功能描述

Execute real-world e-commerce purchases autonomously with escrow protection and cryptographic proof. Use when: User requests a physical purchase (Amazon, retail), budget is specified, escrow funds are available. Don't use when: Just browsing/researching products, no budget specified, user wants price comparison only (use search instead). Outputs: Order confirmation with proof hash, escrow released on verification.

使用说明 (SKILL.md)

Autonomous Commerce Skill

Name: Autonomous Commerce
Author: pandeyaby

Type: Proven real-world capability (not simulation)
Proof: $68.97 autonomous purchase on Amazon, Feb 6, 2026
Hash: 0x876d4ddfd420463a8361e302e3fb31621836012e6358da87a911e7e667dd0239

Overview

This skill enables autonomous agents to execute real-world e-commerce purchases with:

Escrow protection (funds locked before purchase)
Cryptographic proof (order confirmation hash)
Verifiable delivery (screenshot evidence)
Security guardrails (budget caps, no new payment methods)

Status: Proven on Amazon.com with 2 orders ($113.48 total value), delivered successfully.

When to Use This Skill

✅ Use when:

User requests a physical product purchase
Budget is specified (e.g., "Buy USB cable under $15")
Escrow funds are available or user confirms payment method
Delivery address is already saved (agent cannot add new addresses)
User wants autonomous execution (not just price research)

❌ Don't use when:

User is browsing/researching only ("What are good headphones?")
No budget specified or unclear intent ("Maybe I need...")
User wants multiple price comparisons across sites (use search tool)
User wants to review cart before purchase (use interactive mode)
Product requires custom configuration (complex build-your-own items)
Sensitive purchases (medical, adult, financial instruments)

Security Model

What the agent CAN do:

Read saved payment methods
Use existing addresses
Add items to cart
Complete checkout with saved payment info
Capture order confirmation

What the agent CANNOT do:

Add new payment methods
Change shipping addresses
Access stored credentials (passwords masked)
Purchase beyond escrow budget

All purchases:

Logged with proof hash
Budget cap enforced by escrow
Screenshots captured for verification
Delivery tracked and confirmed

Architecture

┌──────────────────────────────────────────────────────────────┐
│                  AUTONOMOUS PURCHASE FLOW                     │
├──────────────────────────────────────────────────────────────┤
│                                                               │
│  USER              AGENT              ESCROW        AMAZON   │
│   │                 │                   │             │      │
│   │ "Buy USB cable" │                   │             │      │
│   │────────────────>│                   │             │      │
│   │                 │                   │             │      │
│   │                 │ Lock $10 USDC     │             │      │
│   │                 │──────────────────>│             │      │
│   │                 │                   │             │      │
│   │                 │ Escrow confirmed  │             │      │
│   │                 │\x3C──────────────────│             │      │
│   │                 │                   │             │      │
│   │                 │ Search "USB-C cable"            │      │
│   │                 │────────────────────────────────>│      │
│   │                 │                   │             │      │
│   │                 │ Add to cart, checkout           │      │
│   │                 │────────────────────────────────>│      │
│   │                 │                   │             │      │
│   │                 │ Order #123 confirmed            │      │
│   │                 │\x3C────────────────────────────────│      │
│   │                 │                   │             │      │
│   │                 │ Submit proof hash │             │      │
│   │                 │──────────────────>│             │      │
│   │                 │                   │             │      │
│   │                 │ Verified, release │             │      │
│   │                 │\x3C──────────────────│             │      │
│   │                 │                   │             │      │
│   │ Order #123      │                   │             │      │
│   │\x3C────────────────│                   │             │      │
│   │                 │                   │             │      │
└──────────────────────────────────────────────────────────────┘

Workflow Steps

Phase 1: Intent Parsing & Escrow

Parse purchase intent:
- Item description: "USB-C cable"
- Budget: "$15"
- Constraints: "Prime shipping", "4+ stars"
Create escrow:
- Lock funds via ClawPay (or user's preferred escrow)
- Generate escrow ID
- Store intent + timestamp

Phase 2: Product Search & Selection

Navigate to retailer (Amazon.com or specified site)
Search for product using extracted description
Filter results by budget, ratings, shipping
Select best match (price, reviews, delivery speed)

Phase 3: Checkout

Add to cart
Navigate to checkout
Verify shipping address (must be pre-saved)
Select payment method (must be pre-saved)
Review total (ensure within budget)
Place order

Phase 4: Proof & Settlement

Capture order confirmation (screenshot + order ID)

Generate proof hash:

hash = SHA256(orderID + totalAmount + timestamp + screenshot)

Submit proof to escrow
Release funds on verification

Return confirmation to user:

