← 返回 Skills 市场
232
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install visa-virtual-cards
功能描述
VISA Virtual Cards | Manage compatible cards, wallets & payments. Financial management for Agents and OpenClaw bots.
安全使用建议
This skill appears to be what it says: a CreditClaw payment/virtual-card integration that needs only CREDITCLAW_API_KEY. Before installing or enabling it for an autonomous agent, consider the following:
- Treat CREDITCLAW_API_KEY like a sensitive secret and do not expose it anywhere else; follow the skill's warning. Rotate the key if you suspect leakage.
- The agent will retrieve one-time decryption keys and decrypt card details in memory. Ensure your agent runtime can hold secrets securely and will not log or persist decrypted card data (PCI considerations).
- By default the service uses approval_mode: ask_for_everything, but owners can change settings. If you plan to allow autonomous spending, require strict per-transaction and daily limits, domain allowlists, and require approval above small thresholds.
- Test in sandbox / staging first (the docs reference sandbox/test flows) and monitor webhook logs, transaction history, and owner notifications. Restrict agent network access if you want to limit where it can send sensitive data.
- If you need higher assurance, ask the skill publisher for an independent security / PCI attestation and confirm the real production domain and published API docs match these files.
功能分析
Type: OpenClaw Skill
Name: visa-virtual-cards
Version: 2.3.4
The visa-virtual-cards skill bundle provides a comprehensive framework for AI agents to manage financial transactions, including spending via virtual cards and receiving payments through Stripe. The bundle includes detailed instructions for secure registration, server-side spending limit enforcement, and an encrypted checkout flow (Rail 5) using AES-256-GCM. While the skill handles sensitive financial capabilities, it incorporates robust security warnings (e.g., in skill.md and encrypted-card.md), emphasizes human-in-the-loop approval processes, and lacks any evidence of malicious intent, data exfiltration, or unauthorized execution logic.
能力评估
Purpose & Capability
Name/description (virtual cards, wallets, payments) match the declared API base, endpoints, and required env var (CREDITCLAW_API_KEY). The documented endpoints (checkout, encrypted-card flow, stripe x402, top-ups, webhooks) are coherent with a payments/virtual-card management skill.
Instruction Scope
Runtime docs instruct the agent to perform sensitive operations (retrieve one-time AES-256-GCM decryption keys, decrypt card details in memory, complete checkouts, confirm results, poll status endpoints). That scope is expected for a checkout/virtual-card skill but requires the agent to handle raw card data in-memory and follow strict non-persistence rules (the docs explicitly warn not to store logs). Also the SKILL.md encourages fetching companion docs from creditclaw.com — harmless but implies network fetches of remote docs at runtime.
Install Mechanism
Instruction-only skill with no install spec and no binaries to install — lowest-risk install mechanism. All calls are to creditclaw.com; no third-party download URLs or extract steps are present.
Credentials
Only CREDITCLAW_API_KEY is required and declared as the primary credential. That single API key is proportionate to the stated purpose. The docs explicitly warn never to send the API key to other domains.
Persistence & Privilege
always:false (normal). disable-model-invocation:false means the skill may be invoked autonomously (the platform default). Because this skill can spend real funds, autonomous invocation increases blast radius if owner-side guardrails are loosened — however the default account mode is documented as approval_mode: ask_for_everything and server-side guardrails are described. Users should be aware of the financial implications of enabling autonomous agents with this skill.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install visa-virtual-cards - 安装完成后,直接呼叫该 Skill 的名称或使用
/visa-virtual-cards触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.3.4
visa-virtual-cards 2.3.4
- Updated documentation with detailed security practices and end-to-end usage guidance.
- Clarified multi-rail payment support, including Stripe Wallet (x402) and upcoming Crossmint Wallet support.
- Included quick start instructions and links to all component skill files for streamlined onboarding.
- Reinforced security recommendations and owner permission guardrails.
- No functional API changes noted; update is documentation-focused.
元数据
常见问题
VISA Virtual Cards | Manage compatible cards, wallets & payments 是什么?
VISA Virtual Cards | Manage compatible cards, wallets & payments. Financial management for Agents and OpenClaw bots. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 232 次。
如何安装 VISA Virtual Cards | Manage compatible cards, wallets & payments?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install visa-virtual-cards」即可一键安装,无需额外配置。
VISA Virtual Cards | Manage compatible cards, wallets & payments 是免费的吗?
是的,VISA Virtual Cards | Manage compatible cards, wallets & payments 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
VISA Virtual Cards | Manage compatible cards, wallets & payments 支持哪些平台?
VISA Virtual Cards | Manage compatible cards, wallets & payments 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 VISA Virtual Cards | Manage compatible cards, wallets & payments?
由 jononovo(@jononovo)开发并维护,当前版本 v2.3.4。
推荐 Skills