ZL-ClawPay
by @kevindagege
Use when users need to query sub-wallet binding status, bind sub-wallet, generate QR code, check payment status, query balance or transaction history. Trigge...
clawhub install zl-claw-payπ About This Skill
name: zl-claw-pay version: 1.0.0 description: | Use when users need to query sub-wallet binding status, bind sub-wallet, generate QR code, check payment status, query balance or transaction history. Trigger words: query sub-wallet, bind wallet, QR code, check balance, transaction records, payment status. Not applicable for: non-payment scenarios, batch operations, historical data export. author: zlpay Team license: MIT tags: - payment - wallet - finance skill_type: api execution_mode: llm_driven has_server: false has_install_scripts: true requires: - python>=3.6 security_level: high environment_variables: required: - ZLPAY_APP_ID - ZLPAY_GM_CLIENT_PRIVATE_KEY (or ZLPAY_GM_CLIENT_PRIVATE_KEY_PATH) - ZLPAY_GM_SERVER_PUBLIC_KEY (or ZLPAY_GM_SERVER_PUBLIC_KEY_PATH) optional: - ZLPAY_API_KEY (supports command line, interactive input, or request body) - ZLPAY_LOG_LEVEL
ZL Claw Pay Skill
ZL Pay Skill provides sub-wallet management, payment collection, and Token payment functions, building a dual-track payment system of "Fiat + Token".
Key Protocols
1. Never expose credentials: Do not display API Key, Wallet ID or any sensitive information in chat responses.
2. Explicit confirmation: Must ask for "yes/no" confirmation before executing payments.
*Format*: "I am about to send [amount] sat to [recipient/note]. Continue? (y/n)"
3. Check balance first: Verify balance before payment to prevent errors.
4. Always include QR code: When generating QR code: (a) display QR image, (b) output MEDIA: + qr_file path on same line. Never skip.
Execution Mode: LLM Driven
This Skill uses LLM-driven mode. The agent interacts with backend via command-line calls to skill.py.
Core Principles
skill.py commandscall for HTTP APIs and local interfacesCommand Format
# Unified calling method
python {baseDir}/scripts/skill.py call -interfaceId= [--param1=value1] ...
Command Design Principles:
call for all interface calls (HTTP and local)-key=value, data params via --key=value-interfaceId parameterInterface Types
| Type | Code | Command | Description |
|------|------|------|------|
| HTTP API | C prefix | call | Requires network request to backend |
| Local Interface | L prefix | call | Direct local storage operation |
Documentation Guide
When processing user requests, consult documents in this order:
1. Consult references\api-spec.md: Get interface codes, trigger keywords, guidance phrases, request/response parameters
2. Consult assets\request-examples.md: Get command-line calling examples
3. Execute command: Construct and execute commands according to documentation
CLI Command Examples
Local Interface (Query Binding Status):
python {baseDir}/scripts/skill.py call -interfaceId=L00001
HTTP API (Generate QR Code):
python {baseDir}/scripts/skill.py call -interfaceId=C00004 --amount=100
More examples in assets\request-examples.md.
Trigger Conditions
Activate when users need to handle payment-related business:
Not applicable for: non-payment scenarios, batch operations, historical data export.
Execution Steps
1. Consult interface documentation: Based on user intent, consult references\api-spec.md for interface codes and parameters
2. Consult calling examples: Get command format from assets\request-examples.md
3. Construct command: Use call command:
- Local interface (L prefix): call -interfaceId=L00001
- HTTP interface (C prefix): call -interfaceId=C00003
4. Execute command: Run the constructed command
5. Parse response: Process JSON response, extract success, data, _seq_id fields
6. Generate reply: Create user-friendly response based on result
Output Format
Success Response:
[Operation success description]
[Related business data display]
Failure Response:
[Error description]
[Suggested action]
QR Code Response (Must include):
Please scan the QR code to complete [amount] collection:MEDIA:[QR code file path]
Security Protocols
1. Never expose credentials: Do not display API Key, Wallet ID or sensitive info 2. Explicit confirmation: Must ask "yes/no" confirmation before payment 3. Pre-payment confirmation format: "I am about to [operation description]. Continue? (y/n)" 4. Sensitive info management: All sensitive info managed by OpenClaw Memory system
Detailed security specs in "Sensitive Information Management" section of references\api-spec.md.
Business Scenarios and Interface Mapping
| Scenario | Interface Code | Reference Document |
|------|---------|---------|
| Query binding status | L00001 | references\api-spec.md |
| Bind sub-wallet | C00003 | references\api-spec.md |
| Generate QR code | C00004 | references\api-spec.md |
| Query payment status | C00005 | references\api-spec.md |
| Query balance | C00006 | references\api-spec.md |
Document Index
| Document | Content |
|------|------|
| references\api-spec.md | Interface list, trigger keywords, guidance phrases, request/response parameters |
| assets\request-examples.md | Command-line calling examples |
Account System
Account Types
Usage Scenarios
Security Notes
Transport Security
Credential Management
API Key
-api-key=xxx
2. Request body parameter: api_key (e.g., bind_sub_wallet)
3. Environment variable: ZLPAY_API_KEY
4. Memory storage: saved after successful bind_sub_wallet
Wallet ID
~/.zlpay/state.json)wallet_****5678)Configuration Parameters (GM Keys, App ID, API URL, Encryption)
config/.env fileZLPAY_APP_ID, ZLPAY_GM_CLIENT_PRIVATE_KEY, ZLPAY_GM_SERVER_PUBLIC_KEY, ZLPAY_API_URLZLPAY_GM_ENABLE_ENCRYPTION (default: true)*_PATH variants) for key files with 600 permissionsData Masking
Sensitive info in responses is automatically masked:138****8000110101****1234Configuration
All settings are stored in config/.env:
ZLPAY_APP_ID, ZLPAY_GM_CLIENT_PRIVATE_KEY, ZLPAY_GM_SERVER_PUBLIC_KEYZLPAY_API_URL, ZLPAY_LOG_LEVELAPI Key: User provides during chat (stored in OpenClaw Memory, not in config file)
Local Files: Creates ~/.zlpay/ directory for state storage and logs (user-only permissions).
βοΈ Configuration
All settings are stored in config/.env:
ZLPAY_APP_ID, ZLPAY_GM_CLIENT_PRIVATE_KEY, ZLPAY_GM_SERVER_PUBLIC_KEYZLPAY_API_URL, ZLPAY_LOG_LEVELAPI Key: User provides during chat (stored in OpenClaw Memory, not in config file)
Local Files: Creates ~/.zlpay/ directory for state storage and logs (user-only permissions).