One API key for 70+ AI models. Route to GPT, Claude, Gemini, Qwen, Deepseek, Grok and more
Analysis
This appears to be a straightforward LLM gateway skill, but using it sends prompts or images through AIsa and uses an API key that may incur model charges.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.
for model in models: ... self.chat(model=model, messages=[{"role": "user", "content": message}], **kwargs)The comparison feature sends the same user message to each selected model. This is purpose-aligned, but it can multiply API calls and distribute the same content more broadly.
Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.
self.api_key = api_key or os.environ.get("AISA_API_KEY") ... "Authorization": f"Bearer {self.api_key}"The client reads the AIsa API key from the environment and sends it as an authorization bearer token. This is expected for the gateway, but it is still account-level API authority.
Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.
BASE_URL = "https://api.aisa.one/v1" ... payload = {"model": model, "messages": messages, "stream": stream}Chat payloads are posted to an external gateway. This is central to the skill's purpose, but prompts, system messages, and vision inputs may be processed outside the user's environment.