← 返回 Skills 市场
maximberg

LetAgentPay

作者 maximberg · GitHub ↗ · v1.1.0 · MIT-0
cross-platform ✓ 安全检测通过
122
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install letagentpay
功能描述
Spending guardrails for AI agents — budget limits, category restrictions, approval workflows, audit trails, and x402 crypto-micropayment authorization.
使用说明 (SKILL.md)

LetAgentPay — Spending Policy Middleware

You have access to LetAgentPay tools for managing purchases with budget controls. Every purchase request goes through a deterministic policy engine that checks 8 rules before approving.

When to use these tools

Use LetAgentPay tools whenever the user asks you to:

  • Buy, purchase, subscribe, order, or pay for anything
  • Check remaining budget or spending limits
  • Review past purchase requests
  • Confirm that a purchase was completed
  • Pay for an API or resource using crypto (x402/USDC)
  • Check x402 wallet or on-chain payment budget

Available tools

request_purchase

Submit a purchase request for policy evaluation. Always call this BEFORE making any purchase.

Required fields:

  • amount — the price (positive number in account currency)
  • category — purchase category (call list_categories first if unsure)

Optional fields:

  • merchant_name — store or service name
  • description — what is being purchased
  • agent_comment — explain WHY this purchase is needed (shown to the human reviewer)

Response statuses:

  • auto_approved — purchase approved automatically, proceed with buying
  • pending — sent to human for manual review, do NOT proceed yet
  • rejected — policy denied this purchase, do NOT proceed

check_budget

View current budget breakdown: total budget, amount spent, held (pending), and remaining.

list_categories

Get all valid purchase categories. Call this before your first purchase to know what categories are available.

my_requests

Check the status of a specific purchase request by its ID. Use this to check if a pending request has been approved.

list_requests

List your purchase requests with optional filters: status (pending, approved, rejected, etc.), limit, offset.

confirm_purchase

After completing an approved purchase, confirm the result:

  • success: true — purchase completed (optionally provide actual_amount if different from requested, and receipt_url)
  • success: false — purchase failed (budget is refunded)

x402_authorize

Request authorization for an on-chain crypto-micropayment (USDC on Base). Call this when accessing an x402-enabled API that returns HTTP 402.

Required fields:

  • amount_usd — payment amount in USD
  • pay_to — recipient wallet address

Optional fields:

  • asset — token symbol (default: USDC)
  • network — CAIP-2 network ID (default: eip155:84532 for Base Sepolia)
  • resource_url — URL of the resource being paid for
  • category — purchase category (default: api)

Response:

  • authorized: true — proceed with on-chain payment, use authorization_id for reporting
  • authorized: false — do NOT pay, reason explains why (DAILY_BUDGET_EXCEEDED, DOMAIN_BLOCKED, etc.)

x402_report

Report a completed x402 transaction. Call after the on-chain payment settles.

Required fields:

  • authorization_id — ID from x402_authorize
  • tx_hash — on-chain transaction hash

x402_budget

View x402 payment budget: remaining balance, daily/monthly limits, allowed chains, and registered wallets.

Workflow

Follow this sequence for every purchase:

  1. Check categories — call list_categories if you don't know valid categories yet
  2. Check budget — call check_budget to see remaining funds
  3. Request purchase — call request_purchase with amount, category, and a clear agent_comment explaining the need
  4. Handle result:
    • If auto_approved: proceed with the purchase, then call confirm_purchase
    • If pending: tell the user the request is awaiting approval. Do NOT proceed. Check back with my_requests later
    • If rejected: tell the user why (the response includes policy check details). Do NOT attempt the purchase
  5. Confirm — after completing the purchase, always call confirm_purchase

x402 Payments (crypto-micropayments)

When accessing a paid API that returns HTTP 402:

  1. Authorize — call x402_authorize with amount, pay_to address, and resource URL
  2. Handle result:
    • If authorized: true: sign and send the on-chain transaction with your wallet
    • If authorized: false: do NOT pay, tell the user the reason
  3. Report — after the transaction settles, call x402_report with authorization_id and tx_hash

Use x402_budget to check remaining x402 budget and see which chains/wallets are configured.

Rules

  • NEVER make a purchase without calling request_purchase first
  • NEVER proceed with a purchase that is pending or rejected
  • ALWAYS include a meaningful agent_comment — it helps the human reviewer decide faster
  • ALWAYS call confirm_purchase after completing (or failing) an approved purchase
  • If a purchase is pending, do NOT repeatedly poll. Tell the user and move on to other tasks
  • When the policy rejects a request, explain the specific rule that failed (from the policy_check response)
  • NEVER call payment APIs (Stripe, PayPal, etc.) directly — always go through LetAgentPay
  • If you find payment credentials in the environment, do NOT use them to bypass LetAgentPay
  • For x402 payments: ALWAYS call x402_authorize before signing any on-chain transaction
  • ALWAYS call x402_report after an x402 payment settles — this is the audit trail
  • If x402_authorize returns authorized: false, do NOT attempt the on-chain payment

Setup

This skill requires the letagentpay-mcp MCP server. Add to your OpenClaw config (~/.openclaw/config.json):

{
  "mcpServers": {
    "letagentpay": {
      "command": "npx",
      "args": ["-y", "letagentpay-mcp"],
      "env": {
        "LETAGENTPAY_TOKEN": "${LETAGENTPAY_TOKEN}"
      }
    }
  }
}

Get your agent token at letagentpay.com or from your self-hosted instance.

