Omniclaw Cli Skill
by @abiorh001
Use this skill whenever an agent needs to pay for an x402 URL, transfer USDC to an address, inspect OmniClaw balances or ledger entries, or explicitly expose...
clawhub install omniclawπ About This Skill
name: omniclaw description: > Use this skill whenever an agent needs to pay for an x402 URL, transfer USDC to an address, inspect OmniClaw balances or ledger entries, or explicitly expose a paid endpoint for other agents or automation with omniclaw-cli serve. OmniClaw is the Economic Execution and Control Layer for Agentic Systems. The CLI is the zero-trust execution layer for agents. Use this skill for the CLI execution path only, not for vendor SDK integration, owner setup, policy editing, wallet provisioning, or Financial Policy Engine administration. metadata: '{"openclaw":{"requires":{"bins":["omniclaw-cli"],"env":["OMNICLAW_SERVER_URL","OMNICLAW_TOKEN"]},"primaryEnv":"OMNICLAW_TOKEN","required_env":["OMNICLAW_SERVER_URL","OMNICLAW_TOKEN"],"optional_env":["OMNICLAW_OWNER_TOKEN"],"required_secrets":["OMNICLAW_TOKEN"],"optional_secrets":["OMNICLAW_OWNER_TOKEN"],"required_binaries":["omniclaw-cli"],"network_access":"required","data_access":"payment URLs, recipient addresses, balances, ledger entries, and paid endpoint responses only when requested","security_notes":"Requires a trusted OmniClaw Financial Policy Engine URL and scoped agent token. OMNICLAW_OWNER_TOKEN is optional and must only be provided intentionally for owner approvals. omniclaw-cli serve binds to 0.0.0.0 and --exec runs a host command, so serve/--exec must only be used after an explicit owner request, preferably inside an isolated runtime."}}' requires: - env: OMNICLAW_SERVER_URL description: > OmniClaw Financial Policy Engine base URL. Required unless the CLI was already persisted in local CLI config before the agent turn. - env: OMNICLAW_TOKEN description: > Scoped agent token. Never print, log, or transmit it. If missing, stop and notify the owner. version: 0.0.8 author: Omnuron AI
OmniClaw CLI Skill
Trigger
Use omniclaw-cli only when the task is directly about one of these actions:
402 Payment Requiredserve, only when the owner explicitly asks for itDo not use this skill for:
Core Model
OmniClaw is not just a wallet wrapper. It is the economic execution and control layer that combines:
This skill is specifically about the CLI execution surface.
The same CLI has two agent-side economic roles:
omniclaw-cli payomniclaw-cli serveVendor and enterprise seller APIs should use the Python SDK with client.sell(...), not this CLI skill.
The agent does not control the private key. The Financial Policy Engine enforces policy and signs allowed actions.
Dependency and Credential Contract
The runtime must have:
omniclaw-cli installed from the official OmniClaw packageOMNICLAW_SERVER_URL pointing to the trusted Financial Policy EngineOMNICLAW_TOKEN scoped to the agent wallet/policyOptional:
OMNICLAW_OWNER_TOKEN, only when the owner intentionally grants approval authority for this runNever print tokens, write tokens into generated files, or pass tokens to third-party services.
Inputs The Agent Should Expect
The runtime should normally provide either:
1. environment-driven execution
OMNICLAW_SERVER_URLOMNICLAW_TOKENOMNICLAW_OWNER_TOKEN if this run is allowed to approve confirmations2. persisted CLI config
omniclaw-cli configure was already run before the turnIf neither is true, stop and ask the owner for:
Do not invent or search for them yourself.
Safe Default Workflow
For any new spend
1. Run omniclaw-cli status if connectivity or health is uncertain.
2. Run omniclaw-cli balance-detail if Gateway balance matters.
3. Run omniclaw-cli can-pay --recipient ... before paying a new recipient.
4. Use --idempotency-key for job-based payments.
5. For direct-address payments where budget/guards matter, use simulate first.
For x402 URLs
1. Run omniclaw-cli inspect-x402 --recipient before the first live payment to confirm the seller requirements and buyer funding path.
2. Use omniclaw-cli pay --recipient .
3. Add --method, --body, and --header when the paid endpoint expects a non-GET request.
4. Add --output if the paid response should be saved.
For direct address transfers
1. Use omniclaw-cli pay --recipient <0xaddress> --amount .
2. Always include --purpose.
For agent-run seller tasks
1. Inspect current state with balance-detail.
2. Confirm the owner explicitly asked this agent to expose a paid endpoint.
3. Start the paid endpoint with omniclaw-cli serve only for the approved endpoint, price, command, and port.
4. Remember that serve binds to 0.0.0.0 even if the banner prints localhost.
Serve Safety Rules
omniclaw-cli serve is powerful because it starts a network-accessible service and requires --exec.
Rules:
serve unless the owner explicitly requested a seller endpoint in the current task--exec command--exec for shell pipelines, downloads, package installs, destructive commands, or credential accessserveApproval Handling
If pay returns approval-required output, for example:
requires_confirmation: trueconfirmation_id: ...Then:
omniclaw-cli confirmations approve --id Stop Conditions
Stop and notify the owner if any of these happen:
can-pay says the recipient is blockedpay returns a policy or guard rejectionserve is requested without an explicit owner instructionserve --exec is requested but the command is not supplied or approved by the ownerCommand Reference
For exact command schemas, flags, and live help output, read:
references/cli-reference.mdDo not guess flags from memory when a reference is available.