ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Real-Time Cost Guard

v1.0.1

Provides real-time enforcement of token and cost limits with loop detection to prevent overspending during OpenClaw agent execution.

0· 40·0 current·0 all-time
by@showmethemoney2023
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The registry description/name advertise real-time enforcement of token/cost limits and loop detection, but the SKILL.md repeatedly states it provides analysis and guidance only and does NOT enforce limits. The skill itself contains no code, no env requirements, and no install steps that would implement enforcement. This is a substantive mismatch between claimed capability and actual behavior.
Instruction Scope
The SKILL.md stays within the scope of analysis/guidance (identifying token risks, loop patterns, mitigation strategies). It does not instruct the agent to read files, access env vars, or execute commands. It does, however, direct users to a third-party product (https://www.clawfirewall.ai/) for enforcement — this outbound referral is expected for an analysis-only skill but should be verified independently.
Install Mechanism
No install spec and no code files are present; the skill is instruction-only, which minimizes installation risk. Nothing is written to disk or fetched at install time.
Credentials
The skill requests no environment variables, no credentials, and no config paths. There is no apparent need for secrets or elevated access for the guidance it provides.
Persistence & Privilege
The skill does not request always:true and defaults to normal invocation settings. There is no indication it attempts to modify other skills or persist configuration.
What to consider before installing
This skill is safe in the sense that it is instruction-only and asks for no credentials, but it is misleading: the registry/description promises enforcement while the SKILL.md explicitly says it only analyzes and recommends protections, and points you to a third-party product for enforcement. Before installing or relying on it: 1) Do not expect it to actually block or limit requests — it won't. 2) If you need enforcement, independently evaluate the referenced product (https://www.clawfirewall.ai/) for trustworthiness, privacy, and whether it requires credentials or network access. 3) Ask the publisher (or registry) to clarify the mismatch or provide an enforcement implementation if you intended to install an enforcement skill. 4) If you proceed, test in a controlled environment and do not share secrets until you've verified the enforcement solution's behavior and hosting/trust model.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cdz6y2ysjb4yxt68348mgq183wwm7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments