{ "schemaVersion": "1.0", "item": { "slug": "payrail402", "name": "payrail402", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/rsquaredsolutions2026/payrail402", "canonicalUrl": "https://clawhub.ai/rsquaredsolutions2026/payrail402", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/payrail402", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=payrail402", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "openclaw-skill.js", "README.md", "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-07T17:22:31.273Z", "expiresAt": "2026-05-14T17:22:31.273Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report", "contentDisposition": "attachment; filename=\"afrexai-annual-report-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/payrail402" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/payrail402", "agentPageUrl": "https://openagent3.xyz/skills/payrail402/agent", "manifestUrl": "https://openagent3.xyz/skills/payrail402/agent.json", "briefUrl": "https://openagent3.xyz/skills/payrail402/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "PayRail402", "body": "Track every financial transaction your AI agent makes — across any payment rail — in one place.\n\nPayRail402 is the control plane for AI agent transactions. When your agent makes a purchase, payment, or financial operation on Visa Intelligent Commerce, Mastercard Agent Pay, Stripe ACP, x402 (USDC on-chain), or ACH, this skill reports it to your PayRail402 dashboard for budget enforcement, anomaly detection, and cross-rail reconciliation." }, { "title": "Setup", "body": "Go to payrail402.com and create a free account\nAdd an agent in the dashboard — you'll receive a webhook token\nConfigure your environment:\n\nOption A — Webhook auth (simplest, one agent):\n\nPAYRAIL402_WEBHOOK_TOKEN=your-webhook-token\n\nOption B — API key auth (multi-agent setups):\n\nPAYRAIL402_API_KEY=pr4_your-key\nPAYRAIL402_AGENT_ID=your-agent-id\n\nYou only need one auth method. Webhook auth is recommended for single-agent use." }, { "title": "payrail402_track", "body": "Track a financial transaction after any purchase, payment, or financial operation.\n\nRequired inputs:\n\namount — Transaction amount (positive number, USD)\ndescription — What the agent did (max 500 chars)\n\nOptional inputs:\n\nmerchant — Merchant or service name (e.g., \"OpenAI\", \"AWS\")\ncategory — One of: shopping, finance, devops, research, travel, api, other\nrail — Payment rail: visa_ic, mc_agent, stripe_acp, x402, ach, manual\nmandate — Authorization or mandate reference\nproofHash — On-chain transaction hash (for x402 payments)\n\nWhen to use: Call this immediately after your agent completes any financial transaction. This feeds the PayRail402 dashboard with real-time spend data and triggers budget rule evaluation." }, { "title": "payrail402_register", "body": "Self-register this agent with PayRail402 to get tracking credentials.\n\nRequired inputs:\n\nname — Agent name (max 100 chars)\ncontactEmail — Developer/owner email for notifications and dashboard claiming\n\nOptional inputs:\n\ndescription — What this agent does\ntype — Agent type: shopping, finance, devops, research, travel, api, general\ncallbackUrl — Webhook URL for receiving alerts and budget violation events\n\nWhen to use: Call this once when the agent first starts and has no existing credentials. The response includes an API key (shown once — save it) and a webhook token." }, { "title": "payrail402_status", "body": "Check this agent's current status, claim state, and configuration on PayRail402.\n\nRequired inputs:\n\nagentAccountId — Agent account ID from registration\n\nWhen to use: Call this to verify the agent is still active, check its registration tier, or confirm it has been claimed by a dashboard user." }, { "title": "Supported Payment Rails", "body": "Rail IDNameDescriptionvisa_icVisa Intelligent CommerceVisa's AI agent payment protocolmc_agentMastercard Agent PayMastercard's autonomous agent payment railstripe_acpStripe Agent Credit PlatformStripe's agent-to-agent payment systemx402x402 ProtocolUSDC on-chain payments via HTTP 402achACHTraditional ACH bank transfersmanualManualManual or unclassified transactions" }, { "title": "What Happens After Tracking", "body": "When you call payrail402_track, the PayRail402 backend:\n\nRecords the transaction with full metadata\nUpdates agent spend stats (total spent, transaction count)\nEvaluates budget rules (per-transaction max, daily/weekly/monthly limits)\nRuns anomaly detection (flags transactions 3x above agent average)\nSends alerts to the dashboard (and optionally via email) on violations" }, { "title": "Permission Justification", "body": "This skill requires three environment variables. Here is exactly what each one is used for and why it is necessary:\n\nPAYRAIL402_WEBHOOK_TOKEN (primary credential)\n\nUsed by: payrail402_track tool\nHow: Embedded in the API URL path (/api/ingest/webhook/{token}) to authenticate transaction submissions\nWhy: Each agent has a unique webhook token that links transactions to the correct agent in the dashboard. Without it, the skill cannot submit transactions.\nSecurity: Sent as a URL path segment over HTTPS only. Never included in query strings, headers, or request bodies.