← 返回 Skills 市场

Receipts Guard

Name: Receipts Guard
Author: lazaruseth

作者 lazaruseth · GitHub ↗ · v0.7.1

cross-platform ⚠ suspicious

2058

总下载

当前安装

版本数

在 OpenClaw 中安装

/install receipts-guard

功能描述

ERC-8004 identity, x402 payments, and arbitration protocol for autonomous agent commerce. The three rails for the machine economy.

安全使用建议

This skill implements on-chain identity, payments, and arbitration and includes Node code that will create and store keys, talk to blockchain RPC endpoints, and can run as a persistent HTTP service. Before installing or running it: 1) Treat RECEIPTS_WALLET_PRIVATE_KEY and any API keys as highly sensitive — do NOT export a long-term mainnet private key into an environment on a shared machine; prefer ephemeral wallets or a signing service/hardware wallet. 2) Inspect the full capture.js (the bundle here is truncated) to verify where secrets are written, whether keys are encrypted at rest, and what external endpoints are contacted. 3) Confirm the skill author and provenance (homepage is missing and owner identity is opaque); the included SECURITY_AUDIT.md appears to be an internal/self-audit—confirm its independence. 4) If you must run it, do so in an isolated environment (container or VM) with limited network access and use testnet/ephemeral keys first. 5) Ask the author to update registry metadata to explicitly list required env vars (wallet key, RPC endpoints, Moltbook key) and to document key-encryption, telemetry, and network endpoints used. These steps will reduce the risk of accidentally exposing private keys or running an unexpectedly persistent service.

功能分析

Type: OpenClaw Skill Name: receipts-guard Version: 0.7.1 The OpenClaw AgentSkills bundle 'receipts-guard' is classified as benign. While it implements powerful features like cryptographic key management, on-chain transactions using a private key, and an HTTP server, these capabilities are directly aligned with its stated purpose as an 'arbitration protocol for autonomous agent commerce'. The `SKILL.md` documentation provides clear instructions for the agent's operation without any evidence of prompt injection attempts to subvert the agent's core directives or exfiltrate unrelated data. The `capture.js` code demonstrates robust security practices, including restricted file permissions (e.g., `0o600` for private keys in `~/.openclaw/receipts/identity/private/`), strong Ed25519 cryptography with replay protection, and a security-hardened HTTP server featuring rate limiting, configurable CORS, API key authentication, DID request signing, and input validation. The `SECURITY_AUDIT.md` further confirms a proactive approach to security, detailing a fixed file permission vulnerability and outlining future enhancements. All identified high-risk capabilities are necessary for the skill's functionality and are handled with appropriate warnings and secure configuration expectations (e.g., `RECEIPTS_WALLET_PRIVATE_KEY` as an environment variable).

能力评估

⚠ Purpose & Capability

The name/description (ERC-8004 identity, x402 payments, arbitration) matches the included code (capture.js) and dependencies (ethers, tweetnacl). That part is coherent. However the registry metadata declares no required environment variables or primary credential, while the SKILL.md and capture.js clearly describe and use sensitive environment variables (RECEIPTS_WALLET_PRIVATE_KEY, ETHEREUM_RPC, BASE_RPC, SEPOLIA_RPC, RECEIPTS_MOLTBOOK_KEY, etc.). The absence of declared required env vars in metadata is an inconsistency and reduces transparency about what secrets the skill actually needs.

⚠ Instruction Scope

SKILL.md and capture.js instruct the agent to create and rotate private keys, anchor DIDs on-chain (which requires a wallet private key), interact with RPC endpoints, run an HTTP server mode, and read/write a persistent directory under the user's home (~/.openclaw/receipts). They also describe human-controller Twitter-based recovery and Moltbook witnessing. These actions involve creating/storing private keys, writing files under home, and making outbound network calls — all broader than a minimal, read-only helper. The instructions reference secrets and external endpoints not declared in the skill metadata and allow deployment as a persistent cloud service.

✓ Install Mechanism

There is no install spec that fetches arbitrary binaries or archives; the bundle includes capture.js and package.json/lock with common npm deps (ethers, tweetnacl). No external download URLs or shorteners are used. Risk from installation is limited to installing/ running the included JavaScript in a Node environment and its declared npm dependencies (standard for this functionality).

⚠ Credentials

The code and SKILL.md expect multiple sensitive environment variables (e.g., RECEIPTS_WALLET_PRIVATE_KEY for on-chain registration and ETHEREUM_RPC/BASE_RPC/SEPOLIA_RPC endpoints, plus optional RECEIPTS_MOLTBOOK_KEY and RECEIPTS_CUSTOM_RULES). The registry metadata listed none. Requesting a wallet private key and API keys is reasonable for on-chain operations, but the metadata should declare them explicitly. Storing or exporting a raw private key via environment variables is high-risk; the skill's instructions also mention filesystem storage of keys under ~/.openclaw/receipts which must be protected. The mismatch between declared and actual secret needs creates an opportunity for accidental secret exposure.

