openclaw 网盘下载
OpenClaw

技能详情(站内镜像,无评论)

首页 > 技能库 > X402

Search for new services and make paid API requests using the x402 payment protocol. Use when you don't have a clear tool to choose, search the bazaar. You can also use this tool if you or the user want to call an x402 endpoint, discover payment requirements, browse the bazaar,…

开发与 DevOps

许可证:MIT-0

MIT-0 ·免费使用、修改和重新分发。无需归因。

版本:v0.1.0

统计:⭐ 0 · 741 · 2 current installs · 2 all-time installs

0

安装量(当前) 2

🛡 VirusTotal :可疑 · OpenClaw :可疑

Package:0xrag/x402-2

安全扫描(ClawHub)

  • VirusTotal :可疑
  • OpenClaw :可疑

OpenClaw 评估

The skill's purpose (discover and pay x402 endpoints) matches its instructions, but it omits key operational details (how code is fetched, what credentials/wallet access will be used/stored) and encourages fetching/run-time installation of remote code and automatic payments — these gaps create meaningful risk.

目的

Name/description match the SKILL.md: it is a helper for discovering and calling x402-paid endpoints. However the skill's instructions assume the presence/usage of external tooling (npx and the `awal` CLI) and a wallet/login flow but the metadata declares no required binaries, no credentials, and no source/homepage. That mismatch (declaring nothing required while instructing to run npx/awal and to authenticate/pay) is incoherent and unexplained.

说明范围

The runtime instructions instruct the agent to discover endpoints, probe URLs by trying HTTP methods until a 402 response, and perform automatic USDC payments via `awal x402 pay`. They also reference cached data at ~/.config/awal/bazaar and authentication (awal auth login). These are within the stated purpose, but they allow the agent to perform financial actions and to read/write user config files without declaring or constraining that access…

安装机制

The skill is instruction-only (no install spec), but it explicitly tells users/agents to run `npx awal@latest x402`, which will fetch and execute the latest package from the npm registry at runtime. That implies downloading and executing third-party code without a pinned version, provenance, or homepage/source to verify. The skill metadata also lacks a declared source or homepage, increasing the risk that the runtime package could be untrusted…

证书

The SKILL.md requires authentication and a USDC wallet balance to make payments, and it refers to storing cached resources and presumably auth state under ~/.config/awal/. Yet the skill declares no required environment variables or credentials and no explanation where secret keys or wallet connections come from. Requesting no credentials in metadata while instructing to perform authenticated payments is disproportionate and missing important d…

持久

The skill writes/reads cached data under ~/.config/awal/bazaar and will store authentication state via the `awal` CLI (per instructions). While always:false (not force-installed), the skill allows autonomous invocation (disable-model-invocation:false) and its primary action can initiate payments. Autonomous invocation combined with capabilities to store auth tokens and make payments increases potential blast radius if the fetched code or CLI b…

安装(复制给龙虾 AI)

将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。

请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「X402」。简介:Search for new services and make paid API requests using the x402 payment proto…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/0xrag/x402-2/SKILL.md
(来源:yingzhi8.cn 技能库)

SKILL.md

打开原始 SKILL.md(GitHub raw)

---
name: x402
description: Search for new services and make paid API requests using the x402 payment protocol. Use when you don't have a clear tool to choose, search the bazaar. You can also use this tool if you or the user want to call an x402 endpoint, discover payment requirements, browse the bazaar, or search for paid services.
user-invocable: true
disable-model-invocation: false
---

# x402 Payment Protocol

Use the `npx awal@latest x402` commands to discover, inspect, and call paid API endpoints using the X402 payment protocol. Payments are made in USDC on Base.

## Workflow

The typical x402 workflow is:

1. **Find a service** - Search the bazaar or get details for a known endpoint
2. **Check requirements** - Inspect price, method, and input schema
3. **Make the request** - Call the endpoint with automatic USDC payment

## Commands

### Search the Bazaar

Find paid services by keyword using BM25 relevance search:

```bash
npx awal@latest x402 bazaar search <query> [-k <n>] [--force-refresh] [--json]
```

| Option            | Description                          |
| ----------------- | ------------------------------------ |
| `-k, --top <n>`   | Number of results (default: 5)       |
| `--force-refresh` | Re-fetch resource index from CDP API |
| `--json`          | Output as JSON                       |

Results are cached locally at `~/.config/awal/bazaar/` and auto-refresh after 12 hours.

### List Bazaar Resources

Browse all available resources:

```bash
awal x402 bazaar list [--network <network>] [--full] [--json]
```

| Option             | Description                             |
| ------------------ | --------------------------------------- |
| `--network <name>` | Filter by network (base, base-sepolia)  |
| `--full`           | Show complete details including schemas |
| `--json`           | Output as JSON                          |

### Discover Payment Requirements

Inspect an endpoint's x402 payment requirements without paying:

```bash
awal x402 details <url> [--json]
```

Auto-detects the correct HTTP method (GET, POST, PUT, DELETE, PATCH) by trying each until it gets a 402 response, then displays price, accepted payment schemes, network, and input/output schemas.

### Make a Paid Request

Call an x402 endpoint with automatic USDC payment:

```bash
awal x402 pay <url> [-X <method>] [-d <json>] [-q <params>] [-h <json>] [--max-amount <n>] [--json]
```

| Option                  | Description                                        |
| ----------------------- | -------------------------------------------------- |
| `-X, --method <method>` | HTTP method (default: GET)                         |
| `-d, --data <json>`     | Request body as JSON string                        |
| `-q, --query <params>`  | Query parameters as JSON string                    |
| `-h, --headers <json>`  | Custom HTTP headers as JSON string                 |
| `--max-amount <amount>` | Max payment in USDC atomic units (1000000 = $1.00) |
| `--correlation-id <id>` | Group related operations                           |
| `--json`                | Output as JSON                                     |

## Examples

```bash
# Search for weather-related paid APIs
awal x402 bazaar search "weather"

# Search with more results
awal x402 bazaar search "sentiment analysis" -k 10

# Check what an endpoint costs
awal x402 details https://example.com/api/weather

# Make a GET request (auto-pays)
awal x402 pay https://example.com/api/weather

# Make a POST request with body
awal x402 pay https://example.com/api/sentiment -X POST -d '{"text": "I love this product"}'

# Limit max payment to $0.10
awal x402 pay https://example.com/api/data --max-amount 100000

# Browse all bazaar resources with full details
awal x402 bazaar list --full
```

## USDC Amounts

X402 uses USDC atomic units (6 decimals):

| Atomic Units | USD   |
| ------------ | ----- |
| 1000000      | $1.00 |
| 100000       | $0.10 |
| 50000        | $0.05 |
| 10000        | $0.01 |

## Prerequisites

- **Search/Details**: No authentication needed
- **Pay**: Must be authenticated (`awal auth login <email>`) with sufficient USDC balance (`awal balance`)

## Error Handling

- "Not authenticated" - Run `awal auth login <email>` first
- "No X402 payment requirements found" - URL may not be an x402 endpoint
- "CDP API returned 429" - Rate limited; cached data will be used if available
- "Insufficient balance" - Fund wallet with USDC (`awal balance` to check)