Model-Selector
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a coherent model-routing skill, but it stores recent user queries locally and relies on unpinned ML dependencies if its scripts are used.
This skill looks safe to review/install for model-routing use, but check whether you are comfortable with local prompt history being kept and with the listed Python dependencies before running its scripts.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent may use this skill’s recommendation to choose a different model/provider than you expected.
The skill is intended to influence which model tier/provider handles later work. That is its stated purpose and the code only returns a recommendation, but users should notice that it can affect cost and data-routing choices.
The agent will call the `get_optimal_model` tool before making main LLM calls to optimize performance and budget.
Configure allowed providers/models and treat the router output as advisory for sensitive or high-cost tasks.
If you install the optional Python dependencies, you rely on package-registry resolution and future package versions.
The scripts depend on third-party Python packages with lower-bound version ranges. No automatic install is specified, so this is not active unsafe behavior, but manual installation could resolve to future unreviewed versions.
litellm>=1.0.0 sentence-transformers>=2.2.2 torch>=2.0.0 numpy>=1.24.0
Use a trusted environment and pin dependency versions or a lockfile before running the scripts.
Sensitive information typed into prompts could remain in a local query_history.json file.
The router persists the full prompt text and tier decision locally for rolling adjustment. This is purpose-aligned and bounded to 1000 entries, but it can retain sensitive prompt contents across sessions.
history.append({"query": query, "tier": tier, "timestamp": ...})
# Keep only last 1000 queriesAvoid routing secrets through the skill, review or delete query_history.json periodically, and make retention/opt-out behavior explicit if deploying it broadly.