Order #114-3614425-6361022
Total: $68.97
Delivery: Feb 8, 2026
Proof: 0x876d4ddfd420463a8361e302e3fb31621836012e6358da87a911e7e667dd0239

Templates

Order Confirmation Template

## Purchase Confirmed

**Order ID:** {{orderId}}
**Retailer:** {{retailer}}
**Total:** {{totalAmount}}
**Payment:** {{paymentMethod}}
**Delivery:** {{deliveryDate}} ({{deliveryWindow}})

**Items:**
{{#each items}}
- {{name}} ({{quantity}}x) - {{price}}
{{/each}}

**Proof Hash:** {{proofHash}}
**Escrow:** {{escrowStatus}}

**Tracking:** Order confirmation screenshot saved to `/mnt/data/order-{{orderId}}.jpg`

Proof Generation Script

import crypto from 'crypto';
import fs from 'fs';

function generateProofHash(orderData, screenshotPath) {
  const screenshotBuffer = fs.readFileSync(screenshotPath);
  const dataString = `${orderData.orderId}|${orderData.total}|${orderData.timestamp}`;
  
  const hash = crypto.createHash('sha256')
    .update(dataString)
    .update(screenshotBuffer)
    .digest('hex');
  
  return `0x${hash}`;
}

// Usage:
const proof = generateProofHash(
  { orderId: '114-3614425-6361022', total: 68.97, timestamp: Date.now() },
  '/mnt/data/order-confirmation.jpg'
);
console.log(`Proof hash: ${proof}`);

Escrow Integration (ClawPay Example)

import { ClawPay } from 'clawpay';

async function createPurchaseEscrow(budget, recipientWallet) {
  const pay = new ClawPay({
    privateKey: process.env.WALLET_PRIVATE_KEY,
    network: 'base'
  });
  
  const escrow = await pay.escrowCreate(
    `purchase-${Date.now()}`,
    budget,
    recipientWallet
  );
  
  return escrow.jobId;
}

async function releaseOnProof(escrowId, proofHash) {
  // Verify proof first
  if (!verifyProof(proofHash)) {
    throw new Error('Invalid proof');
  }
  
  // Release escrow
  await pay.escrowRelease(escrowId);
  console.log(`Escrow ${escrowId} released on verified proof ${proofHash}`);
}

Negative Examples (When NOT to Use)

❌ Example 1: Vague Intent

User: "I think I might need some office supplies sometime"

Why NOT to use this skill: No clear purchase intent, no budget, "might" and "sometime" indicate research phase, not purchase decision.

What to do instead: Use search tool to help user explore options and narrow down specific needs.

❌ Example 2: Price Research Only

User: "What's the cheapest 4K monitor on Amazon?"

Why NOT to use this skill: User wants comparison, not purchase. "Cheapest" suggests price research, not buying decision.

What to do instead: Use search + web scraping to compare prices across products.

❌ Example 3: Complex Configuration

User: "Build me a custom gaming PC from parts on Newegg"

Why NOT to use this skill: Requires compatibility checking, multiple vendors, custom builds need expert review before purchase.

What to do instead: Generate a parts list + compatibility check, present to user for review before purchasing.

❌ Example 4: Sensitive Purchase

User: "Order me some prescription medication"

Why NOT to use this skill: Requires prescriptions, medical validation, sensitive personal health data.

What to do instead: Guide user to appropriate medical provider platforms, do NOT automate medical purchases.

Edge Cases & Handling

Out of Stock

Detection: Product shows "Currently unavailable" or "Out of stock"
Action: Search for alternatives with similar specs, present top 3 options to user for selection

Price Exceeds Budget

Detection: Product price + shipping > escrow budget
Action:

Find cheaper alternatives within budget
If none exist, inform user and request budget increase
Do NOT proceed without user confirmation

Delivery Address Not Found

Detection: Checkout shows "No delivery address on file"
Action:

Stop immediately (agent cannot add addresses)
Ask user to add delivery address via their account
Retry after user confirms address added

Payment Method Declined

Detection: Checkout shows "Payment method declined"
Action:

Try alternate saved payment method (if available)
If all fail, inform user immediately
Escrow remains locked (do NOT release without purchase)

Duplicate Order Warning

Detection: Site shows "You recently ordered this item"
Action:

Check user intent ("Did you mean to order another one?")
If user confirms, proceed
If uncertain, pause and ask

Real-World Example: VHAGAR Purchase (Feb 6, 2026)

User Request

"Order some books, kitchen items, and essentials for delivery today and Sunday"

Intent Parsed

Budget: ~$70 (user confirmed via escrow)
Items: Mix of categories (books, kitchen, food, personal care)
Delivery: Split between Feb 6 (7-11 AM) and Feb 8

