openkrill

Enables AI agents to autonomously make micropayments via the x402 protocol for various services, handling wallet management and payment flows.

Install this skill

0/100

Security score

The openkrill skill was audited on May 22, 2026 and we found 41 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 37

Curl to non-GitHub URL

SourceSKILL.md

37	curl -s "https://api.cdp.coinbase.com/platform/v2/x402/discovery/resources?type=http&limit=50"

high line 67

Curl to non-GitHub URL

SourceSKILL.md

67	- Hit the x402 root URL for endpoint listing (e.g., `curl https://x402.browserbase.com/`)

medium line 76

Curl to non-GitHub URL

SourceSKILL.md

76	curl -s -X POST https://api.thirdweb.com/v1/wallets/server \

medium line 90

Curl to non-GitHub URL

SourceSKILL.md

90	curl -s -X POST "https://api.thirdweb.com/v1/payments/x402/fetch?url=https://x402.browserbase.com/browser/session/create&method=POST" \

medium line 155

Curl to non-GitHub URL

SourceSKILL.md

155	curl -s -X POST "https://api.thirdweb.com/v1/payments/x402/fetch?url=https://x402.browserbase.com/browser/session/create&method=POST" \

medium line 208

Curl to non-GitHub URL

SourceSKILL.md

208	DOMAIN=$(curl -s https://api.mail.tm/domains \| jq -r '.["hydra:member"][0].domain')

medium line 211

Curl to non-GitHub URL

SourceSKILL.md

211	curl -s -X POST https://api.mail.tm/accounts \

medium line 220

Curl to non-GitHub URL

SourceSKILL.md

220	TOKEN=$(curl -s -X POST https://api.mail.tm/token \

medium line 225

Curl to non-GitHub URL

SourceSKILL.md

225	curl -s https://api.mail.tm/messages -H "Authorization: Bearer $TOKEN"

medium line 228

Curl to non-GitHub URL

SourceSKILL.md

228	curl -s https://api.mail.tm/messages/MESSAGE_ID -H "Authorization: Bearer $TOKEN"

medium line 261

Curl to non-GitHub URL

SourceSKILL.md

261	curl -s "https://x402.org/facilitator/discovery/resources?type=http&limit=20"

medium line 264

Curl to non-GitHub URL

SourceSKILL.md

264	curl -s "https://api.cdp.coinbase.com/platform/v2/x402/discovery/resources?type=http&limit=20"

medium line 334

Curl to non-GitHub URL

SourceSKILL.md

334	curl -s https://x402.SERVICE.com/

medium line 337

Curl to non-GitHub URL

SourceSKILL.md

337	curl -s https://x402.browserbase.com/

medium line 344

Curl to non-GitHub URL

SourceSKILL.md

344	curl -s -I https://api.SERVICE.com/v1/x402/endpoint

medium line 351

Curl to non-GitHub URL

SourceSKILL.md

351	curl -s -i -X POST https://x402.SERVICE.com/endpoint \

low line 37

External URL reference

SourceSKILL.md

37	curl -s "https://api.cdp.coinbase.com/platform/v2/x402/discovery/resources?type=http&limit=50"

low line 67

External URL reference

SourceSKILL.md

67	- Hit the x402 root URL for endpoint listing (e.g., `curl https://x402.browserbase.com/`)

low line 76

External URL reference

SourceSKILL.md

76	curl -s -X POST https://api.thirdweb.com/v1/wallets/server \

low line 90

External URL reference

SourceSKILL.md

90	curl -s -X POST "https://api.thirdweb.com/v1/payments/x402/fetch?url=https://x402.browserbase.com/browser/session/create&method=POST" \

low line 106

External URL reference

SourceSKILL.md

106	"link": "https://thirdweb.com/pay?chain=8453&receiver=0x...&token=0x..."

low line 122

External URL reference

SourceSKILL.md

122	URL: `https://api.thirdweb.com/v1/payments/x402/fetch`

low line 144

External URL reference

SourceSKILL.md

144	x402 Endpoint: `https://x402.browserbase.com`

low line 155

External URL reference

SourceSKILL.md

155	curl -s -X POST "https://api.thirdweb.com/v1/payments/x402/fetch?url=https://x402.browserbase.com/browser/session/create&method=POST" \

low line 163

External URL reference

SourceSKILL.md

163	x402 Endpoint: `https://api.firecrawl.dev/v1/x402/search`

low line 190

External URL reference

SourceSKILL.md

190	Base URL: `https://api.mail.tm`

low line 208

External URL reference

SourceSKILL.md

208	DOMAIN=$(curl -s https://api.mail.tm/domains \| jq -r '.["hydra:member"][0].domain')

low line 211

External URL reference

SourceSKILL.md

211	curl -s -X POST https://api.mail.tm/accounts \

low line 220

External URL reference

SourceSKILL.md

220	TOKEN=$(curl -s -X POST https://api.mail.tm/token \

low line 225

External URL reference

SourceSKILL.md

225	curl -s https://api.mail.tm/messages -H "Authorization: Bearer $TOKEN"

low line 228

External URL reference

SourceSKILL.md

228	curl -s https://api.mail.tm/messages/MESSAGE_ID -H "Authorization: Bearer $TOKEN"

low line 261

External URL reference

SourceSKILL.md

261	curl -s "https://x402.org/facilitator/discovery/resources?type=http&limit=20"

low line 264

External URL reference

SourceSKILL.md

264	curl -s "https://api.cdp.coinbase.com/platform/v2/x402/discovery/resources?type=http&limit=20"

low line 277

External URL reference

SourceSKILL.md

277	npx ts-node scripts/discover-services.ts --facilitator "https://api.cdp.coinbase.com/platform/v2/x402"

low line 290

External URL reference

SourceSKILL.md

290	"resource": "https://x402.browserbase.com/browser/session/create",

low line 334

External URL reference

SourceSKILL.md

334	curl -s https://x402.SERVICE.com/

low line 337

External URL reference

SourceSKILL.md

337	curl -s https://x402.browserbase.com/

low line 344

External URL reference

SourceSKILL.md

344	curl -s -I https://api.SERVICE.com/v1/x402/endpoint

low line 351

External URL reference

SourceSKILL.md

351	curl -s -i -X POST https://x402.SERVICE.com/endpoint \

low line 378

External URL reference

SourceSKILL.md

378	- [x402 Protocol](https://x402.org)

low line 380

External URL reference

SourceSKILL.md

380	- [thirdweb x402 Documentation](https://portal.thirdweb.com/x402)

Scanned on May 22, 2026

View Security Dashboard

Installation guide →

GitHub Stars 9

Rate this skill

Categorymarketing

UpdatedJune 13, 2026

openclaw api growth-marketer product-marketer business-development marketing sales

Demerzels-lab/elsamultiskillagent