# Send WachAI-x402 to your agent
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
## Fast path
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
## Suggested prompts
### New install

```text
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
```
### Upgrade existing

```text
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
```
## Machine-readable fields
```json
{
  "schemaVersion": "1.0",
  "item": {
    "slug": "wachai-x402",
    "name": "WachAI-x402",
    "source": "tencent",
    "type": "skill",
    "category": "AI 智能",
    "sourceUrl": "https://clawhub.ai/Akshat-Mishra101/wachai-x402",
    "canonicalUrl": "https://clawhub.ai/Akshat-Mishra101/wachai-x402",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadUrl": "/downloads/wachai-x402",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=wachai-x402",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "packageFormat": "ZIP package",
    "primaryDoc": "SKILL.md",
    "includedAssets": [
      "SKILL.md"
    ],
    "downloadMode": "redirect",
    "sourceHealth": {
      "source": "tencent",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-30T16:55:25.780Z",
      "expiresAt": "2026-05-07T16:55:25.780Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network",
        "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"",
        "redirectLocation": null,
        "bodySnippet": null
      },
      "scope": "source",
      "summary": "Source download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this source.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/wachai-x402"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    }
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/wachai-x402",
    "downloadUrl": "https://openagent3.xyz/downloads/wachai-x402",
    "agentUrl": "https://openagent3.xyz/skills/wachai-x402/agent",
    "manifestUrl": "https://openagent3.xyz/skills/wachai-x402/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/wachai-x402/agent.md"
  }
}
```
## Documentation

### x402-wach — DeFi Risk Analysis

A DeFi risk analysis toolkit powered by WACH.AI, using x402 with AWAL-managed key custody.

### OpenClaw Hard Rules (Non-Negotiable)

When this skill is active, OpenClaw must follow all rules below:

Never request or expose secrets

Never ask for private keys, seed phrases, mnemonics, wallet export files, or raw signing material.
Never suggest using wallet.json or any local key file flow.



AWAL-only custody path

Always use AWAL-backed commands for setup and payments.
Treat legacy local-wallet instructions as invalid for this skill version.



Run readiness checks before paid calls

Before verify-risk, ensure AWAL is ready via wallet setup or wallet doctor.
If not ready, stop and guide user to login/fund flow.



Respect payment guardrails

Default max payment cap is 10000 atomic USDC ($0.01) per request.
Do not raise cap unless the user explicitly asks.



Do not hide payment failure details

If payment fails, surface clear reason and next action (auth, balance, network, command mismatch).
Do not claim success unless report payload is actually present.



No blind retries that may duplicate spend

For network/transient errors, retry once at most.
Keep the same request context and tell the user a retry was attempted.



Always present source link in final report

Prefer TokenSense URL pattern:

https://tokensense.wach.ai/<chain>/<tokenAddress>


Use API source only as fallback.

### When to Use This Skill

Use this skill when user asks to:

assess DeFi risk for a token
detect scam/honeypot patterns
inspect holder concentration/liquidity quality
review contract risk signals
get risk/market/code score breakdown
evaluate tokens across eth, pol, base, bsc, or sol

### Supported Chains

Short NameChainToken StandardethEthereumERC-20polPolygonERC-20baseBaseERC-20bscBinance Smart ChainBEP-20solSolanaSPL

Payment is always in USDC on Base, regardless of analysis chain.

### 1) Readiness / Setup

Run:

x402-wach wallet setup

If setup says not ready, run:

x402-wach wallet doctor
x402-wach wallet login <EMAIL>
x402-wach wallet verify <FLOW_ID> <OTP>
x402-wach wallet balance

Interpretation:

✓ Ready to make x402 payments with AWAL -> proceed to analysis.
AWAL wallet is not authenticated -> run login + verify flow.
Insufficient USDC on Base -> ask user to fund AWAL address.
Could not read AWAL balance/status -> run doctor and show raw failure.

### 2) Risk Analysis

Run:

x402-wach verify-risk <TOKEN_ADDRESS> <CHAIN_SHORT_NAME>

Preferred cap-safe form:

x402-wach verify-risk <TOKEN_ADDRESS> <CHAIN_SHORT_NAME> --max-amount-atomic 10000

### 3) Optional Helpers

x402-wach wallet status
x402-wach wallet address
x402-wach chains
x402-wach guide

### Readiness/Doctor Output

Contains ✓ Ready -> safe to proceed with paid analysis.
Contains not authenticated -> require OTP login/verify.
Contains Insufficient USDC -> request wallet funding on Base.
Contains command-help text from AWAL -> command mismatch/version issue; run x402-wach wallet doctor and use supported subcommands shown.
Contains JSON parse errors -> treat as AWAL output format mismatch; surface raw error and do not continue paid flow.

### verify-risk Output

Token analysis complete! + populated sections -> success.
Header only with empty body -> payload unwrap issue; report as tool parsing bug.
No token found / empty report -> valid call, no token at address/chain.
402/payment error -> wallet balance/cap/auth issue; user action required.

### Safety-Focused User Guidance

When blocked, provide this exact short path:

x402-wach wallet doctor
x402-wach wallet login <email>
x402-wach wallet verify <flowId> <otp>
x402-wach wallet balance

Then retry:

x402-wach verify-risk <TOKEN_ADDRESS> <CHAIN_SHORT_NAME> --max-amount-atomic 10000

### Programmatic Usage Pattern (Agent-Friendly)

import {
  getAwalReadiness,
  validateTokenAddress,
  verifyTokenRisk,
} from "@quillai-network/x402-wach";

const token = "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48";
const chain = "eth";

const validation = validateTokenAddress(token, chain);
if (!validation.valid) throw new Error(validation.error);

const readiness = await getAwalReadiness(10_000);
if (!readiness.ready) throw new Error(readiness.reasons.join("; "));

const report = await verifyTokenRisk(token, chain, { maxAmountAtomic: 10_000 });
console.log(report);

### Expected Report Sections

On successful analysis, formatted output can include:

Market Data
Risk Scores
Honeypot Analysis
Holders
Liquidity
Code Analysis
Social & Community
Source (TokenSense link) + report timestamp

### Absolute Prohibitions for OpenClaw

Do not use or suggest wallet create, wallet import, or wallet.json.
Do not ask user for private key or seed phrase.
Do not increase spend cap silently.
Do not claim analysis success when output parsing failed.
Do not suppress AWAL raw errors when diagnosis is needed.
## Trust
- Source: tencent
- Verification: Indexed source record
- Publisher: Akshat-Mishra101
- Version: 1.0.2
## Source health
- Status: healthy
- Source download looks usable.
- Yavira can redirect you to the upstream package for this source.
- Health scope: source
- Reason: direct_download_ok
- Checked at: 2026-04-30T16:55:25.780Z
- Expires at: 2026-05-07T16:55:25.780Z
- Recommended action: Download for OpenClaw
## Links
- [Detail page](https://openagent3.xyz/skills/wachai-x402)
- [Send to Agent page](https://openagent3.xyz/skills/wachai-x402/agent)
- [JSON manifest](https://openagent3.xyz/skills/wachai-x402/agent.json)
- [Markdown brief](https://openagent3.xyz/skills/wachai-x402/agent.md)
- [Download page](https://openagent3.xyz/downloads/wachai-x402)