A.I. Smart Router
ReviewAudited by ClawScan on May 10, 2026.
Overview
The router mostly matches its stated purpose, but it silently delegates requests across providers and includes an under-specified Telegram approval channel that users should review before installing.
Before installing, confirm which providers may receive your prompts, enable routing visibility if you want transparency, review or disable the Telegram approval feature unless you know exactly where notifications go, and periodically check ~/.openclaw/router-state and ~/.openclaw/logs for retained routing data.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Routing details or parts of a request could be sent to Telegram without the user being able to verify the recipient or exact content from the provided artifacts.
This describes an automatic external approval/notification channel, but the supplied artifacts do not define the Telegram recipient, credentials, message contents, or redaction boundaries.
**HITL Gate** | Low-confidence (<75%) routing triggers Telegram notification for approval
Require explicit opt-in for Telegram HITL, document the required Telegram configuration, and state exactly what data is sent and how it is redacted.
Your request may be handled by a different model or sub-agent than the current session, including fallback models.
The skill prepares automatic sub-agent/model delegation via sessions_spawn. This is central to its purpose, but it changes which agent/model handles the user's request.
Execution Flow: 1. Router analyzes message → recommends model 2. If recommended ≠ current → Executor prepares delegation 3. sessions_spawn called with appropriate model
Use verbose routing or [show routing], and configure only the providers/models you are comfortable using.
Installing and configuring the skill gives it delegated access to the AI provider accounts you enable.
The router uses provider API keys or OpenClaw auth profiles to call multiple AI services. This is expected for the stated integration purpose.
| Anthropic | `ANTHROPIC_API_KEY` | `anthropic:default` | | OpenAI | `OPENAI_API_KEY` | `openai-codex:default` | | Google | `GOOGLE_API_KEY` | `google:manual` | | xAI | `XAI_API_KEY` | `xai:manual` |
Use least-privilege/provider-specific credentials, avoid enabling providers you do not want used, and rotate keys if you later remove the skill.
Model choices, failures, and routing metadata may remain on disk after conversations.
The skill persists router state and routing logs locally, then compacts or archives them. The snippets show routing metadata rather than full prompt logging, but retained state is still sensitive operational context.
ROUTER_STATE_DIR = Path(os.environ.get("ROUTER_STATE_DIR", os.path.expanduser("~/.openclaw/router-state")))
ROUTER_LOGS_DIR = Path(os.environ.get("ROUTER_LOGS_DIR", os.path.expanduser("~/.openclaw/logs")))Review the log/state directories, adjust retention if needed, and avoid enabling verbose logging for highly sensitive use.
It is harder to verify that the reviewed code matches an upstream project or trusted release.
The registry metadata does not provide a verified source or homepage, while the package includes multiple Python files and README instructions referencing a GitHub clone.
Source: unknown; Homepage: none
Install only from the reviewed ClawHub package or a source you trust, and verify version/source consistency before running helper code.