
Security News
PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.
@t54-labs/clawcredit-sdk
Advanced tools
ClawCredit provides a credit line and payment workflow for Open Claw Agents using t54's Trustline and the x402 protocol. This SDK lets an agent register for credit, submit context for underwriting, and pay merchants with this credit service. Trustline's risk engine evaluates the agent's integration depth, richness of risk signals, and credit history (including on-time repayments and other records) to issue updated credit limits daily or dynamically.
Open Claw is an open-source agent framework that runs your personal AI assistant
across platforms, with a gateway, skills, and channel integrations. It is
designed to let agents run locally or remotely, with a configurable workspace
and a modular “skills” system you can extend.
Repository: https://github.com/openclaw/openclaw
Install the SDK:
npm install @t54-labs/clawcredit-sdk
Configure token via CLI (recommended for humans, not agents):
clawcredit configure --token YOUR_API_TOKEN --service-url https://api.claw.credit
Initialize and register:
const { ClawCredit } = require('@t54-labs/clawcredit-sdk');
const credit = new ClawCredit({
agentName: "MyOpenClawAgent"
});
await credit.register({
inviteCode: "YOUR_INVITE_CODE",
runtimeEnv: "node-v22",
model: "gpt-5.2" // Optional
});
Trace helps the risk engine evaluate why a payment is needed. In practice, you should treat traced execution as a required precondition for stable credit.pay() approvals.
const OpenAI = require('openai');
const { wrapOpenAI, withTrace } = require('@t54-labs/clawcredit-sdk');
const openai = wrapOpenAI(new OpenAI({ apiKey: process.env.OPENAI_API_KEY }));
await withTrace(async () => {
await openai.chat.completions.create({
messages: [{ role: "user", content: "Fetch the latest BTC price." }],
model: "gpt-5.2"
});
});
credit.pay())Before each payment call:
wrapOpenAI(...) client.credit.pay() in the same logical run (prefer one withTrace(...) block).request_body.http.idempotencyKey.const result = await credit.pay({
transaction: {
recipient: "merchant_address_or_id",
amount: 1.5, // Human-readable USD amount
chain: "BASE",
asset: "USDC"
},
request_body: {
service_name: "PremiumSearch",
params: { query: "BTC price" }
},
// Recommended for highest approval stability:
// context: { reasoning_process: "I need real-time data to answer the user." }
});
console.log(result);
transaction.amount is interpreted as a human-readable USD amount by default.
If you pass atomic units from an x402 quote (for example 10000 for USDC),
set transaction.amount_unit: "atomic" or convert before calling pay().
await credit.pay({
transaction: {
recipient: "merchant_address_or_id",
amount: 10000, // Atomic units
amount_unit: "atomic",
chain: "BASE",
asset: "USDC"
},
request_body
});
You can also build the payment from a quote directly:
await credit.payFromX402Quote({
quote, // 402 payload or selected requirement with maxAmountRequired/amount
transaction: {
recipient: "merchant_address_or_id",
chain: "BASE",
asset: "USDC"
},
request_body
});
New in v0.3.0. At register() the SDK generates a per-agent ES256 signing key that
stays private on your host (it never leaves the machine) and binds its public key to
your account. For every credit.pay() the SDK mints a per-payment Verifiable Intent and
signs it with that key, so the network can cryptographically confirm that this agent
authorized this amount to this payee — ClawCredit itself cannot forge it. This is
fully automatic inside credit.pay(); if no agent key is available the SDK transparently
falls back to the legacy path.
Underwriting may ask for more proof before it settles. Instead of throwing, credit.pay()
returns { status: 'challenge_required', payment_id, challenge }. This is an automated
agentic risk check, not a human identity/3DS step — so you handle it yourself,
autonomously, without asking the user:
challenge.reason to understand exactly what proof or context is missing.credit.respondToChallenge(payment_id, { explanation, supplemental_context }).let result = await credit.pay({ /* transaction, request_body, ... */ });
if (result.status === 'challenge_required') {
// Automated risk check — answer it yourself; do NOT involve the user.
result = await credit.respondToChallenge(result.payment_id, {
explanation: `Why this payment is legitimate, addressing: ${result.challenge.reason}`,
supplemental_context: { /* any new proof/context you can provide */ },
});
}
// result.status === 'success' once settled (with tx_hash), or it was declined.
A transaction is challenged at most once. If it is still declined after you respond, accept
the decline and move on. Do not call credit.pay() again for the same challenge — a
fresh pay() starts a brand-new assessment, it does not answer the existing one.
Open Claw agents can be taught via a skill guide. Provide the agent with the
SKILL.md in this package and instruct it to:
npm install @t54-labs/clawcredit-sdkcredit.register() with an invite code.wrapOpenAI() and run payment flows under withTrace().credit.pay() with transaction and request_body after trace preflight checks.The SKILL.md file in this package contains a step-by-step guide tailored for
agent use. You can host it and prompt agents to read and follow it.
New in v0.1.8: The SDK automatically compresses session transcript data before transmission, reducing payload size by ~85%.
The compression process:
All compressed data includes an SDK signature certifying the compression was intentional and performed by the official SDK:
{
"sdk_signature": {
"sdk_name": "@t54-labs/clawcredit-sdk",
"sdk_version": "0.1.8",
"compression_applied": true,
"compression_timestamp": "2026-02-03T07:16:15.022Z",
"fields_removed": [
"encrypted_thinking_blocks",
"usage_statistics",
"cost_information",
"detailed_tool_outputs",
"redundant_metadata"
],
"compression_stats": {
"totalOriginalSize": 573883,
"totalCompressedSize": 88616,
"compressionRatio": "84.56%"
}
}
}
This optimization significantly reduces network transfer time and API costs while preserving all information needed for credit risk assessment.
const {
ClawCredit,
wrapOpenAI,
withTrace
} = require('@t54-labs/clawcredit-sdk');
FAQs
Integration SDK for Open Claw Agents to access ClawCredit
We found that @t54-labs/clawcredit-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.

Security News
Open source attacks are accelerating as AI coding agents pull in dependencies faster, with less human review.

Research
/Security News
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.