\n\nPAYRAIL402_API_KEY\n\nUsed by: payrail402_track (alternative auth path) and payrail402_status tool\nHow: Sent via x-agent-key or x-api-key HTTP header over HTTPS\nWhy: Required for checking agent status and for multi-agent setups where one API key manages multiple agents. Not needed if you only use webhook auth for tracking.\nSecurity: Transmitted only in HTTP headers over HTTPS. Format: pr4_ prefix + base64url secret. Stored as SHA-256 hash on the server.\n\nPAYRAIL402_AGENT_ID\n\nUsed by: payrail402_track (with API key auth) and payrail402_status tool\nHow: Included in the API URL path (/api/v1/agents/{agentId}) and request body\nWhy: Identifies which agent account to operate on when using API key auth. Not needed for webhook auth (the webhook token already identifies the agent).\nSecurity: Not a secret — it is a public CUID identifier. Included in URL paths only." }, { "title": "Security", "body": "This skill is designed to be transparent and minimal:\n\nSingle endpoint: All network requests go to https://payrail402-production-2a69.up.railway.app over HTTPS only\nNo filesystem access: The skill does not read, write, or modify any files\nNo shell commands: The skill does not execute any system commands\nNo other network calls: The skill makes no requests to any other domain or service\nZero dependencies: The entire implementation is a single JavaScript file with no external packages\nCredential handling: API keys and webhook tokens are sent via HTTP headers or URL path segments — never in query strings, never logged, never stored locally\n\nYou can inspect the full implementation in openclaw-skill.js — it is 184 lines of plain JavaScript." }, { "title": "Troubleshooting", "body": "ErrorCauseFixNo credentials configured. Set webhookToken or apiKey in skill config.Neither PAYRAIL402_WEBHOOK_TOKEN nor PAYRAIL402_API_KEY is setSet at least one credential — see Setup aboveamount must be a positive numberThe amount input is missing, zero, or negativePass a positive number for the transaction amountapiKey is required in skill config to check statusCalled payrail402_status without PAYRAIL402_API_KEYSet PAYRAIL402_API_KEY — status checks require API key authHTTP 429 (Too Many Requests)Rate limit exceededWebhook: max 60 requests/minute. Register: max 10/hour. Wait and retry.HTTP 403 (Forbidden)Agent is paused or stopped in the dashboardResume the agent in your PayRail402 dashboardHTTP 400 (Bad Request)Invalid input (missing required field or bad format)Check that amount and description are provided and validNetwork error / timeoutCannot reach PayRail402 APICheck internet connectivity. The API is at payrail402-production-2a69.up.railway.app" }, { "title": "Links", "body": "Dashboard: payrail402.com\nSDK: npm install @payrail402/sdk\nAgent Card: payrail402.com/.well-known/agent-card.json\nFull API Docs: payrail402.com/llms-full.txt" } ], "body": "PayRail402\n\nTrack every financial transaction your AI agent makes — across any payment rail — in one place.\n\nPayRail402 is the control plane for AI agent transactions. When your agent makes a purchase, payment, or financial operation on Visa Intelligent Commerce, Mastercard Agent Pay, Stripe ACP, x402 (USDC on-chain), or ACH, this skill reports it to your PayRail402 dashboard for budget enforcement, anomaly detection, and cross-rail reconciliation.\n\nSetup\nGo to payrail402.com and create a free account\nAdd an agent in the dashboard — you'll receive a webhook token\nConfigure your environment:\n\nOption A — Webhook auth (simplest, one agent):\n\nPAYRAIL402_WEBHOOK_TOKEN=your-webhook-token\n\n\nOption B — API key auth (multi-agent setups):\n\nPAYRAIL402_API_KEY=pr4_your-key\nPAYRAIL402_AGENT_ID=your-agent-id\n\n\nYou only need one auth method. Webhook auth is recommended for single-agent use.\n\nTools\npayrail402_track\n\nTrack a financial transaction after any purchase, payment, or financial operation.\n\nRequired inputs:\n\namount — Transaction amount (positive number, USD)\ndescription — What the agent did (max 500 chars)\n\nOptional inputs:\n\nmerchant — Merchant or service name (e.g., \"OpenAI\", \"AWS\")\ncategory — One of: shopping, finance, devops, research, travel, api, other\nrail — Payment rail: visa_ic, mc_agent, stripe_acp, x402, ach, manual\nmandate — Authorization or mandate reference\nproofHash — On-chain transaction hash (for x402 payments)\n\nWhen to use: Call this immediately after your agent completes any financial transaction. This feeds the PayRail402 dashboard with real-time spend data and triggers budget rule evaluation.\n\npayrail402_register\n\nSelf-register this agent with PayRail402 to get tracking credentials.\n\nRequired inputs:\n\nname — Agent name (max 100 chars)\ncontactEmail — Developer/owner email for notifications and dashboard claiming\n\nOptional inputs:\n\ndescription — What this agent does\ntype — Agent type: shopping, finance, devops, research, travel, api, general\ncallbackUrl — Webhook URL for receiving alerts and budget violation events\n\nWhen to use: Call this once when the agent first starts and has no existing credentials. The response includes an API key (shown once — save it) and a webhook token.