ClawHub

Token Usage Dashboard

v1.0.0

Use CodexBar CLI local cost usage to summarize per-model usage for Codex or Claude, including the current (most recent) model or a full model breakdown. Trig...

0· 105·2 current·2 all-time
by@bkes994408-cmd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (token usage dashboard) match the actual code and requirements: scripts call the CodexBar CLI, parse its local cost JSON, and build a dashboard. Required binary is only 'codexbar' and the SKILL.md/install specify the brew formula to provide it.
Instruction Scope
Runtime instructions and scripts invoke 'codexbar cost' (or accept a JSON file/stdin) and parse daily rows and per-call records including llmCalls/prompts. This is expected for a dashboard but means the tool will process local LLM session data (potentially including prompt text). No unexpected network exfiltration or external endpoints are invoked in the provided code; example configs contain webhook URLs but README states active dispatch is not implemented.
Install Mechanism
Install uses a brew formula from the steipete/tap tap. Installing a third-party Homebrew tap is a reasonable delivery mechanism for a macOS CLI, but it is a less-reviewed source than an official/homebrew-core package — verify the tap and formula before installing.
Credentials
No environment variables, credentials, or config paths are required by the skill itself. The code relies on CodexBar to read local logs (as documented). The set of requested access (codexbar CLI and optional input JSON files) is proportionate to the stated purpose.
Persistence & Privilege
Skill is not always-enabled and uses normal invocation. It does not request elevated system privileges or modify other skills. It runs local scripts and may open a browser to show generated HTML; nothing indicates persistent or escalated privileges.
Assessment
This package appears to do what it says: it runs the CodexBar CLI (or ingests an exported JSON) and builds a local dashboard. Before installing or running it: 1) Inspect the brew tap (steipete/tap) and the codexbar formula to ensure you trust that source. Adding a third‑party Homebrew tap can install arbitrary code. 2) Be aware the dashboard parses local LLM session logs (via CodexBar) and llmCalls can include raw prompt text — treat outputs and any generated summary files as sensitive. 3) Example alert configs include webhook URLs, but active dispatch is reportedly not implemented; nonetheless, check any alert/config you provide so you don't accidentally post sensitive data to external webhooks. 4) If you need to be extra cautious, run the scripts on exported JSON copies (not on live logs) in a controlled environment and review code before executing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ch7mss5h2f6trdp9j4vj0ms8328z4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📊 Clawdis
OSmacOS
Binscodexbar

Install

Install CodexBar (brew cask)
Bins: codexbar
brew install steipete/tap/codexbar

Comments