Openrouter Usage

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed OpenRouter spending reporter that uses expected local logs and OpenRouter account access for that purpose.

Install only if you are comfortable letting this publisher's local CLI read your OpenRouter API key source and OpenClaw session logs to calculate billing. Review the installer before running it if you already have a workspace skill named openrouter-usage, because the optional link step may replace that existing skill path.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill advertises capabilities to read environment variables, local session files, invoke a binary, and make network-backed API requests, but it does not declare any permissions or trust boundaries. That creates a transparency and policy-enforcement gap: an agent may execute sensitive operations such as reading `OPENROUTER_API_KEY` or scanning `~/.openclaw/...` without explicit user-visible authorization, which is especially risky in a skill that accesses billing data and local logs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal