← 返回 Skills 市场

blacktea

Name: blacktea
Author: nmrtn

作者 Nicolas Martin · GitHub ↗ · v0.1.0 · MIT-0

cross-platform ✓ 安全检测通过

总下载

当前安装

版本数

在 OpenClaw 中安装

/install blacktea

功能描述

Spending controls for AI agents that pay online via x402. Set limits, require human approval, audit every payment.

使用说明 (SKILL.md)

blacktea: spending controls for paying agents

When to use

Use blacktea whenever this agent might pay for something online: a paywalled API, a premium data feed, any x402-enabled endpoint. blacktea sits between the agent and its wallet and enforces a spending policy before any money moves. It auto-approves small amounts, asks the human for larger ones, rejects what is over the line, and writes an audit log of every payment.

Setup (runs as a local MCP server)

blacktea ships as an MCP server. Register it once.

OpenClaw (~/.openclaw/openclaw.json, or openclaw mcp set):

{
  "mcp": {
    "servers": {
      "blacktea": {
        "command": "npx",
        "args": ["-y", "@nmrtn/blacktea-mcp"],
        "env": {
          "EVM_PRIVATE_KEY": "0x...",
          "BLACKTEA_POLICY": "/path/to/policy.json"
        }
      }
    }
  }
}

Hermes:

hermes mcp add blacktea \
  --command npx \
  --args -y @nmrtn/blacktea-mcp \
  --env EVM_PRIVATE_KEY=0x... BLACKTEA_POLICY=/path/to/policy.json

No wallet handy? Add BLACKTEA_RAIL=mock (and optionally BLACKTEA_MOCK_AMOUNT=5) to exercise the full policy and approval flow with no x402 endpoint, no USDC, and no signing.

Tools this exposes

pay(url, intent, max_amount?): attempt a paid request. Runs the policy first. If the policy holds it for approval, returns status: "approval_required" with an intent_id and the amount, and does NOT pay yet. If allowed, settles and returns the response data plus a receipt.
approve_payment(intent_id): settle a held payment, after the human confirms.
reject_payment(intent_id): decline a held payment. Nothing is charged.
audit_query(limit?): recent payment events from the audit log.

Ask before spending

When pay returns approval_required, do NOT treat it as a failure. Tell the human the amount and what it is for, in plain language, and only call approve_payment after they say yes. Below the auto-approve limit it just pays. Over the hard limit it rejects. The human stays in the loop without leaving the chat.

Policy

A policy.json governs every payment. Example:

{
  "rules": [
    { "if": { "amount_lt": 1 }, "then": { "approve": true } },
    { "if": { "amount_gte": 100 }, "then": { "reject": "over_hard_limit" } }
  ],
  "default": { "approval": "callback" }
}

This auto-approves under 1 USDC, asks the human between 1 and 100, and rejects over 100. The full operator set is in the policy cookbook (see Links).

Pitfalls

The wallet key signs real payments. Use a dedicated agent wallet funded only with what you are willing to let the agent spend.
Through MCP, rely on the approve/reject tools, not a console prompt. The server holds the payment and asks for confirmation through the chat.

Verification

Run with BLACKTEA_RAIL=mock and BLACKTEA_MOCK_AMOUNT=5 and a policy that auto-approves only under 1 USDC. Ask the agent to pay any URL. It should pause, ask you to approve 5 USDC, settle only after you approve, and audit_query should then show the settled payment.

Links

Repo: https://github.com/nmrtn/blacktea
npm: https://www.npmjs.com/package/@nmrtn/blacktea-mcp
Policy cookbook: https://github.com/nmrtn/blacktea/blob/main/docs/policy-cookbook.md

安全使用建议

Install only if you intend to let an agent make real x402 payments. Use a new, low-balance dedicated wallet, set a conservative policy with low auto-approval limits and a hard cap, test first with BLACKTEA_RAIL=mock, and review the external @nmrtn/blacktea-mcp package before providing any funded private key.

能力标签

cryptofinancial-authorityrequires-walletcan-make-purchasescan-sign-transactionsrequires-sensitive-credentials

能力评估

ℹ Purpose & Capability

The stated purpose is to enforce spending policies for agents making x402 payments, and the wallet/private-key, signing, purchase, approval, rejection, and audit-log capabilities all fit that purpose.

✓ Instruction Scope

The instructions disclose policy-based limits, human approval for held payments, reject paths, mock testing, and dedicated-wallet guidance; no hidden prompt override or unrelated behavior was found.

ℹ Install Mechanism

Installation is a disclosed local MCP registration using npx to run @nmrtn/blacktea-mcp; the reviewed artifact contains only SKILL.md, so the external npm package code is outside this artifact review.

ℹ Credentials

EVM_PRIVATE_KEY is highly sensitive, but it is explicitly required for the stated signing/payment purpose and is documented as a funded Base wallet key.

ℹ Persistence & Privilege

The skill asks the user to persist an MCP server configuration and optional policy path, and it describes payment audit logs, but it does not show hidden persistence, privilege escalation, or broad local indexing.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install blacktea
安装完成后，直接呼叫该 Skill 的名称或使用 /blacktea 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.1.0

Initial release: spending controls for agents paying via x402

元数据

Slug blacktea

版本 0.1.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题

blacktea 是什么？

Spending controls for AI agents that pay online via x402. Set limits, require human approval, audit every payment. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 43 次。

如何安装 blacktea？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install blacktea」即可一键安装，无需额外配置。

blacktea 是免费的吗？

是的，blacktea 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

blacktea 支持哪些平台？

blacktea 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 blacktea？

由 Nicolas Martin（@nmrtn）开发并维护，当前版本 v0.1.0。