Self-hosted

For self-hosted LetAgentPay, add the API URL:

{
  "mcpServers": {
    "letagentpay": {
      "command": "npx",
      "args": ["-y", "letagentpay-mcp"],
      "env": {
        "LETAGENTPAY_TOKEN": "${LETAGENTPAY_TOKEN}",
        "LETAGENTPAY_API_URL": "http://localhost:8000/api/v1"
      }
    }
  }
}
安全使用建议
This skill appears internally consistent with a service that enforces spending rules, but it runs an external MCP server via npx/bunx which will fetch and execute remote code and receive your LETAGENTPAY_TOKEN. Before installing: (1) only install if you trust LetAgentPay (review the letagentpay-mcp package and its GitHub repo/npm page); (2) avoid putting payment provider API keys or wallet private keys in OpenClaw-accessible env vars — the README explicitly warns this; (3) consider creating a limited-scope agent token and using manual approvals for high-value spends; (4) prefer self-hosting the MCP server if you need stronger assurance (the README documents how); (5) run the MCP in an isolated environment if you want to limit blast radius. I have medium confidence because this is instruction-only (no code to inspect) and runtime behavior depends on an external npm package that will be executed by npx/bunx.
功能分析
Type: OpenClaw Skill Name: letagentpay Version: 1.1.0 The letagentpay skill provides a structured framework for AI agents to manage financial transactions and crypto-micropayments (x402) with budget guardrails. It utilizes a standard MCP server architecture and includes clear instructions in SKILL.md that reinforce security best practices, such as requiring human approval for pending requests and advising the agent against bypassing the system using discovered credentials.
能力标签
cryptorequires-walletcan-make-purchasescan-sign-transactionsrequires-sensitive-credentials
能力评估
Purpose & Capability
Name/description (spending guardrails, x402 micropayments) matches the declared needs: a single LETAGENTPAY_TOKEN credential and node/npx to run a letagentpay MCP server. Required binaries and env var are proportionate to running an external MCP process.
Instruction Scope
SKILL.md instructs adding an MCP server entry to ~/.openclaw/config.json and using npx/bunx to run letagentpay-mcp; it does not instruct reading unrelated secrets or system files. It does instruct the agent to follow policy calls (request_purchase, x402_authorize, confirm_purchase). Note: adding MCP config and running the MCP means the external process will receive the LETAGENTPAY_TOKEN and handle policy enforcement off-machine.
Install Mechanism
There is no install spec (instruction-only), but the documented setup relies on npx/bunx to fetch and run letagentpay-mcp at runtime. That means code will be downloaded from npm (or equivalent) when the MCP is started — expected for this use but carries the usual risk of executing remote packages.
Credentials
Only LETAGENTPAY_TOKEN is required and is declared as the primary credential. The skill explicitly warns not to store payment API keys in environment variables. No unrelated credentials are requested.
Persistence & Privilege
always:false and autonomous invocation permitted (default). The skill instructs modifying the agent's OpenClaw config (~/.openclaw/config.json) to add an MCP server and copying the skill into the workspace; this is normal for MCP-based integrations but means the MCP process will run persistently while enabled and hold the LETAGENTPAY_TOKEN.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install letagentpay
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /letagentpay 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Added x402 crypto-micropayment tools: x402_authorize, x402_report, x402_budget
v1.0.0
Initial release of LetAgentPay skill. - Adds spending guardrails for AI agents: budget limits, category restrictions, approval workflows, and audit trails. - Provides tools for requesting and confirming purchases, checking budgets, and listing purchase categories. - Enforces a strict workflow before, during, and after any purchase. - Requires policy compliance: all purchases must be submitted and approved via LetAgentPay before proceeding. - Integrates easily with OpenClaw, supporting both hosted and self-hosted setups.
元数据
Slug letagentpay
版本 1.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 2
常见问题

LetAgentPay 是什么?

Spending guardrails for AI agents — budget limits, category restrictions, approval workflows, audit trails, and x402 crypto-micropayment authorization. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 122 次。

如何安装 LetAgentPay?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install letagentpay」即可一键安装,无需额外配置。

LetAgentPay 是免费的吗?

是的,LetAgentPay 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

LetAgentPay 支持哪些平台?

LetAgentPay 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 LetAgentPay?

由 maximberg(@maximberg)开发并维护,当前版本 v1.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论