CLAW Agent 智控驾驶舱

v1.2.7

CLAW Agent 智控驾驶舱 - 专为 OpenClaw Coding Plan 订阅用户打造的一站式运维监控平台。功能包括：(1) API 额度监控与四级告警 (2) 自学习预测引擎（越用越准）(3) 每日用量趋势分析 (4) Token 用量透视 (5) Cron 定时任务管理 (6) 多 Agent 状...

⭐ 0· 92·0 current·0 all-time

by@mumuli2021

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for mumuli2021/claw-agent-cockpit.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "CLAW Agent 智控驾驶舱" (mumuli2021/claw-agent-cockpit) from ClawHub.
Skill page: https://clawhub.ai/mumuli2021/claw-agent-cockpit
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install claw-agent-cockpit

ClawHub CLI

Package manager switcher

npx clawhub@latest install claw-agent-cockpit

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Code (dashboard frontend, local API, quota tracker, updater) matches the stated purpose of a local operations dashboard and local quota prediction. However SKILL.md and ecosystem.config.js assume an OPENCLAW_WORKSPACE path and require runtime tools (pm2, python3) even though metadata lists no required env vars or binaries — this mismatch should be clarified.

Instruction Scope

Runtime instructions and included code read/write workspace files (agent-data.json, quota-data.json) and expose an HTTP API for reads and writes. The SKILL.md's references to creating a Cron that runs an agent 'sessions_list' operation indicate instructions to collect platform session/context data (sensitive) — but no credentials or authorization are declared. The manual and Cron guide therefore expand scope beyond the local dashboard and implicitly rely on agent/platform privileges.

ℹ

Install Mechanism

This is an instruction-only skill (no external install download), which lowers install risk. Still, SKILL.md instructs npm install -g pm2 and ecosystem.config.js runs python3 -m http.server; metadata did not declare these required binaries. That discrepancy (no declared required binaries but explicit install/run steps) is inconsistent.

Credentials

The skill does not request credentials in metadata, but it expects OPENCLAW_WORKSPACE (used in cp commands and PM2 config) and the Cron guide implies calling platform APIs (sessions_list) that require agent/platform credentials. Missing declaration of these environment/config needs is disproportionate and unclear.

Persistence & Privilege

The included services bind to 0.0.0.0 and set CORS Access-Control-Allow-Origin: '*' (both in the local API and python http.server being started), exposing the dashboard and unauthenticated endpoints (e.g., POST /api/quota, POST /api/cron-update) to the network. The API accepts writes and saves files without authentication, which could allow remote modification or data exposure if the host is reachable. always:false mitigates forced injection, but network exposure is a significant operational risk.

What to consider before installing

Key points to consider before installing: - Clarify runtime requirements: the package expects OPENCLAW_WORKSPACE and requires python3 and pm2 (npm -g). These are not listed in metadata — set OPENCLAW_WORKSPACE to a dedicated, empty workspace directory before running. - Network exposure: agent-api.js listens on 0.0.0.0 and returns CORS '*' and the ecosystem config starts python's http.server bound to 0.0.0.0. This makes the dashboard and API reachable from the network. If you run this on any machine with external network access, remote parties could read or POST to endpoints and modify quota/cron files. Mitigations: (a) run behind a firewall or bind services to 127.0.0.1 only (change server.listen host and python server binding), (b) restrict CORS and add authentication or IP filtering, or (c) run in an isolated VM/container with no sensitive files. - Unauthenticated write endpoints: POST /api/quota and POST /api/cron-update write JSON files under the workspace without auth. Treat the workspace as untrusted and do not place secrets or other sensitive files there. - Cron guidance and session collection: the Cron guide suggests calling sessions_list and writing session-derived agent-data.json. That operation requires platform/agent permissions and may surface sensitive session/context data. Only enable such Cron tasks if you have reviewed what data will be collected, limited permissions, and storage policies. If you cannot confirm the Cron payload is safe, avoid enabling automated collection. - Run a code review: if you decide to install, inspect and (if needed) modify agent-api.js and ecosystem.config.js to bind to localhost, remove or tighten CORS, and add auth. Also verify there are no other files in OPENCLAW_WORKSPACE that you don't expect, and back up any existing workspace data before copying files in. - If unsure, test locally in an isolated environment (throwaway VM/container) and do not expose the service to the internet until you’ve hardened access controls.

