API usage optimization
v1.0.0发现和配置免费/超低价 AI 模型,支持智能分流和无感降级。支持 SiliconFlow、NVIDIA NIM、OpenRouter、DeepSeek、智谱等多平台。当用户说'免费模型'、'省钱配置'、'加免费 API'、'find free models'、'配置免费模型'、'低成本模型'时触发
⭐ 0· 10·0 current·0 all-time
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The declared purpose (discover/configure free or very-low-cost models and produce OpenClaw routing/fallback configs) matches the included scripts and instructions. However there are inconsistencies: registry requires.env lists OPENROUTER_API_KEY, SILICONFLOW_API_KEY, NVIDIA_API_KEY as required, while SKILL.md marks some provider keys optional and also references additional keys (DEEPSEEK_API_KEY, ZHIPU_API_KEY). The SKILL.md instructs use of the openclaw CLI to patch and restart the gateway but the skill's metadata does not declare any required binaries (openclaw), nor does requires.configPaths declare that it will write user config (it does instruct writing to ~/.openclaw/openclaw.json). These mismatches mean the declared requirements do not fully reflect what the skill will do.
Instruction Scope
Runtime instructions and scripts perform network calls to third‑party provider APIs using whatever API keys you supply, generate configuration JSON, and instruct the user to overwrite/merge ~/.openclaw/openclaw.json and restart the OpenClaw gateway. This is within the claimed purpose, but SKILL.md also references a scripts/configure.js in Step 3 which is not present in the package (no configure.js in manifest) — an operational mismatch. The scripts read environment variables for provider API keys and will contact external endpoints (openrouter.ai, api.siliconflow.cn, integrate.api.nvidia.com, etc.). The skill therefore has the ability to transmit model queries/health checks to external APIs using your keys — expected, but must be explicit and consistent in metadata.
Install Mechanism
No install spec; code is included as plain JS files. package.json has no dependencies and Node >=18 supports global fetch, so nothing is automatically downloaded or executed by an installer. No remote archives or obscure URLs are used by an installer step. This is a lower install-risk pattern.
Credentials
Requested credentials (OpenRouter, SiliconFlow, NVIDIA) are directly related to the skill's claimed platforms and the scripts will use them to call provider APIs. However metadata and SKILL.md disagree about which keys are required vs optional, and SKILL.md also references additional env vars (DEEPSEEK_API_KEY, ZHIPU_API_KEY) that are not listed in the registry's requires.env. The skill will accept and use any keys present in environment variables to call providers; supplying keys grants the scripts the ability to make API calls and potentially consume quota/billing. This is proportionate to the feature set but the inconsistent declaration is a red flag.
Persistence & Privilege
The skill does not set always: true and does not request elevated platform privileges. It does instruct the user to back up and patch the OpenClaw config and to restart the OpenClaw gateway — actions that modify local agent configuration and can change runtime routing for agents. Modifying user config is within scope for a configuration helper, but SKILL.md/metadata did not declare required config path access explicitly. You should expect it to change your OpenClaw agent behavior if you apply its generated config.
What to consider before installing
What to check before installing or running this skill:
- Metadata vs reality: The skill's registry metadata and SKILL.md disagree about which API keys are required. SKILL.md also mentions DEEPSEEK_API_KEY and ZHIPU_API_KEY though they are not listed as required in metadata. Treat provider API keys as sensitive — only provide keys you control and consider using limited-scope or test keys first.
- Missing/incorrect files: SKILL.md tells you to run node scripts/configure.js but no configure.js is present in the package. That means following the readme blindly may fail — inspect the scripts provided (discover.js, router.js, fallback.js) and the outputs they generate before applying any configuration.
- Config modification: The guide instructs backing up and patching ~/.openclaw/openclaw.json and restarting the gateway. Review any generated JSON (free-models.json / routing.json / fallback.json) before merging. Keep backups and test in a non-production environment first.
- Network & billing risk: The scripts will call third‑party provider APIs using the API keys you supply; this may consume quota or incur costs. If a key is compromised, it could be used to run API calls. Use least-privilege/test keys and monitor billing and quotas.
