← 返回 Skills 市场
Aurex
作者
aurexcards
· GitHub ↗
· v1.0.2
309
总下载
1
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install aurex
功能描述
Issue virtual crypto-funded cards and manage payments with the Aurex API. Use when users want to create virtual Visa/Mastercard cards, handle crypto deposits...
使用说明 (SKILL.md)
Aurex
Issue virtual crypto-funded cards and manage payments programmatically using the Aurex API.
Setup
Get your API key at aurex.cash → Dashboard → API Keys.
export AUREX_API_KEY="your-api-key"
Base URL: https://aurex.cash/api/dashboard
Auth: Authorization: Bearer $AUREX_API_KEY
Rate limit: 60 requests/minute
Security
- Store
AUREX_API_KEYin environment variables only — never hardcode or log it - Card details (number, CVV, expiry, OTP) are sensitive — never log or store them in plaintext
- Only request card details when strictly necessary for the user's task
- Treat CVV and OTP as single-use secrets — discard after use
Users
Create a user
POST /users
Authorization: Bearer $AUREX_API_KEY
Content-Type: application/json
{ "name": "John Doe", "email": "[email protected]" }
Get a user
GET /users/:userId
Authorization: Bearer $AUREX_API_KEY
Get wallet address for deposits
GET /users/:userId/wallet
Authorization: Bearer $AUREX_API_KEY
Returns a deposit address. Send SOL, USDT, or USDC to fund the wallet.
Cards
Issue a card
POST /cards
Authorization: Bearer $AUREX_API_KEY
Content-Type: application/json
{ "userId": "user_123", "name": "Shopping Card", "amount": 50 }
Get card details
GET /cards/:cardId
Authorization: Bearer $AUREX_API_KEY
Returns card number, CVV, expiry, OTP. Handle with care — never log these values.
Top up a card
POST /cards/:cardId/topup
Authorization: Bearer $AUREX_API_KEY
Content-Type: application/json
{ "amount": 25 }
List cards
GET /cards?userId=user_123
Authorization: Bearer $AUREX_API_KEY
Get transactions
GET /cards/:cardId/transactions
Authorization: Bearer $AUREX_API_KEY
Commission
Set partner markup
POST /partner/markup
Authorization: Bearer $AUREX_API_KEY
Content-Type: application/json
{ "markup": 5 }
Get commission earnings
GET /partner/commission
Authorization: Bearer $AUREX_API_KEY
Common Workflows
Issue a card end-to-end
- Create user:
POST /users - Get deposit address:
GET /users/:id/wallet - User sends crypto to that address
- Issue card:
POST /cards - Return card details to user securely
Top up an existing card
- Check wallet balance:
GET /users/:id/wallet - Top up:
POST /cards/:id/topup - Confirm balance:
GET /cards/:id
Error Codes
| Status | Meaning |
|---|---|
| 401 | Invalid or missing API key |
| 404 | User or card not found |
| 422 | Insufficient wallet balance |
| 429 | Rate limit exceeded |
TypeScript SDK
npm install @aurexcash/agent
import { createAurexTools } from '@aurexcash/agent'
const tools = createAurexTools({ apiKey: process.env.AUREX_API_KEY })
// Works with Claude, OpenAI, Vercel AI SDK
Resources
- Website: aurex.cash
- Docs: docs.aurex.cash
- Support: [email protected]
安全使用建议
This skill appears to do what it says: talk to aurex.cash using an AUREX_API_KEY to create and manage virtual cards. Before installing or using it, confirm you trust the aurex.cash service and the npm package @aurexcash/agent (if you plan to install it). Resolve the metadata mismatch: the registry listing did not show required env vars while the SKILL.md requires AUREX_API_KEY. Treat card details (number, CVV, OTP) as highly sensitive: ensure the agent or your integration never logs them, transmits them over insecure channels, or stores them in plaintext. Limit the API key's permissions if the provider supports it and rotate/revoke the key if you stop using the skill.
功能分析
Type: OpenClaw Skill
Name: aurex
Version: 1.0.2
The skill bundle provides documentation for an API to manage virtual crypto-funded cards. The `SKILL.md` file clearly outlines API endpoints, usage, and includes explicit security warnings regarding the handling of sensitive data like API keys and card details. There are no instructions for the AI agent to perform malicious actions, exfiltrate data, or engage in prompt injection for harmful purposes. The `npm install` instruction is part of a TypeScript SDK example, not a direct command for malicious execution.
能力评估
Purpose & Capability
The skill is an API-integration for issuing and managing virtual cards. Declaring an Aurex API key (AUREX_API_KEY) and calling aurex.cash endpoints is consistent with that purpose.
Instruction Scope
SKILL.md limits actions to HTTP calls to aurex.cash and explicitly warns not to log card secrets. It instructs retrieving full card details (number, CVV, expiry, OTP) and returning them to the user — which is expected for this use case but is a high-sensitivity operation. The guidance does not specify secure transmission/storage mechanisms beyond 'never log', so implementers must ensure secure handling when returning/relaying these secrets.
Install Mechanism
This is instruction-only (no install spec), which is low-risk. The doc mentions an npm TypeScript SDK (@aurexcash/agent) but there's no install specification or code included; callers must install the SDK separately if needed. No downloads or extracted archives are present.
Credentials
The skill requires a single API secret (AUREX_API_KEY), which is proportionate. However, registry metadata provided to you lists 'no required env vars' while SKILL.md declares AUREX_API_KEY (required). This metadata mismatch should be resolved before trusting automated installation or UI prompts that rely on registry fields.
Persistence & Privilege
The skill does not request always:true or other elevated persistence. It is user-invocable and allows autonomous invocation by default (platform-normal). No instructions modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install aurex - 安装完成后,直接呼叫该 Skill 的名称或使用
/aurex触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
- Added security guidance for handling API keys and sensitive card details.
- Updated description and workflow instructions to emphasize secure handling and not logging card data.
- Added credentials section with explicit instructions for storing the API key safely.
- Minor clarifications and best practices included in API usage examples.
v1.0.1
- Simplified documentation for easier reference, combining key API examples and workflows into a concise format.
- Removed separate reference files (cards.md, commission.md, users.md); all core documentation is now in SKILL.md.
- Clarified setup instructions and included direct links for API key access.
- Streamlined API usage sections for users, cards, and commission management.
- Kept error code references and SDK installation instructions for quick onboarding.
v1.0.0
Aurex API Skill 1.0.0 — Initial Release
- Provides API integration for creating and managing users, issuing virtual crypto-funded cards, and setting up commission infrastructure.
- Includes step-by-step quick start, detailed endpoint references, and authentication guidance.
- Outlines error handling, response codes, and key operational rules.
- Documents Aurex's wallet/card two-layer balance model and supported crypto currencies.
元数据
常见问题
Aurex 是什么?
Issue virtual crypto-funded cards and manage payments with the Aurex API. Use when users want to create virtual Visa/Mastercard cards, handle crypto deposits... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 309 次。
如何安装 Aurex?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install aurex」即可一键安装,无需额外配置。
Aurex 是免费的吗?
是的,Aurex 完全免费(开源免费),可自由下载、安装和使用。
Aurex 支持哪些平台?
Aurex 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Aurex?
由 aurexcards(@aurexcards)开发并维护,当前版本 v1.0.2。
推荐 Skills