Skillv0.1.0

ClawScan security

Openrouter Usage · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 26, 2026, 9:18 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, runtime instructions, and requested access line up with its stated purpose (reading local OpenClaw session logs and calling OpenRouter for credits); nothing in the package appears to be trying to do unrelated activity or exfiltrate data to unexpected endpoints.
Guidance: This package appears internally consistent with its purpose, but before installing: 1) verify the package source (the registry lists source/homepage as unknown; prefer installing from a trusted GitHub repo or reviewing the code you downloaded), 2) review install.sh to confirm you are comfortable with a CLI being placed in ~/.local/bin and an optional symlink into ~/.openclaw/workspace/skills, 3) understand the tool will read your OpenClaw session logs (~/.openclaw/agents/*/sessions/*.jsonl) and any OpenClaw auth files (~/.openclaw/agents/*/agent/auth.json) to auto-discover keys, and it will send your OpenRouter API key to openrouter.ai when fetching credits — if you are uneasy, create or use a limited/revocable API key, or run the script in a sandbox and inspect its output first.

Review Dimensions

Purpose & Capability: okThe skill claims to report OpenRouter credits and per-model usage from OpenClaw session logs and the code does exactly that: it queries openrouter.ai for credit info and parses ~/.openclaw/agents/*/sessions/*.jsonl for per-model cost. The only required binary is the CLI wrapper it installs (openrouter-usage), which is consistent with the README/SKILL.md.
Instruction Scope: okSKILL.md instructs running the provided CLI and documents that the API key is auto-discovered and that session parsing is local (reads ~/.openclaw/agents/*/sessions/*.jsonl). The Python script also only reads those local files and calls the OpenRouter API; it does not reference other system paths or external endpoints beyond openrouter.ai.
Install Mechanism: noteThere is no remote installer: install.sh writes a wrapper to ~/.local/bin and can optionally symlink the skill into ~/.openclaw/workspace/skills — this is a local install and expected. Note: the registry metadata called this an instruction-only skill, but code files and an installer are present in the package (minor inconsistency). Also README suggests cloning a GitHub repo as the install source, but the registry entry lists source/homepage as unknown; verify the repository origin before running the installer.
Credentials: noteNo required environment variables are declared, which matches registry metadata; however the script will optionally use OPENROUTER_API_KEY (env) or keys found in ~/.openclaw/agents/*/agent/auth.json. This is proportionate for its purpose (it needs an OpenRouter key to query credits) but you should be aware the key will be sent to openrouter.ai in an Authorization header.
Persistence & Privilege: okThe skill does not request always:true. The installer may create a CLI in ~/.local/bin and optionally link the skill into the user's OpenClaw workspace (with explicit prompt). It does not modify other skills or global system config beyond those user-visible local changes.