- No install downloads: There is no installer fetching remote code, which reduces supply-chain risk. Still, review the JS source to ensure no hidden endpoints or obfuscated code. The packaged scripts are plain JS and call well-known provider endpoints.
- Code quality issues: There are small inconsistencies/bugs (e.g., duplicate import lines in discover.js and truncated/placeholder content in the provided excerpt). These look like sloppy maintenance rather than active malice, but they may cause runtime errors.
- Action items before use: (1) Inspect scripts locally and run discovery with --json to capture outputs without applying changes. (2) Do not paste sensitive production API keys into a machine you don't control; create limited/test keys. (3) Manually review generated JSON before calling openclaw config.patch and restarting the gateway. (4) If you want to proceed, run the scripts in a safe/dev environment first and ensure you have backups of your OpenClaw config.
Given the inconsistencies and missing file reference, treat this skill as potentially useful but untrustworthy until you validate the code and outputs yourself.scripts/discover.js:55
Environment variable access combined with network send.
scripts/fallback.js:115
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
EnvOPENROUTER_API_KEY, SILICONFLOW_API_KEY, NVIDIA_API_KEY
Primary envOPENROUTER_API_KEY
SKILL.md
Chenni Free API - 免费模型聚合指南
一站式发现、配置和管理多平台免费 AI 模型。支持智能分流和无感降级。
核心功能
- 🆓 推荐模型:精选多平台免费模型列表
- 🔍 自动发现:每日刷新 OpenRouter 可用免费模型
- 🧠 智能分流:按任务类型选择最合适模型
- 🔄 无感降级:主模型失败时自动 fallback 并自动回切
推荐免费模型
SiliconFlow(硅基流动)- 国内首选
| 模型 ID | 说明 | 免费额度 | 推荐用途 |
|---|---|---|---|
Qwen/Qwen3-8B | 通义千问 3 代 8B | 完全免费 | 日常对话、通用任务 |
deepseek-ai/DeepSeek-R1-0528-Qwen3-8B | DeepSeek R1 蒸馏版 | 完全免费 | 推理任务 |
THUDM/glm-4-9b-chat | 智谱 GLM-4 | 完全免费 | 中文理解 |
Qwen/Qwen2.5-Coder-7B-Instruct | Qwen 编码专用 | 完全免费 | 代码生成 |
注册链接:https://cloud.siliconflow.cn/i/hoxZec8I
OpenRouter - 国际平台
| 模型 ID | 说明 | 价格 | 推荐用途 |
|---|---|---|---|
google/gemini-3.1-flash-lite | Gemini Flash Lite | ~免费 | 快速任务 |
qwen/qwen3.5-flash-02-23 | Qwen 3.5 Flash | ~免费 | 预算选项 |
x-ai/grok-4.1-fast | Grok Fast | 极低价 | 工具调用 |
注册链接:https://openrouter.ai/settings/keys
DeepSeek - 国产高性价比
| 模型 | 免费额度 | 特点 |
|---|---|---|
| DeepSeek V3 | 每天免费调用 | 国产最强,日常首选 |
| DeepSeek R1 | 部分免费 | 推理能力强 |
注册链接:https://platform.deepseek.com/
智谱 GLM - 稳定可靠
| 模型 | 免费额度 | 特点 |
|---|---|---|
| GLM-4 | 每月 100 万 tokens | API 稳定,中文优秀 |
注册链接:https://open.bigmodel.cn/
NVIDIA NIM - 免费多模态
| 模型 ID | 上下文 | 类型 | 说明 |
|---|---|---|---|
qwen/qwen3.5-397b-a17b | 128k | text+image | Qwen 3.5 大参数版本 |
stepfun-ai/step-3.5-flash | 256k | text+image | 阶跃星辰,超长上下文 |
moonshotai/kimi-k2.5 | 256k | text+image | Kimi,超长上下文 |
z-ai/glm4.7 | 128k | text+image | 智谱 GLM 4.7 |
