ClawHub

Token Monitor

v1.0.0

分析 OpenClaw 会话 JSONL 文件,监控各 skill/功能的 token 消耗(输入/输出/缓存命中)和成功率。当需要分析会话 token 使用、跟踪性能或生成使用报告时使用。关键词触发:token、会话分析、skill 性能、使用报告。

0· 85·0 current·0 all-time
by@qingyu24·duplicate of @qingyu24/qingyu24-token-monitor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (token/session analysis) align with the included script and instructions. The skill only requires python3 and operates on session files under ~/.claude/projects and the local ~/.claude/skills directory to map skill names — which is expected for this purpose.
Instruction Scope
SKILL.md instructs the agent to run the local script against files in the user's home (~/.claude/projects) and to read ~/.claude/skills; this is coherent with session analysis but means the tool will read potentially sensitive local session data. The SKILL.md references a metrics-calculation doc that is not present in the manifest (minor inconsistency). The instructions use a {baseDir} placeholder (ambiguous) — user should ensure the correct path when running.
Install Mechanism
No install spec — instruction-only with an included Python script. No external downloads, no archive extraction, and no package installs are requested in the manifest.
Credentials
The skill declares no required environment variables, no credentials, and no config paths beyond reading files under the user's home. The script reads local files (session JSONL and ~/.claude/skills) which is proportional to its stated goal; it does not access unrelated secrets or cloud credentials.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. The script appears to only read files and write reports (to stdout or chosen output path) and does not modify other skills or system-wide configuration.
Assessment
This skill appears to do what it says: analyze local OpenClaw/Claude session JSONL files for token usage and produce reports. Before installing or running it, review these points: 1) The tool reads files under ~/.claude/projects and ~/.claude/skills — those session files can contain sensitive conversation content, so run it only if you trust the environment and code. 2) Inspect scripts/analyze_session.py locally (it is included) to verify there are no unexpected network calls or writes; the provided script shows only local file I/O and no networking. 3) When running, prefer an explicit output path (use --output) and run in a controlled directory/sandbox if you have privacy concerns. 4) SKILL.md references a metrics document that is not present (references/metrics-calculation.md) and uses a {baseDir} placeholder — ensure you run the correct script path. If you need higher assurance, run the script in an isolated environment or review/execute it line-by-line before giving it access to your real session files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c9yyft5txxa3ee5hambgvah83gmnj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📊 Clawdis
OSmacOS · Linux
Binspython3

Comments