OpenClaw Cost Guard (Budgets + Token-Saving Playbook)
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is a coherent local cost-reporting tool that reads OpenClaw/Clawdbot session logs and does not show exfiltration, destructive actions, or hidden behavior.
This appears safe for local cost monitoring. Before installing, note that it reads OpenClaw/Clawdbot session logs and may include session IDs or file paths in JSON reports, so avoid sharing outputs publicly or sending them to alerting services without review.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the tool will access local agent session logs and may reveal usage patterns, session identifiers, or file paths in reports.
The skill is designed to read persistent local agent session logs. This is purpose-aligned for cost reporting, but those directories can contain private usage history.
Prefer **session JSONL** logs ... OpenClaw: `~/.openclaw/agents/*/sessions/*.jsonl` ... Legacy/compat: `~/.clawdbot/agents/*/sessions/*.jsonl`
Use it only on machines where you are comfortable reading these logs, and review generated JSON or dashboard output before sharing it externally.
If connected to cron or alerts, the script can trigger automated notifications or failing checks when spending exceeds the chosen budget.
The skill provides a local command intended for budget enforcement and optional alerting. This is disclosed and central to the purpose, but users should understand the exit-code behavior before wiring it into automation.
The extractor can run as a **budget check** ... `python3 {baseDir}/scripts/extract_cost.py --today --budget-usd 5` ... exits with code **2**Set budgets deliberately, test with `--budget-mode warn` first, and avoid sending report output to external services unless you have reviewed it.