\n\npayrail402_status\n\nCheck this agent's current status, claim state, and configuration on PayRail402.\n\nRequired inputs:\n\nagentAccountId — Agent account ID from registration\n\nWhen to use: Call this to verify the agent is still active, check its registration tier, or confirm it has been claimed by a dashboard user.\n\nSupported Payment Rails\nRail ID\tName\tDescription\nvisa_ic\tVisa Intelligent Commerce\tVisa's AI agent payment protocol\nmc_agent\tMastercard Agent Pay\tMastercard's autonomous agent payment rail\nstripe_acp\tStripe Agent Credit Platform\tStripe's agent-to-agent payment system\nx402\tx402 Protocol\tUSDC on-chain payments via HTTP 402\nach\tACH\tTraditional ACH bank transfers\nmanual\tManual\tManual or unclassified transactions\nWhat Happens After Tracking\n\nWhen you call payrail402_track, the PayRail402 backend:\n\nRecords the transaction with full metadata\nUpdates agent spend stats (total spent, transaction count)\nEvaluates budget rules (per-transaction max, daily/weekly/monthly limits)\nRuns anomaly detection (flags transactions 3x above agent average)\nSends alerts to the dashboard (and optionally via email) on violations\nPermission Justification\n\nThis skill requires three environment variables. Here is exactly what each one is used for and why it is necessary:\n\nPAYRAIL402_WEBHOOK_TOKEN (primary credential)\n\nUsed by: payrail402_track tool\nHow: Embedded in the API URL path (/api/ingest/webhook/{token}) to authenticate transaction submissions\nWhy: Each agent has a unique webhook token that links transactions to the correct agent in the dashboard. Without it, the skill cannot submit transactions.\nSecurity: Sent as a URL path segment over HTTPS only. Never included in query strings, headers, or request bodies.\n\nPAYRAIL402_API_KEY\n\nUsed by: payrail402_track (alternative auth path) and payrail402_status tool\nHow: Sent via x-agent-key or x-api-key HTTP header over HTTPS\nWhy: Required for checking agent status and for multi-agent setups where one API key manages multiple agents. Not needed if you only use webhook auth for tracking.\nSecurity: Transmitted only in HTTP headers over HTTPS. Format: pr4_ prefix + base64url secret. Stored as SHA-256 hash on the server.\n\nPAYRAIL402_AGENT_ID\n\nUsed by: payrail402_track (with API key auth) and payrail402_status tool\nHow: Included in the API URL path (/api/v1/agents/{agentId}) and request body\nWhy: Identifies which agent account to operate on when using API key auth. Not needed for webhook auth (the webhook token already identifies the agent).\nSecurity: Not a secret — it is a public CUID identifier. Included in URL paths only.\nSecurity\n\nThis skill is designed to be transparent and minimal:\n\nSingle endpoint: All network requests go to https://payrail402-production-2a69.up.railway.app over HTTPS only\nNo filesystem access: The skill does not read, write, or modify any files\nNo shell commands: The skill does not execute any system commands\nNo other network calls: The skill makes no requests to any other domain or service\nZero dependencies: The entire implementation is a single JavaScript file with no external packages\nCredential handling: API keys and webhook tokens are sent via HTTP headers or URL path segments — never in query strings, never logged, never stored locally\n\nYou can inspect the full implementation in openclaw-skill.js — it is 184 lines of plain JavaScript.\n\nTroubleshooting\nError\tCause\tFix\nNo credentials configured. Set webhookToken or apiKey in skill config.\tNeither PAYRAIL402_WEBHOOK_TOKEN nor PAYRAIL402_API_KEY is set\tSet at least one credential — see Setup above\namount must be a positive number\tThe amount input is missing, zero, or negative\tPass a positive number for the transaction amount\napiKey is required in skill config to check status\tCalled payrail402_status without PAYRAIL402_API_KEY\tSet PAYRAIL402_API_KEY — status checks require API key auth\nHTTP 429 (Too Many Requests)\tRate limit exceeded\tWebhook: max 60 requests/minute. Register: max 10/hour. Wait and retry.\nHTTP 403 (Forbidden)\tAgent is paused or stopped in the dashboard\tResume the agent in your PayRail402 dashboard\nHTTP 400 (Bad Request)\tInvalid input (missing required field or bad format)\tCheck that amount and description are provided and valid\nNetwork error / timeout\tCannot reach PayRail402 API\tCheck internet connectivity. The API is at payrail402-production-2a69.up.railway.app\nLinks\nDashboard: payrail402.com\nSDK: npm install @payrail402/sdk\nAgent Card: payrail402.com/.well-known/agent-card.json\nFull API Docs: payrail402.com/llms-full.txt" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/rsquaredsolutions2026/payrail402", "publisherUrl": "https://clawhub.ai/rsquaredsolutions2026/payrail402", "owner": "rsquaredsolutions2026", "version": "1.0.2", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/payrail402", "downloadUrl": "https://openagent3.xyz/downloads/payrail402", "agentUrl": "https://openagent3.xyz/skills/payrail402/agent", "manifestUrl": "https://openagent3.xyz/skills/payrail402/agent.json", "briefUrl": "https://openagent3.xyz/skills/payrail402/agent.md" } }