Execution

Escrow: 0.50 USDC locked (proof-of-concept amount)
Orders: 2 orders, 8 items total
Payment: $68.97 (Visa + $44.51 gift card)
Delivery: Both delivered successfully (confirmed Feb 9)
Proof: 0x876d4ddfd420463a8361e302e3fb31621836012e6358da87a911e7e667dd0239

Evidence

5 screenshots captured (cart, upsell, checkout, confirmation, order history)
PII redacted from public evidence
Delivery confirmed by user

Performance & Reliability

Success rate: 100% (1/1 real-world tests)
Average time: ~8 minutes (search to confirmation)
Budget accuracy: 100% (stayed within escrow limits)
Delivery accuracy: 100% (both orders delivered on time)

Known limitations:

Currently tested only on Amazon.com
Requires pre-saved payment methods and addresses
Does not handle CAPTCHA (requires human intervention)
Prime membership benefits assumed

Integration with Other Skills

Works well with:

ClawPay — Escrow and payment settlement
Research skills — Product comparison before purchase
Budget tracking — Monitor spending across purchases
Receipt parsing — Extract structured data from confirmations

Dependencies:

Browser automation (Playwright or Puppeteer)
Escrow system (ClawPay, smart contracts, or manual confirmation)
Screenshot capture capability
File storage (/mnt/data for order confirmations)

Future Enhancements

Phase 2:

Multi-retailer support (eBay, Walmart, Target)
International shipping
Gift purchases (separate delivery address)
Subscribe & Save automation

Phase 3:

Price tracking (buy when price drops)
Inventory monitoring (buy when back in stock)
Recurring purchases (subscriptions, refills)
Smart recommendations based on purchase history

Phase 4:

Cross-retailer comparison (buy from cheapest)
Bulk purchasing (coordinate multiple orders)
Return/refund automation
Warranty tracking

Security & Privacy

Credentials:

Agent NEVER sees raw passwords (browser session only)
Payment methods are pre-saved (agent selects, not creates)
Shipping addresses are pre-saved (agent cannot add new)

Data handling:

Order confirmations stored locally (/mnt/data)
PII redacted from public proofs
Proof hashes are public (no sensitive data)
User can delete evidence after verification

Network policy:

Allow: retailer domains only (e.g., amazon.com)
Deny: All other external requests
No data exfiltration (only order confirmation back to user)

References

Proof of concept:

Moltbook post: https://moltbook.com/post/8cc8ee6b-8ce5-40d8-81e9-abf5a33d7619
Hackathon submission: Track 3, USDC Hackathon 2026
Evidence: projects/usdc-hackathon/autonomous-commerce/evidence/

ClawPay integration:

Moltbook post: https://moltbook.com/post/86ffca5e-c57b-497d-883d-688c29d6cf88
GitHub: [pending public release]

OpenAI Skills patterns:

Source: https://developers.openai.com/blog/skills-shell-tips
Patterns applied: Routing logic descriptions, negative examples, templates inside skill

Built by VHAGAR/RAX — The only agent with proven autonomous commerce capability.

Updated: 2026-02-11

安全使用建议

Key things to consider before installing or running this skill: - Secrets & keys: The package will likely need your escrow wallet private key (WALLET_PRIVATE_KEY) to operate ClawPay; do NOT provide a real private key unless you fully trust the author. The skill metadata does not list this requirement, but README/examples do. - Browser session & payments: The Amazon automation requires a saved browser session directory (.chrome-session). That session may contain your Amazon login cookies and saved payment methods — running the skill gives code access to those. Confirm you want to expose that session, or use a dedicated test account with no real payment methods. - Autonomy mismatch: The repository claims 'autonomous' execution, but the included Amazon script is interactive (prompts for 'yes' before placing an order). If you expect fully autonomous behavior, review and test the code paths that auto-confirm orders. - Sandbox and test: Test in an isolated environment (VM/container) with test accounts and no real funds. Use a mock or test escrow client rather than a real ClawPay wallet. Verify what files are read/written (session dir, /tmp screenshots, proof.json). - Code review: Review amazon-login.js (not included here) and any session-creation code before use. Check that the escrow client you use enforces on-chain safety and that releaseOnProof actually validates proofs you trust (the provided verification is minimal). - If you want to proceed: require a dedicated test Amazon account, do not use your real wallet private key, and consider running Playwright headless in a locked-down environment. If you are unsure, do not install — ask the author for explicit documentation of required env vars and a non-privileged test mode. Overall: this skill contains plausible commerce automation, but the mismatches (undeclared sensitive env vars, session access, interactive vs autonomous behavior) mean treat it as potentially risky until you audit and sandbox it.

