Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
api-cost-tracker
v1.0.0Track, analyze, and optimize AI API costs across OpenAI, Anthropic, OpenRouter, Google, and other LLM providers. Parses billing data, usage logs, or API resp...
⭐ 0· 23·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (API cost tracking, multi-provider) align with the included Python script which parses provider exports, normalizes entries, computes costs, and generates reports. However, the SKILL.md and provider table explicitly mention auto-detection from environment API keys (OPENAI_API_KEY, ANTHROPIC_API_KEY, etc.) while the package lists no required env vars and the visible code parses files only — this mismatch is unexplained and could be either a documentation error or an unshown code path that reads credentials.
Instruction Scope
Runtime instructions and Quick Start examples focus on local file analysis (CSV/JSON) and producing reports. The script portions shown parse files and do not contain obvious data-exfiltration steps or external endpoints. Still, the SKILL.md suggests 'analyze from environment' and 'API responses', and the rest of the script (truncated) may include API callers; that would expand scope. At present there is no instruction to read unrelated system files or to transmit data elsewhere.
Install Mechanism
No install spec is provided and the skill is instruction/code-only. Nothing in the manifest indicates downloads or archive extraction, so the install risk is low (the only artifact is the bundled Python script).
Credentials
The SKILL.md references provider API keys for auto-detection, but requires.env is empty and the visible code does not read environment credentials. This discrepancy is notable: if full script includes paths that read API keys or call provider APIs, requesting those credentials would be proportionate; as-is, the declared environment access is absent and unclear.
Persistence & Privilege
Skill does not request always:true, does not declare any persistent system hooks, and the visible code appears to operate transiently on provided files and produce outputs. There is no evidence it modifies other skills or agent-wide configuration.
What to consider before installing
This skill appears to be a local billing/usage analyzer and is largely coherent, but there are inconsistencies you should resolve before trusting it with real billing data or API keys:
- Inspect the full scripts for network activity: search for imports or uses of requests, urllib, http.client, socket, or subprocess; if present, review where data is sent and to which endpoints.
- Confirm whether the 'auto' mode actually reads API keys from the environment or calls provider APIs. The docs mention keys (OPENAI_API_KEY, etc.) but the manifest lists none — ask the author or open the full code to verify.
- Test first on non-sensitive, synthetic billing exports to confirm behavior and outputs.
- If you must provide API keys for auto-fetching, only do so after verifying the code path that uses them and ideally run the script in a restricted environment (isolated VM or container) to limit exposure.
- If you want higher assurance, request the author to declare required env vars explicitly and include example runs that show remote fetches/endpoints; absence of those details lowers confidence.
If you provide the rest of the script (the truncated portion), I can re-evaluate and raise the confidence level or change the verdict if network calls or credential misuse are found.Like a lobster shell, security has layers — review code before you run it.
latestvk97a72d6f8ba5w07qfwrxdepq984m10g
License
MIT-0
Free to use, modify, and redistribute. No attribution required.