ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

chitin-core

v1.0.0

Selects the most cost-effective capable model for tasks, handles rate limit failures gracefully, and supports tier overrides and health checks.

0· 356·0 current·1 all-time
by@adroidian
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
router.js and provider-sync.js implement model routing, tier logic, failover, health and cost tracking — consistent with the name/description. However the skill implicitly requires access to provider APIs and the user's OpenClaw config (process.env, ~/.openclaw/openclaw.json, and ~/.openclaw/workspace/.secrets) even though registry metadata declares no required env vars or config paths.
!
Instruction Scope
SKILL.md documents using scripts/router.js (route/fail/health/etc.) which is in-scope, but it omits mention of the provider-sync script that will query provider APIs and can update config.json and send Telegram notifications. The runtime code reads/writes files under the user's home (~/.openclaw), including openclaw.json and a persistent state file, and will consult .secrets for API keys — actions not described in SKILL.md.
Install Mechanism
Instruction-only skill with no install spec; nothing is automatically written to disk by an installer. The risk comes from runtime file I/O performed by the shipped scripts, not from an installer or remote downloads.
!
Credentials
Provider-sync expects API keys (ANTHROPIC_API_KEY, OPENAI_API_KEY, OPENROUTER_API_KEY) via environment or fallback files, but the registry metadata lists no required env vars. Additionally provider-sync contains a hardcoded Telegram bot token and chat ID, and references a remote Ollama Forge host IP — these are unexpected for a routing helper and could lead to external network activity.
Persistence & Privilege
Skill is not always:true and does not autonomously register itself in the registry, but its scripts write persistent state to ~/.openclaw/workspace/memory/modelrouter-state.json and can update config.json in the skill directory. README suggests a cron schedule for provider-sync (runs nightly), implying persistent external network activity if enabled.
Scan Findings in Context
[hardcoded-telegram-bot-token] unexpected: provider-sync.js and README contain a hardcoded Telegram bot token and chat id (Bot token: 8547915559:AAGqJlIiflFVBayXwT5GS5DsWyBTW_vlfw8, Chat ID: 1156712793). Hardcoded tokens are unexpected and route notifications to an external bot; not declared in metadata.
[reads-secret-files] expected: provider-sync.js attempts to load provider API keys from environment variables and falls back to ~/.openclaw/workspace/.secrets files. For a provider-sync that queries provider APIs, having API keys is expected, but the skill metadata did not declare these requirements.
[reads-openclaw-config] expected: router.js reads ~/.openclaw/openclaw.json to discover available providers and will store state in ~/.openclaw/workspace/memory/modelrouter-state.json. This is consistent with runtime needs but was not declared in required config paths.
[hardcoded-ollama-forge-ip] unexpected: README and provider-sync reference an Ollama Forge host at 100.118.158.58:11434. Contacting an embedded external IP is unexpected and should be reviewed.
What to consider before installing
What to check before installing: - This skill's code matches its stated routing functionality, but it expects provider API keys (Anthropic/OpenAI/OpenRouter) via environment variables or ~/.openclaw/workspace/.secrets even though the registry declares none. If you don't want it to use your provider credentials, do not supply those env vars or secret files. - provider-sync.js contains a hardcoded Telegram bot token and chat id that will send notifications to an external bot. If you run provider-sync (manually or scheduled), either remove/replace the hardcoded token or disable Telegram notifications. - The sync script references a remote Ollama Forge IP; audit any network endpoints before enabling automated sync/cron jobs. - The router script reads and writes files under ~/.openclaw (openclaw.json, memory state) — review those paths and back up configs if needed. - Recommendation: review the two shipped scripts (provider-sync.js and router.js) line-by-line in a safe environment. If you plan to run provider-sync automatically, consider running it in dry-run mode first, remove hardcoded tokens, and restrict network access to only the providers you trust. - If you lack the ability to audit code, treat this skill as untrusted and avoid running provider-sync or supplying provider credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk977tg7pgwk95d98trcske6x39820qkr
356downloads
0stars
1versions
Updated 5h ago
v1.0.0
MIT-0
@adroidian
latest
Download

chitin-core

Route tasks to the cheapest capable model. Never crash on rate limits.

Activation

When spawning sub-agents or delegating tasks, use ModelRouter to select the optimal model.

Trigger phrases: "route this", "spawn a sub-agent", "delegate", or any time you need to choose a model for a task.

Usage

Route a Task

node ~/.openclaw/workspace/skills/chitin-core/scripts/router.js route "task description here"

Returns JSON:

{"tier":"MEDIUM","model":"google-antigravity/gemini-3.1-pro","confidence":0.85,"estimatedCost":0.005,"signals":["codeSignals:2×1.2=2.4"]}

Use the returned model value in sessions_spawn.

Handle Failures

If a spawned session fails with a rate limit or error:

node ~/.openclaw/workspace/skills/chitin-core/scripts/router.js fail "provider/model" "error message"

Then re-route — the failed model will be skipped:

node ~/.openclaw/workspace/skills/chitin-core/scripts/router.js route "same task"

Check Health

node ~/.openclaw/workspace/skills/chitin-core/scripts/router.js health

View Costs

node ~/.openclaw/workspace/skills/chitin-core/scripts/router.js costs

Validate Config

node ~/.openclaw/workspace/skills/chitin-core/scripts/router.js validate

Workflow

  1. Receive task from user
  2. Run router.js route "<task>" to get optimal model
  3. sessions_spawn with returned model
  4. If spawn fails → router.js fail "<model>" "<error>" → retry route
  5. Return result to user

Tiers

TierUse CaseModels
LIGHTGreetings, simple Q&A, status checksFlash, DeepSeek, gpt-5-mini, Groq, Ollama
MEDIUMCode, summaries, standard tasksGemini Pro, gpt-5.2, DeepSeek Reasoner
HEAVYArchitecture, complex reasoning, agenticgpt-5.2-pro, o3, Codex

Override Tags

Include in task text to force a tier:

  • @light — force cheapest model
  • @medium — force mid-tier
  • @heavy — force most capable

Graceful Degradation

If all models in a tier are rate-limited, the router automatically:

  1. Tries adjacent tiers (escalate or downgrade)
  2. Falls back to local Ollama if configured
  3. Returns structured error with retry time (never crashes)

Configuration

Edit config.json in the skill directory to:

  • Add/remove models per tier
  • Adjust cost figures
  • Tune classification boundaries

Comments

Loading comments...