RelayPlane
ReviewAudited by ClawScan on May 10, 2026.
Overview
RelayPlane is a coherent LLM routing proxy, but its artifacts give conflicting setup guidance and include broad routing/logging of agent traffic through an external proxy package.
Install only if you want an LLM traffic proxy. Use the OpenClaw relayplane config rather than global BASE_URL environment variables unless you fully understand that all compatible tools may be routed through RelayPlane. Pin and verify the external npm package, review logging and telemetry settings, and know how to stop the background proxy.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Following the README quick start could redirect all Anthropic/OpenAI API calls from multiple tools through RelayPlane, not just OpenClaw traffic.
This directs broad provider SDK traffic through the proxy. It conflicts with SKILL.md's safer OpenClaw config approach and its warning that BASE_URL routing can hijack all traffic and has no fallback.
export ANTHROPIC_BASE_URL=http://localhost:3001 export OPENAI_BASE_URL=http://localhost:3001 ... All API calls now route through RelayPlane.
Prefer the OpenClaw-specific relayplane configuration with circuit breaker, and do not set global BASE_URL variables unless you intentionally want all compatible tools routed through the proxy.
Users may over-trust the 'never breaks' claim and choose a broader setup that the skill itself identifies as unsafe.
The artifact makes strong reliability claims while also documenting a setup mode that can break traffic if the proxy dies; README.md then recommends a similar BASE_URL setup.
Zero downtime, guaranteed. ... Never do this: export ANTHROPIC_BASE_URL=http://localhost:4100 ... hijacks ALL traffic, breaks OpenClaw if proxy dies
Clarify the documentation so the safe, fallback-enabled setup is the only default path, and label global BASE_URL routing as an advanced opt-in mode with clear failure impact.
Agent requests may be recorded locally for analytics, suggestions, or governance; sensitive prompt content could persist outside the original chat context depending on the proxy implementation.
The observability and learning features are purpose-aligned, but they imply persistent local records of agent activity and possibly sensitive prompts or decisions.
routes simple tasks to cheaper models, enforces budgets, and logs everything ... Learning Ledger — every run captured, full decision explainability
Before enabling learning or logging, review RelayPlane's storage location, retention controls, and whether prompts/responses are stored. Use offline mode if cloud telemetry is not desired.
RelayPlane may use or receive provider API credentials while forwarding requests, even though the registry metadata does not advertise credential requirements.
Provider API keys are expected for an LLM routing proxy, but the registry metadata declares no primary credential or required environment variables.
Requirements - Node.js 18+ - API key for at least one provider
Use least-privilege provider keys where possible, monitor provider usage, and verify how the proxy reads and forwards credentials.
The actual proxy behavior depends on external package contents that were not part of this artifact review.
The reviewed skill contains no code and relies on a globally installed external npm package using the moving @latest tag.
npm install -g @relayplane/proxy@latest
Install a pinned version from a trusted source, review the package repository or npm provenance, and avoid automatic upgrades in sensitive environments.
RelayPlane may keep running locally and continue routing or observing requests until stopped.
A managed background proxy is disclosed and purpose-aligned, but it is still a long-running process that can continue handling requests after setup.
"autoStart": true ... Process manager — proxy runs as managed child process
Confirm how to stop the proxy, disable autoStart if not needed, and check running processes when troubleshooting provider traffic.