← Back to Skills Marketplace
x402-payment-demo
by
open-aibank
· GitHub ↗
· v1.0.2
1663
Downloads
1
Stars
2
Active Installs
3
Versions
Install in OpenClaw
/install x402-payment-demo
Description
Demo of x402 payment protocol by fetching a protected image. Triggers: 'demo x402-payment'
Usage Guidance
This skill delegates payment signing but does not say where signing keys or a signing service come from. Before installing or running it: 1) Ask the author for the 'x402-payment-tron' skill content and how signing is performed (local key, hardware wallet, remote signer, or user prompt). 2) Confirm whether the agent will prompt you for explicit approval before any on-chain payment, and whether private keys will ever be accessed from your environment. 3) Review and validate the external demo host (https://x402-tron-demo.aibank.io) and consider testing in a sandbox account with no real funds. 4) If you require safety, disable autonomous invocation or require explicit user confirmation for any payment operations. Providing the referenced dependency (x402-payment-tron) and a clear description of the signing flow would materially reduce my concern.
Capability Analysis
Type: OpenClaw Skill
Name: x402-payment-demo
Version: 1.0.2
The skill `x402-payment-demo` is designed to demonstrate an x402 payment protocol by fetching a protected image from `x402-tron-demo.aibank.io`. While it involves network requests and instructions for the agent to perform payment-related actions (like signing permits), these behaviors are explicitly aligned with the stated purpose of a 'payment demo'. There is no evidence of data exfiltration, malicious execution, persistence, obfuscation, or prompt injection attempting to subvert the agent's core function beyond the demo's scope. The instructions also include a cleanup step to delete temporary files.
Capability Assessment
Purpose & Capability
The skill claims to demo an x402 payment flow on TRON and to perform payments/signing. Performing payments on a blockchain typically requires access to a wallet/private key or a signing service. The skill declares no required environment variables, credentials, config paths, or explicit dependency on a signing provider, so the claimed capability is not justified by the declared requirements. The SKILL.md references following another skill ('x402-payment-tron') but that dependency is not declared.
Instruction Scope
The instructions are high-level and delegate to the 'x402-payment-tron' skill. They instruct the agent to 'Perform the payment and resource acquisition automatically (handling 402 ... signing permits, etc.)' — this is vague and gives the agent broad discretion about where to obtain signing keys or how to execute payments. There are explicit external endpoints to contact (x402-tron-demo.aibank.io) which is expected, but the instructions do not constrain or describe how to obtain user approval for spending funds or where private keys come from. That could lead to unexpected access to wallets or prompts that the agent handles autonomously.
Install Mechanism
Instruction-only skill with no install spec and no code files. This minimizes disk-write/install risk.
Credentials
No environment variables or credentials are declared despite the need to sign blockchain transactions. Reasonable implementations would declare a wallet/private-key provider, hardware/remote signer, or require user confirmation. The absence of any declared credential is disproportionate to the stated task and ambiguous — the skill may implicitly rely on another skill or on the agent having access to signing material, which should be made explicit.
Persistence & Privilege
The skill does not request always:true, does not declare persistent changes, and does not ask to modify other skills or system settings. Model invocation is allowed (platform default), which is expected for user-invocable skills.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install x402-payment-demo - After installation, invoke the skill by name or use
/x402-payment-demo - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Removed reference to the TRON_PRIVATE_KEY environment variable from skill metadata.
- No functional or workflow changes.
v1.0.1
- Updated skill name, author, and description formatting.
- Added support for selecting TRON networks (nile, shasta, mainnet) via optional argument, with nile as default.
- Updated resource endpoints to match selected TRON network.
- Modified activation triggers to only include English phrases.
- Minor metadata and documentation improvements.
v0.0.1
x402_payment_demo 0.0.1 introduces a Tron-based payment demo.
- Demonstrates the x402 payment protocol by fetching and displaying a protected image.
- Supports triggers: "演示x402-payment", "demo x402-payment", and "show me x402 demo".
- Handles payment, resource access, and cleans up temporary files automatically.
Metadata
Frequently Asked Questions
What is x402-payment-demo?
Demo of x402 payment protocol by fetching a protected image. Triggers: 'demo x402-payment'. It is an AI Agent Skill for Claude Code / OpenClaw, with 1663 downloads so far.
How do I install x402-payment-demo?
Run "/install x402-payment-demo" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is x402-payment-demo free?
Yes, x402-payment-demo is completely free (open-source). You can download, install and use it at no cost.
Which platforms does x402-payment-demo support?
x402-payment-demo is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created x402-payment-demo?
It is built and maintained by open-aibank (@hades-ye); the current version is v1.0.2.
More Skills