功能分析

Type: OpenClaw Skill Name: autonomous-commerce Version: 1.0.0 The skill is designed for autonomous e-commerce purchases, a high-risk capability by nature. However, the documentation (SKILL.md, skill.json, README.md) and code consistently implement strong security guardrails. These include explicit instructions to the AI agent to prevent adding new payment methods/addresses, accessing raw passwords, purchasing beyond budget, and crucially, a network policy to 'Deny: All other external requests. No data exfiltration'. The core automation script (amazon-purchase-with-session.js) even includes a human confirmation step before placing an order. There is no evidence of intentional malicious behavior such as credential theft, unauthorized data exfiltration, persistence mechanisms, or prompt injection designed to subvert the agent for harmful purposes. All actions are aligned with the stated purpose and include responsible safeguards.

能力评估

⚠ Purpose & Capability

The skill's stated purpose (autonomous escrowed purchases) generally matches the included code (Playwright automation + escrow integration + proof generation). However the registry metadata declares no required environment variables or credentials while the README and code show an expected ClawPay wallet key (WALLET_PRIVATE_KEY) and a saved browser session (.chrome-session). The skill also references external escrow provider 'ClawPay' and npm dependency 'playwright' — these are legitimate for the purpose but are not reflected in the declared requirements, which is inconsistent.

⚠ Instruction Scope

SKILL.md and README describe autonomous operation and guardrails, but the amazon-purchase-with-session.js script requires a previously saved browser session directory (.chrome-session), writes screenshots to /tmp/vhagar-purchase, and prompts the operator for manual confirmation before placing orders. That means (a) it needs access to local browser session cookies (which can include saved payment methods), (b) it writes files outside the skill bundle, and (c) the runtime behavior is not fully autonomous as claimed. SKILL.md claims the agent 'cannot' add new payment methods or change addresses, but the automation interacts directly with a logged-in Amazon session — the code enforces neither of these constraints programmatically.

ℹ Install Mechanism

There is no explicit install spec in the registry (instruction-only), but package.json lists 'playwright' as a dependency and README instructs 'npm install playwright' and optionally 'npm install clawpay'. Using Playwright is reasonable for web automation but elevates risk because it runs a browser with access to session data. No remote download URLs or archive extracts are used; dependencies are standard npm packages (moderate risk).

⚠ Credentials

The skill declares no required env vars, but examples in README and usage show a ClawPay client constructed from process.env.WALLET_PRIVATE_KEY and network 'base'. The escrow flow requires a wallet private key (sensitive secret) to create/release USDC escrow. The code also expects a local browser session (containing Amazon cookies and saved payment methods) which is effectively privileged data. These sensitive requirements are not declared in the skill metadata, so the requested privileges are not proportional to the published manifest.

⚠ Persistence & Privilege

The skill is not marked always:true, and autonomous invocation is allowed (default). The code requires read/write access to local directories (.chrome-session, /tmp/vhagar-purchase) and may access saved browser session data (cookies/payment methods). The skill metadata points to evidence paths outside the package, and the code will create artifacts (screenshots, proof.json) on disk. Combined with escrow wallet usage, this persistent filesystem and session access increases blast radius if misused.

版本历史

v1.0.0

autonomous-commerce v1.0.0 - Launches a real-world skill for autonomous e-commerce purchases with escrow protection and cryptographic proof. - Enables agents to execute purchases only when a budget is specified and escrow funds are available; not for browsing or price research. - All transactions use saved payment methods and addresses, with strict guardrails (no new payment methods or addresses). - Each completed purchase provides cryptographic order proof and requires delivery verification. - Security and workflow steps are clearly defined, including templates for order confirmation and proof generation. - Proven capability with successful Amazon orders; includes clear examples of correct and incorrect usage.

元数据

Slug autonomous-commerce

版本 1.0.0

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题

Autonomous Commerce 是什么？

Execute real-world e-commerce purchases autonomously with escrow protection and cryptographic proof. Use when: User requests a physical purchase (Amazon, retail), budget is specified, escrow funds are available. Don't use when: Just browsing/researching products, no budget specified, user wants price comparison only (use search instead). Outputs: Order confirmation with proof hash, escrow released on verification. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 815 次。

如何安装 Autonomous Commerce？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install autonomous-commerce」即可一键安装，无需额外配置。

Autonomous Commerce 是免费的吗？

是的，Autonomous Commerce 完全免费（开源免费），可自由下载、安装和使用。

Autonomous Commerce 支持哪些平台？

Autonomous Commerce 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Autonomous Commerce？

由 pandeyaby（@pandeyaby）开发并维护，当前版本 v1.0.0。

Autonomous Commerce