ClawHub

ClawDef

v1.3.0

ClawDef — Self-hosted Token optimization dashboard for OpenClaw. Tracks token usage, estimates costs, auto-switches to cheapest model, provides one-click pro...

0· 93·0 current·0 all-time
byClawDef@gs921302
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (local token-cost dashboard, auto-switch models, one-click provider setup) match the code and install: Node app with an embedded web UI, local SQLite DB, and logic for pricing/auto-switching. The declared required binaries (node/npm) and the single node install spec (better-sqlite3) are appropriate for a Node+SQLite dashboard. Asking to read/write OpenClaw config is coherent with 'auto-switch to cheapest model' and 'disable skills'.
Instruction Scope
SKILL.md and server.js explicitly read ~/.openclaw/openclaw.json, session transcript files (~/.openclaw/agents/*/sessions/*.jsonl), and /tmp/openclaw logs. Reading session transcripts (full conversation data) is required to count tokens but is a privacy-sensitive operation; SECURITY.md asserts 'full conversation content is not stored' but the code parses sessions and may access message text during counting. SKILL.md claims the dashboard binds to 127.0.0.1 only; the provided server.js excerpt defines PORT but the actual listen() call and host binding are not visible in the truncated file — verify the server binds to localhost, otherwise it could be exposed externally.
Install Mechanism
Installation is via copying files and running npm install from local package.json. Dependencies are standard NPM packages; better-sqlite3 is a native module requiring a C++ build step (not a red flag but a build-time requirement). No remote downloads from arbitrary URLs or extract-from-URL steps are present. The included installer script only copies local files and runs npm install.
Credentials
The skill declares no required env vars or credentials at install time. It does, however, provide UI-driven one-click provider setup for up to 8 providers and will therefore prompt users to enter API keys via the dashboard; those keys appear intended to be stored locally in the SQLite DB. That is proportionate to the stated purpose but is sensitive (local secrets storage). No unrelated cloud credentials are requested in the bundle.
Persistence & Privilege
The skill is not forced-always and is user-invocable. It intentionally writes to OpenClaw config (claims to write agents.defaults.model.primary and skills.entries) so it can change the active model and enable/disable skills — this is powerful but consistent with its optimization/management role. Because it can modify OpenClaw config and reads session transcripts, running it as an autonomous skill increases blast radius; confirm you are comfortable with those privileges before enabling autonomous invocation.
Assessment
What to consider before installing ClawDef: - Data access & privacy: ClawDef reads session transcripts (~/.openclaw/agents/*/sessions/*.jsonl) to count tokens. Those files commonly contain full conversation text. Although the project asserts it does not store full conversations, it will process them locally and keep aggregated data in a local SQLite DB. If you have sensitive conversations, review the code paths that parse and store session data before deploying. - Config write privileges: To auto-switch models and enable/disable skills, ClawDef writes to ~/.openclaw/openclaw.json. Make a backup of that file before first run and audit the code that performs writes (what exact keys are changed). This capability is necessary for the feature but is a high-privilege operation on your OpenClaw instance. - Local binding & network exposure: The SKILL.md claims the server binds to 127.0.0.1:3456. Confirm the server actually listens only on localhost (not 0.0.0.0). If it binds publicly, an attacker with network access could reach the UI and potentially add provider keys or change configs. - Secrets storage: Provider API keys entered via the UI are stored locally (DB). Confirm the DB file (data/clawdef.db) is created with appropriate filesystem permissions and is placed where only the intended user can read it. - Build requirements: better-sqlite3 is a native module and requires a C/C++ build toolchain on install. On some hosts this will fail or require additional packages; that is an operational note, not a security issue. - Deployment advice: Run the service under an unprivileged user, bind explicitly to 127.0.0.1, and consider running inside a container or VM if you want stronger isolation. Review the server.js code (particularly auth endpoints, where config writes happen, and any external HTTP calls) or test in a sandbox before deploying on a production OpenClaw host. - When to be cautious: If you need strict guarantees that no conversation text ever leaves the host or gets logged, inspect the session parsing and logging code paths. If you cannot review the code, do not grant it write access to your OpenClaw config and instead run in read-only mode (or only point it at sanitized logs) until audited.

Like a lobster shell, security has layers — review code before you run it.

cost-optimizationvk97bbj0epekeyd1qj5s16e5hts83h0sqlatestvk97bbj0epekeyd1qj5s16e5hts83h0sqmonitoringvk97bbj0epekeyd1qj5s16e5hts83h0sqsmart-optimizervk97bbj0epekeyd1qj5s16e5hts83h0sqtoken-managementvk97bbj0epekeyd1qj5s16e5hts83h0sq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode, npm

Install

Install dependenciesnpm i -g better-sqlite3

Comments