Active Installs 6

Total Versions 11

Frequently Asked Questions

What is x402 Payments?

Make x402 payments to access paid APIs and gated content. Use when a skill needs to fetch data from x402-gated endpoints (like Kaito mindshare API, Simmer pr... It is an AI Agent Skill for Claude Code / OpenClaw, with 1083 downloads so far.

How do I install x402 Payments?

Run "/install simmer-x402" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is x402 Payments free?

Yes, x402 Payments is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does x402 Payments support?

x402 Payments is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created x402 Payments?

It is built and maintained by AD88 (@adlai88); the current version is v1.0.8.

More Skills