z-ai/glm5 | 128k | text+image | 智谱 GLM 5 |
minimaxai/minimax-m2.5 | 192k | text+image | MiniMax |
配置步骤
Step 1: 获取 API Keys
# SiliconFlow
export SILICONFLOW_API_KEY="sk-xxx"
# OpenRouter
export OPENROUTER_API_KEY="sk-or-v1-xxx"
# DeepSeek
export DEEPSEEK_API_KEY="sk-xxx"
# 智谱
export ZHIPU_API_KEY="xxx.xxx"
Step 2: 自动发现免费模型
node scripts/discover.js --platform all
Step 3: 生成 OpenClaw 配置
node scripts/configure.js --output ~/.openclaw/free-models.json
Step 4: 应用配置
# 备份原配置
cp ~/.openclaw/openclaw.json ~/.openclaw/openclaw.json.backup
# 合并配置
openclaw config.patch < ~/.openclaw/free-models.json
# 重启生效
openclaw gateway restart
智能分流配置
按任务类型自动选择最优模型:
{
"agents": {
"defaults": {
"models": {
"routing": {
"coding": ["siliconflow/Qwen/Qwen2.5-Coder-7B-Instruct", "deepseek/deepseek-coder"],
"reasoning": ["siliconflow/deepseek-ai/DeepSeek-R1-0528-Qwen3-8B"],
"translation": ["siliconflow/THUDM/glm-4-9b-chat"],
"chat": ["siliconflow/Qwen/Qwen3-8B", "deepseek/deepseek-chat"],
"vision": ["openrouter/google/gemini-3.1-flash-lite"]
}
}
}
}
}
无感降级配置
主模型失败时自动切换到备用模型:
{
"agents": {
"defaults": {
"model": {
"primary": "siliconflow/Qwen/Qwen3-8B",
"fallbacks": [
"siliconflow/deepseek-ai/DeepSeek-R1-0528-Qwen3-8B",
"openrouter/google/gemini-3.1-flash-lite",
"deepseek/deepseek-chat"
],
"retryPolicy": {
"maxRetries": 3,
"backoffMs": 1000,
"autoRecover": true,
"recoverIntervalMs": 300000
}
}
}
}
}
脚本使用说明
discover.js - 自动发现
# 发现所有平台免费模型
node scripts/discover.js --platform all
# 只发现 OpenRouter
node scripts/discover.js --platform openrouter
# 只发现 SiliconFlow
node scripts/discover.js --platform siliconflow
# 输出为 JSON
node scripts/discover.js --platform all --json > models.json
router.js - 智能分流
# 根据任务类型推荐模型
node scripts/router.js --task coding
node scripts/router.js --task reasoning
node scripts/router.js --task translation
# 生成分流配置
node scripts/router.js --generate-config > routing.json
fallback.js - 无感降级
# 测试降级链
node scripts/fallback.js --test
# 监控模型状态
node scripts/fallback.js --monitor
# 生成降级配置
node scripts/fallback.js --generate-config > fallback.json
成本对比
| 平台 | 免费模型数量 | 付费最低价 | 推荐指数 |
|---|---|---|---|
| SiliconFlow | 10+ | ¥0.7/百万 tokens | ⭐⭐⭐⭐⭐ |
| NVIDIA NIM | 6 | 完全免费 | ⭐⭐⭐⭐⭐ |
| OpenRouter | 5+ | $0.0000002/百万 tokens | ⭐⭐⭐⭐ |
| DeepSeek | 2 | ¥1/百万 tokens | ⭐⭐⭐⭐ |
| 智谱 GLM | 1 | ¥5/百万 tokens | ⭐⭐⭐ |
注意事项
- API Key 安全:不要将 API Key 提交到代码仓库
- 免费额度限制:免费模型通常有 QPS 或总量限制
- 模型可用性:免费模型可能随时调整,建议定期运行
discover.js - 降级策略:建议至少配置 2-3 个备用模型
环境变量
| 变量 | 说明 | 必需 |
|---|---|---|
OPENROUTER_API_KEY | OpenRouter API Key | 是 |
SILICONFLOW_API_KEY | SiliconFlow API Key | 否 |
DEEPSEEK_API_KEY | DeepSeek API Key | 否 |
ZHIPU_API_KEY | 智谱 API Key | 否 |
NVIDIA_API_KEY | NVIDIA NIM API Key | 否 |
Files
7 totalSelect a file
Select a file to preview.
Comments
Loading comments…