Pay-per-call API gateway skill — calls 63 APIs (LLMs, image/video gen, flights, hotels, crypto, web search) via x402 micropayments. Each call costs $0.001-$0...
---
name: x402engine
description: Pay-per-call API gateway skill — calls 63 APIs (LLMs, image/video gen, flights, hotels, crypto, web search) via x402 micropayments. Each call costs $0.001-$0.60 in USDC/USDm, enforced by a local policy engine with spend caps.
version: 1.3.2
metadata:
openclaw:
requires:
env:
- EVM_PRIVATE_KEY
bins:
- node
primaryEnv: EVM_PRIVATE_KEY
emoji: "⚡"
homepage: https://x402engine.app
install:
- kind: node
package: "@x402/fetch"
bins: []
- kind: node
package: "@x402/evm"
bins: []
- kind: node
package: "viem"
bins: []
---
# x402engine
Call 63 paid APIs via x402 micropayments. Each API call costs between $0.001 and $0.60, paid with USDC on Base/Solana or USDm on MegaETH.
## What this skill does
This skill signs and submits stablecoin micropayments to call remote APIs on the user's behalf. It uses the EVM_PRIVATE_KEY environment variable to sign on-chain payment transactions. Each call deducts a small amount from the wallet.
**Cost transparency:** When presenting results, include the cost of the call (e.g. "Bitcoin is $97,500 (cost: $0.001)"). If the user asks about spending, show full budget breakdown.
## Triggers
- "what's the price of bitcoin"
- "ethereum price"
- "show me trending crypto"
- "generate an image of a sunset"
- "run this python code"
- "transcribe this audio"
- "wallet activity of vitalik.eth"
- "ask gpt to explain x402"
- "scrape this url"
- "pin this to ipfs"
- "resolve vitalik.eth"
- "flights from JFK to LAX"
- "search hotels in Paris"
- "find cheap flights to Tokyo"
- "how much budget is left"
- "list available services"
## How it works
1. Fetch cached service catalog from discovery endpoint (default: https://x402engine.app/.well-known/x402.json).
2. Score query against 63 service descriptions to find best match.
3. Run policy preflight — check per-tx caps, daily caps, and recipient allowlist before signing.
4. Call service via @x402/fetch — handles 402 payment flow automatically.
5. Return structured data to the agent for natural-language presentation.
## Rules
- Present results naturally. Include the cost of each call so the user knows what was spent.
- If a payment fails due to insufficient funds, tell the user: "I need funds to access this service. Add USDC to your wallet to continue."
- If no matching service is found, say so plainly — don't expose internal routing details.
- Policy limits are authoritative — do not bypass spend caps or recipient allowlists.
- Keep all decisions explainable with reason codes internally.
## Security
### Required credential
- **EVM_PRIVATE_KEY** (required) — signs payment transactions. Use a dedicated wallet with limited funds — never your primary wallet. If not set, an ephemeral key is generated (no real funds, no payments possible).
### Optional configuration
These environment variables are NOT required. They provide additional controls:
- **EVM_PRIVATE_KEY_FILE** — alternative to EVM_PRIVATE_KEY; reads the key from a file instead of an env var. Use one or the other, not both.
- **X402_POLICY_PATH** — path to a JSON policy file. Defines per-transaction caps, daily spending limits, and a recipient allowlist. Without this, no spending limits are enforced beyond the wallet's on-chain balance. When configured, the engine is fail-closed: if the file is missing or invalid, all payments are denied.
- **X402_STATE_PATH** — path to a JSON file tracking daily spend and rate-limit state. Defaults to `.x402engine-state.json`.
- **X402_DISCOVERY_URL** — override the service catalog URL (default: `https://x402engine.app/.well-known/x402.json`). Use a self-hosted catalog if you don't trust the default.
- **X402_AUTOPREFLIGHT** — set to `false` to skip policy preflight checks. Enabled by default.
- **X402_DISCOVERY_REFRESH_MS** — cache TTL for the service catalog in milliseconds.
### How payments work
All payments go to the `payTo` address declared in the service catalog. The catalog is fetched from the discovery URL above. If you want to restrict which addresses can receive payments, configure a policy file with a recipient allowlist.
## Budget check
When the user asks "how much budget is left" or similar:
- Load policy and state files.
- Show daily cap remaining per chain/asset if caps are enabled.
- Show rate limit status.
- Show wallet balance.
## Dependencies
This skill requires Node.js and the following npm packages (declared in package.json):
- `@x402/fetch` — x402 payment-aware fetch wrapper
- `@x402/evm` — EVM payment scheme (Permit2 signatures)
- `viem` — Ethereum client library
Install with: `cd skills/x402engine && npm install`
## Reason Codes
- `POLICY_MISSING`, `POLICY_INVALID`
- `CHAIN_DENIED`, `ASSET_DENIED`, `RECIPIENT_DENIED`
- `PER_TX_EXCEEDED`, `DAILY_CAP_EXCEEDED`, `RATE_LIMITED`
- `ACTION_DENIED`
- `SERVICE_NOT_FOUND`
- `WALLET_UNDERFUNDED`
don't have the plugin yet? install it then click "run inline in claude" again.
this skill signs and submits stablecoin micropayments to call remote APIs on the user's behalf. it routes queries against 63 available services (llms, image/video generation, flight/hotel search, crypto data, web search, code execution, audio transcription, dns resolution, ipfs pinning), matches the best service, runs a policy preflight check, and executes the call with automatic payment handling via x402 on-chain transactions. use this when you need to access a paid api and want charges deducted from a dedicated evm wallet in real time. costs range from $0.001 to $0.60 per call in usdc on base/solana or usdm on megaeth.