ℹ Persistence & Privilege

The skill does not request always:true and allows user invocation/autonomous invocation by default (normal). However capture.js writes persistent data to ~/.openclaw/receipts and includes a 'serve' HTTP server mode plus a fly.toml for cloud deployment — so it is designed to run as a persistent agent/service if you choose. That increases exposure over a purely transient helper but is functionally coherent for a service that anchors identities and manages receipts.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install receipts-guard
安装完成后，直接呼叫该 Skill 的名称或使用 /receipts-guard 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v0.7.1

receipts-guard v0.7.1 - 🔐 Added HTTP API authentication with API Key and DID signature support - 🛡️ Authorization checks: only counterparties can accept proposals via API - 🌐 CORS restricted: default block, configurable allowed origins - ⚡ Implemented rate limiting (100 requests/min per IP) - ✅ Input validation for payment address, amount, and deadlines on proposals - Clear separation of protected vs public HTTP endpoints in server mode

v0.7.0

- Integrates ERC-8004 for on-chain agent identity registration on Ethereum and Base chains - Adds x402 protocol support for paid arbitration and automated settlement using USDC/ETH - Introduces cloud deployment: Dockerfile and Fly.io Sprites support with HTTP REST API mode - New commands: `identity anchor` (on-chain registration), `identity resolve` (chain DID lookup) - Enables proposals and arbitration flows that require and verify payment proofs (x402 native) - Generalizes local-first design to support cloud and persistent deployments

v0.6.0

v0.6.0: Self-Sovereign Agent Identity - DID-based identity with Ed25519 signatures, key rotation with proof chain, human controller recovery

v0.5.0

RECEIPTS Guard v0.5.0 introduces a full agent-to-agent arbitration protocol for autonomous commerce: - Adds arbitration lifecycle: proposal → agreement → fulfillment/dispute → ruling. - Introduces PAO (Programmable Agreement Object) with canonical termsHash and mutual signatures. - Supports selection of a mutually agreed arbiter for binding rulings. - Adds structured commands for proposing, accepting, fulfilling, disputing, and ruling on agreements. - Implements Legal Provenance Review (LPR) timelines for evidentiary transparency. - Evidence capture and submission workflows enhanced for arbitration and dispute resolution.

v0.4.0

RECEIPTS Guard v0.4.0: Major feature update with new agent-to-agent commitment capture, decentralized witnessing, enhanced exports, and customization. - Added agent-to-agent commitment capture: record outbound and inbound promises, not just website ToS. - Integrated decentralized witnessing: anchor evidence hashes to Moltbook and/or Bitcoin. - Introduced PDF export: generate courtroom-ready evidence documents. - Enabled custom rulesets: define or import risk detection rules for industry-specific needs. - Provided direct framework integration: new hooks for agent workflows (OpenClaw, n8n, LangGraph). - Updated documentation and quickstart with new commands and usage examples.

v0.3.0

**Major update: Adds consent proof features and improved dispute handling.** - Consent Proofs: Capture not only what was agreed, but also how consent was given (explicit, implicit, continued_use). - Implicit Consent Detection: Flags "continued use = acceptance" patterns for increased transparency. - Diff Generation: See precise changes between Terms of Service versions. - Dispute Packages: Generate comprehensive, ready-to-use evidence reports for legal disputes. - Legal Disclaimer: Now displays a warning that this tool is not a substitute for legal review. - New query options and expanded risk pattern detection.

v0.2.0

Version 0.2.0 - Added the ability to query receipts by merchant, risk level, or date. - Change detection now alerts when terms of service have changed since the last capture. - Receipts can be exported to JSON or CSV for evidence and backup. - Smart deduplication flags duplicate captures automatically. - New index file enables fast local searching without scanning all receipt files.

v0.1.1

- Now performs all evidence capture and risk analysis completely locally—no cloud or API required; your data stays on your device. - Removes dependence on external API keys—RECEIPTS_API_KEY is no longer required. - Updates documentation to reflect local-only operation and clarifies that all agreement data and risk analysis remain on your machine. - Expanded documentation on what risk clauses the tool detects during agreement capture. - Local capture now includes a document hash and explicit statement of local storage in output for easier auditing and privacy.

v0.1.0

Initial release of receipts-guard. - Captures and verifies agreements before agent actions (e.g., accepting terms, making payments). - Provides immutable audit trails, risk analysis, trust scoring, and dispute evidence for autonomous transactions. - API integration to analyze agreements and recommend actions: proceed, require approval, or block. - CLI interface for capturing agreements and payments, storing receipt IDs, and handling risk flags. - Configuration via OpenClaw agent settings with API key support. - Full documentation for setup, usage, examples, and troubleshooting.

元数据

Slug receipts-guard

版本 0.7.1

许可证 —

累计安装 3

当前安装数 1

历史版本数 9

常见问题

Receipts Guard 是什么？

ERC-8004 identity, x402 payments, and arbitration protocol for autonomous agent commerce. The three rails for the machine economy. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 2058 次。

如何安装 Receipts Guard？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install receipts-guard」即可一键安装，无需额外配置。

Receipts Guard 是免费的吗？

是的，Receipts Guard 完全免费（开源免费），可自由下载、安装和使用。

Receipts Guard 支持哪些平台？

Receipts Guard 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Receipts Guard？

由 lazaruseth（@lazaruseth）开发并维护，当前版本 v0.7.1。