← 返回 Skills 市场
PaySpawn — On-Chain Spending Limits for AI Agents
作者
adambrainai
· GitHub ↗
· v1.0.3
451
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install payspawn
功能描述
Add spending controls to any AI agent that makes API payments. Supports x402 auto-pay, daily limits, per-transaction limits, address allowlists, and fleet pr...
安全使用建议
This skill appears internally consistent for enforcing on-chain spending limits, but you should not hand it real funds without verification. Before installing or using it: (1) verify the npm package (@payspawn/sdk) and its maintainer (check the package page, author, and GitHub repo source code and commit history); (2) verify the smart contract address and source on Base (review verified contract code on a block explorer); (3) confirm the payspawn.ai dashboard domain is legitimate (check HTTPS, WHOIS, social proof); (4) test with a fresh wallet and a very small USDC amount and set conservative caps/whitelists; (5) store the PAYSPAWN_CREDENTIAL securely (it grants on-chain spend permissions within limits); (6) be cautious of npm typosquatting or malicious dependencies — audit dependencies before running in production. If you need higher assurance, ask the publisher for links to a verified GitHub repo and contract verification proof before trusting substantial funds.
功能分析
Type: OpenClaw Skill
Name: payspawn
Version: 1.0.3
The OpenClaw skill bundle 'payspawn' is designed to provide spending controls for AI agents making API payments. The `SKILL.md` file clearly outlines its purpose, installation steps, and usage, emphasizing security features like scoped credentials (not private keys), on-chain enforcement of limits, and revocability. There is no evidence of intentional malicious behavior such as data exfiltration, unauthorized remote execution, persistence mechanisms, or prompt injection attempts against the agent. The skill's core functionality involves network requests and payments, which are high-risk by nature, but the skill is explicitly designed to manage and control these actions securely, aligning with its stated purpose.
能力评估
Purpose & Capability
The SKILL.md describes an on-chain spend-permission workflow and an SDK for enforcing limits on Base/USDC. The declared behaviors (daily cap, per-tx cap, whitelist, fleet provisioning) match the SDK usage examples and the provided contract address, so the requested capabilities are coherent with the stated purpose.
Instruction Scope
Runtime instructions are limited to installing the @payspawn/sdk, creating a credential via the payspawn dashboard, setting the PAYSPAWN_CREDENTIAL env var, and calling SDK methods (pay, fetch, check, pause/unpause). The instructions do not ask the agent to read unrelated files or credentials, nor to exfiltrate data to unexpected endpoints.
Install Mechanism
This is an instruction-only skill that recommends installing @payspawn/sdk from npm (>=5.3.0). Using an npm package is expected for this functionality, but the package and its repository should be audited by the user: npm packages can contain arbitrary code, so verify the package name, author, and source repo before installing or running with real funds.
Credentials
Only one optional environment credential (PAYSPAWN_CREDENTIAL) is referenced in the SKILL.md and it is appropriate for an on-chain spend-permission system. This credential is described as a scoped spend permission (not a private key) and scope/expiry controls are sensible. Note: granting such a credential and approving the on-chain USDC allowance does enable on-chain transfers up to the configured limits, so verifying the contract and using minimal funds is prudent.
Persistence & Privilege
Skill metadata does not force permanent inclusion (always: false) and it does not request system-wide config or other skills' credentials. The skill is instruction-only and does not claim to modify other skills or agent infrastructure.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install payspawn - 安装完成后,直接呼叫该 Skill 的名称或使用
/payspawn触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
Added required env declaration for PAYSPAWN_CREDENTIAL with lifetime/revocation/minPrivilege details, added npm install spec for @payspawn/sdk with source and audit links, expanded setup instructions to clarify credential vs private key distinction
v1.0.2
Cleaned up SKILL.md — removed code patterns that triggered scanner, simplified examples
v1.0.1
Remove credential pattern that triggered security scan
v1.0.0
Initial release — x402 auto-pay, spending limits, kill switch, budget pools
元数据
常见问题
PaySpawn — On-Chain Spending Limits for AI Agents 是什么?
Add spending controls to any AI agent that makes API payments. Supports x402 auto-pay, daily limits, per-transaction limits, address allowlists, and fleet pr... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 451 次。
如何安装 PaySpawn — On-Chain Spending Limits for AI Agents?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install payspawn」即可一键安装,无需额外配置。
PaySpawn — On-Chain Spending Limits for AI Agents 是免费的吗?
是的,PaySpawn — On-Chain Spending Limits for AI Agents 完全免费(开源免费),可自由下载、安装和使用。
PaySpawn — On-Chain Spending Limits for AI Agents 支持哪些平台?
PaySpawn — On-Chain Spending Limits for AI Agents 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 PaySpawn — On-Chain Spending Limits for AI Agents?
由 adambrainai(@adambrainai)开发并维护,当前版本 v1.0.3。
推荐 Skills