ClawHub

Model Audit Pro

v1.0.0

Monthly LLM stack audit — compare your current models against latest benchmarks and pricing from OpenRouter. Identifies potential savings, upgrades, and bett...

0· 530·0 current·0 all-time
by@aiwithabidi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description: audit LLM stack vs OpenRouter pricing. Declared requirement: OPENROUTER_API_KEY. The included script calls OpenRouter's models API, parses pricing, classifies models, and reads local openclaw.json to discover configured models — all coherent with the stated purpose.
Instruction Scope
SKILL.md instructs running scripts/model_audit.py. The script performs expected actions: HTTP GET to https://openrouter.ai/api/v1/models, reads openclaw.json from a small set of plausible locations (~/.openclaw and common container/root paths), and prints or emits JSON results. It does not transmit data to any unexpected third-party endpoints nor attempt arbitrary shell execution.
Install Mechanism
No install spec — instruction-only with a bundled Python script. Nothing is downloaded or installed automatically; the script runs with the environment and Python already present.
Credentials
Only required environment variable is OPENROUTER_API_KEY (declared as primary credential). No other secrets or unrelated credentials are requested. The script reads no other environment variables.
Persistence & Privilege
Skill is not always-enabled and does not modify other skills or system-wide config. It only reads local config files and makes outbound requests; it does not write persistent data or claim elevated privileges.
Assessment
This skill appears to do what it claims, but take standard precautions before running code from unknown publishers: (1) Only provide OPENROUTER_API_KEY if you trust the service and understand the API key's scope/billing implications. (2) Inspect openclaw.json in the paths the script checks — it may contain models or other config; ensure it contains no sensitive secrets you don't want the script to read. (3) Run the script in a non-root, network-restricted environment if you're cautious (the script will attempt outbound HTTP to openrouter.ai). (4) Because the full script is included, you can review it yourself (or run with --json) to confirm output before integrating. If you need higher assurance, verify the publisher (homepage, GitHub) and review recent updates or community feedback.

Like a lobster shell, security has layers — review code before you run it.

agxntsixvk97e521y41rfskxxa6qb7mgvbn8161xslatestvk97e521y41rfskxxa6qb7mgvbn8161xs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔬 Clawdis
EnvOPENROUTER_API_KEY
Primary envOPENROUTER_API_KEY

Comments