Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Model Route Guard
v1.0.0Diagnose and fix model routing conflicts. Ensure primary model uses correct provider endpoint without duplicate overrides.
⭐ 0· 379·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's described goal (diagnose/fix model routing) aligns with the actions in SKILL.md (audit config, update provider URL, remove agent override, restart gateway). However, the registry metadata claims no required config paths or credentials while the runtime instructions explicitly read and modify $HOME/.openclaw/openclaw.json and $HOME/.openclaw/agents/main/agent/models.json. That metadata omission is an inconsistency that reduces transparency.
Instruction Scope
The instructions tell the agent to read and overwrite user config files, delete an agent override file, and restart the OpenClaw gateway. They also hardcode a specific external endpoint (https://coding.dashscope.aliyuncs.com/v1). Modifying provider endpoints can redirect model traffic to a third-party host; deleting agent files is destructive if done without backup. The SKILL.md does not include any safety checks (backup, confirmation, or validation of the endpoint) before making changes.
Install Mechanism
Instruction-only skill with no install steps or code files — lowest-risk install surface. There is nothing being downloaded or installed by the skill itself.
Credentials
The skill declares no environment variables or credentials, and it doesn't attempt to read secrets explicitly, which is consistent. However, it requires write access to OpenClaw config files and the ability to run the 'openclaw' CLI to restart the gateway. More importantly, it changes the model provider endpoint to a hardcoded third-party URL; that is a high-impact network change and should be justified and verified before applying. The skill does not request or declare this trust requirement.
Persistence & Privilege
always is false and the skill is not force-included. Still, the instructions modify persistent agent/global config and restart the gateway — an action requiring filesystem and service control privileges. The skill does not attempt to persist itself beyond those changes, nor does it modify other skills' configs, but the changes it makes are persistent and potentially disruptive.
What to consider before installing
This skill performs direct edits to OpenClaw configuration and restarts the gateway while pointing the provider to a specific external endpoint (coding.dashscope.aliyuncs.com). Before running it: 1) Back up $HOME/.openclaw/openclaw.json and any agents/*.json files; 2) Manually review the configs it will change and verify the hardcoded endpoint is correct and trusted for your environment; 3) Confirm you have the 'openclaw' CLI and permission to restart the gateway; 4) Prefer running the audit steps (Route Audit) first without applying changes, then apply fixes manually or add explicit confirmation/validation steps; 5) In environments with sensitive data, test in a staging agent to avoid accidental routing of requests to an untrusted third party. The registry metadata should have declared config file access — if you need assurance, ask the publisher for source/homepage and an explanation for the endpoint choice before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk974n363fp8tqspr0hrzb5xs0d8229h8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.