ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

RelayPlane

Agent ops layer for OpenClaw — observability, governance, and cost optimization with automatic failover. Never breaks your setup.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
5 · 2.5k · 3 current installs · 3 all-time installs
by@RelayPlane
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to be an optional local proxy that routes and governs LLM calls — that reasonably explains the npm CLI and proxy commands in SKILL.md. However, README.md and SKILL.md give inconsistent guidance (README recommends setting provider BASE_URL env variables to point at the proxy; SKILL.md explicitly warns against doing that). Also the registry metadata flags (model-invocable/defaults) differ from SKILL.md's internal metadata. These inconsistencies make it unclear which behavior the skill actually expects from an integrator.
!
Instruction Scope
SKILL.md asks you to install and run a global npm package and to run a local proxy which will receive agent traffic. The README explicitly shows examples that would 'hijack' all traffic by setting provider BASE_URL envs — a configuration the SKILL.md warns against. That contradiction is important: one configuration (env exports) will route all traffic through the proxy without an OpenClaw circuit-breaker/fallback and could cause a single point of failure or unexpected interception of all prompts. The instructions also describe process management and automatic spawning, but as an instruction-only skill there's nothing in the registry to verify how that integration is implemented.
Install Mechanism
There is no registry install spec, but SKILL.md instructs users to run `npm install -g @relayplane/proxy`. Installing a third-party global npm CLI is a normal delivery mechanism for a proxy/CLI but is moderate risk because it executes arbitrary code from npm. The skill provides links (npm, GitHub, docs), so you can inspect the package sources, but the registry itself does not include code to audit.
!
Credentials
The registry declares no required env vars or credentials, yet README and SKILL.md reference provider API keys and (contradictory) base URL environment variables (e.g., ANTHROPIC_BASE_URL, OPENAI_BASE_URL). The SKILL.md warns not to set BASE_URL envs, while the README demonstrates doing exactly that — this mismatch may lead users to accidentally configure the proxy in a way that intercepts all traffic or disables fallback behavior. Telemetry is mentioned (opt-out and --offline flags) but no explicit explanation of what anonymous data is sent is present.
!
Persistence & Privilege
Registry-level flags say model invocation is allowed by default, but SKILL.md metadata sets disableModelInvocation: true (not model-invocable). This mismatch is important: if the skill or CLI can be invoked autonomously (or run as a background process), it increases blast radius. The skill itself recommends installing a global CLI and a managed proxy which could run as a long-lived local process and optionally send telemetry. Those behaviors are expected for a proxy but should be clearly documented and controlled; the current docs are inconsistent about autonomous invocation and safe defaults.
What to consider before installing
Before installing or enabling this skill: 1) Do not blindly run `npm install -g` for packages you haven't audited — review the package source on the linked GitHub and the published npm package contents. 2) Clarify the README vs SKILL.md contradiction about setting provider BASE_URL env vars — if you point provider base URLs at a local proxy without a circuit-breaker, you risk a single point of failure and having all prompts routed through that process. 3) Confirm the telemetry defaults: test `relayplane-proxy --offline` or `telemetry off` before sending traffic to it, and verify what anonymous metrics are actually transmitted. 4) Ask the maintainer to reconcile the registry metadata vs SKILL.md (is model invocation disabled or allowed?). 5) If you proceed, run the CLI in an isolated environment (container or VM) and validate its behavior (circuit-breaker/fallback to direct provider) before enabling it for production agents.

Like a lobster shell, security has layers — review code before you run it.

Current versionv4.1.0
Download zip
aivk970mtn39gf3rf4s5mj8dt2vbs80ejcganthropicvk970mtn39gf3rf4s5mj8dt2vbs80ejcgcost-optimizationvk970mtn39gf3rf4s5mj8dt2vbs80ejcglatestvk97etffvtbsak35rsjg7aaqvjx82vp12llmvk970mtn39gf3rf4s5mj8dt2vbs80ejcgopenaivk970mtn39gf3rf4s5mj8dt2vbs80ejcgproxyvk970mtn39gf3rf4s5mj8dt2vbs80ejcg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔀 Clawdis

SKILL.md

RelayPlane

OpenRouter routes. RelayPlane observes, governs, and learns.

Agent ops for OpenClaw power users. Your agents make hundreds of API calls per session — RelayPlane gives you visibility, cost control, and governance over all of them.

