MagicPay
by @xor777
Handle approved login, identity, checkout, donation, subscription, payment pages, and typed action approvals through the magicpay CLI.
clawhub install magicpayπ About This Skill
name: magicpay description: Protected-form workflows through the magicpay CLI for approved prepared login, identity, and payment pages with fill-for-review before submit. homepage: https://www.npmjs.com/package/@mercuryo-ai/magicpay-cli metadata: {"openclaw":{"homepage":"https://github.com/MercuryoAI/skills/blob/main/docs/magicpay/openclaw/marketplace/README.md","requires":{"env":["MAGICPAY_API_KEY"],"bins":["magicpay"],"config":["~/.magicpay/config.json"]},"primaryEnv":"MAGICPAY_API_KEY","install":[{"id":"npm","kind":"node","package":"@mercuryo-ai/magicpay-cli@0.1.10","bins":["magicpay"],"label":"Install MagicPay CLI (npm)"}]}}
MagicPay is the protected-step layer for tasks that are already at the relevant login, identity, payment, or other protected step.
Values come from a user-approved vault on the MagicPay side β logins, identities, payment cards, and wallets that the user saved earlier. This skill's job is to bring those approved values to the current form without the raw values passing through the LLM prompt. MagicPay hides protected values from the calling model; it does not make an untrusted runtime safe. If the browser, OS, or shell is compromised, MagicPay alone does not protect against that.
Use this skill when the browser page is already prepared and the remaining work is to:
attach;auto, confirm,provide);
resolve-fields;
MagicPay works best as a focused companion to a browsing tool. It takes over once the browser is already on the right protected step.
Hard Rules
> Submission requires explicit approval. Before any submit, protected > action, purchase, login, identity submission, account change, or other > consequential action, confirm the exact site/merchant, action, and visible > amount or data being submitted. Use non-submit review flows first whenever > available. Do not treat built-in guarded submit support as permission to > submit without this approval.
> Fill first, submit second. In orchestrated skill workflows, default to
> magicpay resolve-form . After the user approves the
> final action and the page is freshly checked, use magicpay submit-form
> only for that approved form. Use plain resolve-form
> without --no-submit only when the user already approved immediate guarded
> submit for the current site/action/data.
> Credential and browser authority are sensitive. Do not print, log, or
> share MAGICPAY_API_KEY, ~/.magicpay/config.json, CDP endpoints, or vault
> item ids. Use magicpay attach only for the prepared browser/session the
> user approved for this task. If the machine or workspace is shared or
> compromised, stop and ask the user to rotate/revoke the key.
> Profile matches need review on sensitive pages. resolve-fields uses a
> session-local open-data profile snapshot for non-secret facts. Use target
> refs from the latest observation, refresh the snapshot before sensitive
> identity/payment follow-up fields, and review matched autofills before
> applying them on high-impact pages.
What MagicPay Stores
The user's MagicPay vault holds items in four categories:
login β username, password (e.g. a ChatGPT or merchant login).identity β full name, date of birth, contact, address, nationality,payment_card β cardholder, PAN, expiry, CVV.wallet β wallet address, chain.Schemas are fixed on the server (login.basic, identity.basic,
identity.document, payment_card.provider, wallet.default). An agent
does not invent new categories or field names β it works with what the
current form declares and matches it to what the user has stored.
Do not assume emptiness or abundance from prior context. If you need to
know *whether* the user has something usable for a host, let find-form
and the resolve path tell you, or ask the user. Do not read or print vault
contents yourself.
Prerequisites
magicpay CLI on PATH. Install the reviewed package version withnpm i -g @mercuryo-ai/magicpay-cli@0.1.10 if missing.
magicpay init (orMAGICPAY_API_KEY in the environment). Sign up at
https://agents.mercuryo.io/signup.
magicpay attach .Core Flow
1. Preflight with magicpay status. If it reports a missing key, a
cliUpdate, or still fails after init (in which case run
magicpay doctor), follow the recovery rules in
references/workflow.md.
2. Attach to the prepared browser: magicpay attach .
3. Start a workflow session: magicpay start-session [name].
4. Discover the form: magicpay find-form. Pass
--purpose only to narrow discovery.
5. Resolve it for review: magicpay resolve-form .
MagicPay picks the request path (auto/confirm/provide) and fills the
target without submitting.
6. Confirm the exact site/merchant, action, and visible amount or data with
the user. If they approve the final action, submit only the freshly checked
protected form: magicpay submit-form .
- For protected actions that are not form-fills, use
magicpay run-action only after the
user approves the capability and params for this task.
7. After protected resolution β and after any meaningful re-observe by the
companion browser tool β run
magicpay resolve-fields for the remaining observed
non-secret targets. Auto-fill only matched results. Leave ambiguous
and no_match unresolved. Protected targets are excluded from this lane
automatically.
8. End the session: magicpay end-session once the protected step is
complete.
When the flow deviates β stale bindings, denied approvals, ambiguous forms, page changes mid-fill β consult references/workflow.md and references/statuses.md.
Ask-User Boundary
Ask the user only when:
ambiguous or no_match afterresolve-fields;
Operating Rules
MAGICPAY_API_KEY, ~/.magicpay/config.json, CDPmagicpay status as the normal readiness check; doctor is not aauto, confirm, provide)npm i -g @mercuryo-ai/magicpay-cli@0.1.10.
find-form after meaningful page changes instead of reusingmagicpay submit-form as manual recovery, not as the defaultrun-action for protected capabilities instead of turning them intoresolve-fields only with target refs from the latest observation.matched results from resolve-fields. Do not inventambiguous or no_match.
profile.facts() output into the prompt and guess whichresolve-fields decides.References
Open an extra reference only when it helps:
session_stop.
If a term (vault item, profile fact, fillRef, itemRef,
resolutionPath, session_stop, etc.) is unfamiliar, check the
MagicPay glossary.
For the exact security boundary β what "protected" guarantees and where that guarantee stops β see MagicPay SDK security model.
βοΈ Configuration
magicpay CLI on PATH. Install the reviewed package version withnpm i -g @mercuryo-ai/magicpay-cli@0.1.10 if missing.
magicpay init (orMAGICPAY_API_KEY in the environment). Sign up at
https://agents.mercuryo.io/signup.
magicpay attach .