{perTxCap, dailyCaps: {[chain/asset]: limit}, recipientAllowlist: [addresses]}..x402engine-state.json. file is created if missing.https://x402engine.app/.well-known/x402.json. points to a json file with 63 service definitions (name, description, pricing, payTo address, chain, asset, endpoint).false to skip policy checks before signing. enabled by default.install: cd skills/x402engine && npm install
Fetch and cache service catalog: call X402_DISCOVERY_URL (default: https://x402engine.app/.well-known/x402.json). cache result for X402_DISCOVERY_REFRESH_MS milliseconds. if fetch fails, retry with exponential backoff (3 retries, 2s/4s/8s). if all retries fail, return error: "service discovery unavailable; cannot route query".
Match query to best service: score the user's query against all 63 service descriptions using semantic matching (embedding distance or keyword overlap). rank by relevance. select top match. if score is below confidence threshold (e.g. <0.6), return "no matching service found for your query".
Load policy and state files: if X402_POLICY_PATH is set, parse the json file. if file is missing or invalid json, deny all payments with reason code POLICY_INVALID. load X402_STATE_PATH (create if missing). extract today's date, look up daily spend per chain/asset, and current rate-limit counters.
Run policy preflight checks (unless X402_AUTOPREFLIGHT is false):
PER_TX_EXCEEDED.DAILY_CAP_EXCEEDED.RECIPIENT_DENIED.WALLET_UNDERFUNDED.Construct payment request: extract from matched service: endpoint url, payTo address, chain, asset, and expected cost. load EVM_PRIVATE_KEY or read from EVM_PRIVATE_KEY_FILE. prepare permit2 approval data (if needed) and payment intent.
Sign and submit transaction: use @x402/evm to sign a permit2 transaction authorizing the payment. broadcast to the appropriate evm rpc (base, solana, or megaeth). wait for on-chain confirmation (polling with 5 second intervals, timeout after 60 seconds). if broadcast fails due to insufficient gas, return "transaction failed: insufficient gas funds on [chain]". if confirmation times out, return "transaction pending; check wallet history".
Call remote api: use @x402/fetch with the signed transaction intent. send http request (get/post) to the service endpoint with user query params. @x402/fetch will handle 402 payment required responses by resubmitting with the signed intent. capture response. on http error (4xx/5xx), return the error message plainly. on network timeout (>30s), retry up to 2 times with exponential backoff before failing.
Update state file: increment X402_STATE_PATH daily spend counter for the chain/asset by the call cost. increment rate-limit counter if applicable. persist the updated state.
Format and return result: parse the api response. return structured data (json object with result, cost, chain, asset, timestamp, service name). do not strip the cost from the output.
if EVM_PRIVATE_KEY and EVM_PRIVATE_KEY_FILE are both set: deny all payments with reason code ACTION_DENIED and message "only one of EVM_PRIVATE_KEY or EVM_PRIVATE_KEY_FILE may be set".
if neither EVM_PRIVATE_KEY nor EVM_PRIVATE_KEY_FILE is set: generate an ephemeral secp256k1 key. allow read-only catalog queries and budget checks, but deny all payments with message "no private key configured; payments disabled".
if X402_POLICY_PATH is set but file is missing or invalid json: deny all payments with reason code POLICY_INVALID and message "policy file missing or malformed; payments denied".
if X402_POLICY_PATH is not set: enforce only on-chain balance limits. all policy preflight checks pass. spend tracking in state file is optional.
if X402_AUTOPREFLIGHT is explicitly false: skip all policy checks (reason codes, cap validation, allowlist checks). proceed directly to signing if wallet balance is sufficient.
if policy preflight check fails: return denial reason code and human-readable message (e.g. "daily spending limit exceeded for usdc on base: $5.00/day, already spent $4.99"). do not attempt to sign or broadcast transaction.
if service discovery returns stale or corrupted catalog (malformed json, duplicate service ids, missing required fields): log the error, continue using the last valid cached version if available. if no cache exists, return "service catalog unavailable".
if the matched service has cost > 0 but user's query does not require payment (e.g. user asks "what services are available"): route to a free internal service list instead of calling the paid service.
if broadcast transaction fails due to nonce collision or mempool rejection: retry up to 1 time with a fresh nonce. if retry fails, return "transaction rejected by network; insufficient network capacity or nonce conflict".
if api response is successful but missing expected fields: return the raw response with a warning: "[service name] returned incomplete data".
if user asks "how much budget is left" or similar budget query: load policy and state. return a structured budget report: per-chain daily cap remaining, wallet balance, rate-limit status, timestamp. do not call any paid service.
if api call cost is not declared in the service catalog: use a conservative estimate ($0.01) and mark the result with a cost uncertainty flag: cost_estimated: true.
all results are returned as a json object with the following structure:
{
"success": boolean,
"service": "service name (e.g.,