What It Does

RelayPlane is an optional optimization layer that sits in your agent's request pipeline. It routes simple tasks to cheaper models, enforces budgets, and logs everything — with automatic fallback to direct provider calls if anything goes wrong.

Key principle: RelayPlane is never a dependency. If the proxy dies, your agents keep working. Zero downtime, guaranteed.

Installation

npm install -g @relayplane/proxy@latest

Quick Start

# 1. Start the proxy (runs on localhost:4100 by default)
relayplane-proxy

# 2. Add to your openclaw.json:
#    { "relayplane": { "enabled": true } }

# 3. That's it. OpenClaw routes through RelayPlane when healthy,
#    falls back to direct provider calls automatically.

⚠️ Important: Do NOT Set BASE_URL

Never do this:

# ❌ WRONG — hijacks ALL traffic, breaks OpenClaw if proxy dies
export ANTHROPIC_BASE_URL=http://localhost:4100

Instead, use the config approach:

// ✅ RIGHT — openclaw.json
{
  "relayplane": {
    "enabled": true
  }
}

The config approach uses a circuit breaker — if the proxy is down, traffic goes direct. The BASE_URL approach has no fallback and will take down your entire system.

Architecture

Agent → OpenClaw Gateway → Circuit Breaker → RelayPlane Proxy → Provider
                                   ↓ (on failure)
                              Direct to Provider
  • Circuit breaker: 3 consecutive failures → proxy bypassed for 30s
  • Auto-recovery: Health probes detect when proxy comes back
  • Process management: Gateway can spawn/manage the proxy automatically

Configuration

Minimal (everything else has defaults):

{
  "relayplane": {
    "enabled": true
  }
}

Full options:

{
  "relayplane": {
    "enabled": true,
    "proxyUrl": "http://127.0.0.1:4100",
    "autoStart": true,
    "circuitBreaker": {
      "failureThreshold": 3,
      "resetTimeoutMs": 30000,
      "requestTimeoutMs": 3000
    }
  }
}

Commands

CommandDescription
relayplane-proxyStart the proxy server
relayplane-proxy statsView usage and cost breakdown
relayplane-proxy --port 8080Custom port
relayplane-proxy --offlineNo telemetry
relayplane-proxy --helpShow all options

Programmatic Usage (v1.3.0+)

import { RelayPlaneMiddleware, resolveConfig } from '@relayplane/proxy';

const config = resolveConfig({ enabled: true });
const middleware = new RelayPlaneMiddleware(config);

// Route a request — tries proxy, falls back to direct
const response = await middleware.route(request, directSend);

// Check status
const status = middleware.getStatus();
console.log(middleware.formatStatus());

Advanced: Full Agent Ops Proxy

import { createSandboxedProxyServer } from '@relayplane/proxy';

const { server, middleware } = createSandboxedProxyServer({
  enableLearning: true,    // Enable pattern detection
  enforcePolicies: true,   // Enforce budget/model policies
  relayplane: { enabled: true },  // Circuit breaker wrapping
});

await server.start();
// All three pillars active: Observes + Governs + Learns
// Circuit breaker protects against proxy failures

What's New in v1.4.0

Three Pillars — All Integrated:

  • Observes (Learning Ledger) — every run captured, full decision explainability
  • Governs (Policy Engine) — budget caps, model allowlists, approval gates
  • Learns (Learning Engine) — pattern detection, cost suggestions, rule management

Sandbox Architecture (v1.3.0+):

  • Circuit breaker — automatic failover, no more system outages
  • Process manager — proxy runs as managed child process
  • Health probes — active recovery detection
  • Stats & observability — p50/p95/p99 latencies, request counts, circuit state

Learning Engine Endpoints (v1.4.0):

  • GET /v1/analytics/summary — analytics with date range
  • POST /v1/analytics/analyze — detect patterns, anomalies, generate suggestions
  • GET /v1/suggestions — list pending suggestions
  • POST /v1/suggestions/:id/approve / reject — suggestion workflow
  • GET /v1/rules — active rules
  • GET /v1/rules/:id/effectiveness — is this rule helping?

Privacy

  • Your prompts stay local — never sent to RelayPlane servers
  • Anonymous telemetry — only token counts, latency, model used
  • Opt-out anytimerelayplane-proxy telemetry off
  • Fully offline moderelayplane-proxy --offline

Links

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…