Like a lobster shell, security has layers — review code before you run it.

latestvk97crnvtn5deefbk4nk7esgnrx84y0g0

92downloads

0stars

10versions

Updated 1w ago

v1.2.7

MIT-0

🦞 CLAW Agent 智控驾驶舱

Coding Plan Edition · 专为 OpenClaw Coding Plan 订阅用户打造

产品简介

CLAW Agent 智控驾驶舱是面向 OpenClaw Coding Plan 订阅用户的一站式运维监控平台，集额度管控、智能预测、Agent 状态监控、资源分析、定时任务管理于一体，帮助用户在有限的 API 额度内高效运营多 Agent 团队。

核心亮点

🎓 自学习预测 — 根据实际数据自动校准预测参数，越用越准
📊 实际 vs 预测 — 双轨对比，一眼看清消耗趋势和偏差
🚨 四级告警 — 正常→关注→警告→危险，提前预警超额风险
🧠 Token 透视 — 各 Agent 资源消耗全景分析
⏰ Cron 可控 — 页面直接管理定时任务频率和开关
🦞 订阅倒计时 — 实时天/时/分/秒倒计时 + 进度条 + 四级颜色提醒 + 一键续订
💰 零额外消耗 — 本地数据追踪，不浪费 API 调用

快速部署

1. 复制资源文件到工作区

cp -r assets/dashboard/* "$OPENCLAW_WORKSPACE/"

2. 安装 PM2（如未安装）

npm install -g pm2

3. 启动服务

cd "$OPENCLAW_WORKSPACE" && pm2 start ecosystem.config.js

4. 打开驾驶舱

http://localhost:8888/agent-dashboard.html

配置说明

编辑 quota-data.json 匹配你的 Coding Plan：

配置项	说明	示例
config.monthlyQuota	月度 API 调用上限	18000
config.billingCycleStart	计费周期开始日期	"2026-04-11"
config.billingCycleEnd	计费周期结束日期	"2026-05-11"

操作手册

📝 填写实际额度（核心操作）

登录阿里云控制台，查看 Coding Plan 当前已用次数
在页面 "📝 实际已用" 输入框中填入数字
点击 "保存"

效果：

环形图和告警基于实际值更新
对比表显示实际 vs 预测偏差
系统自动学习，校准预测参数
建议每天填 1 次，越频繁预测越准

🚨 告警等级说明

等级	触发条件	颜色	建议操作
正常	预估月末 ≤70%	🟢	无需操作
关注	预估月末 >70%	🔵	关注趋势
警告	预估月末 >85%	🟡	减少非必要调用
危险	预估月末 >100%	🔴	立即节流！

⏰ 管理 Cron 任务

找到 "⏰ Cron 定时任务管理" 区域
开关控制启用/禁用
下拉框调整频率
修改后点击 "保存并生效"

🧠 分析 Agent 消耗

柱状图：哪个 Agent 消耗最多
饼图：各 Agent 占比分布
针对高消耗 Agent 优化策略

🤖 Agent 状态说明

状态	含义
🟢 正常	任务进行中
🔵 休息	任务完成，≤24h 未活动
🟠 待业	≥24h 但 <7天未活动
🔴 失联	≥7 天未活动

🦞 订阅到期倒计时

页面顶部显示 Lite 订阅套餐的到期倒计时：

大字显示剩余天数 + 时:分:秒实时跳动
进度条显示订阅剩余比例
四级颜色提醒：🟢 >14天安全 → 🔵 7~~14天注意 → 🟡 3~~7天警告 → 🔴 ≤3天紧急
🔄 续订按钮：点击弹出确认弹窗，确认后自动延长 30 天
到期日、总天数、进度条随续订自动更新

自学习预测原理

用户填入实际值
  → 系统对比同期 Token 增量
  → 反推 tokensPerCall 参数
  → EMA 指数平滑更新（α=0.4）
  → 下次预测使用校准后参数
  → 填得越多，预测越准

数据更新机制

数据	更新方式	频率	API 消耗
Agent 状态	Cron 自动	每 3 小时	2-3 次/轮
Token 追踪	本地计算	每 3 分钟	0（零消耗）
预测值	本地计算	每 3 分钟	0（零消耗）
实际值	手动填入	建议每天 1 次	0（零消耗）

Cron 配置

部署后需创建数据更新 Cron，详见 references/cron-setup.md。

文件说明

文件	用途
agent-dashboard.html	驾驶舱主页面
agent-api.js	API 服务 (port 8889)
update-agent-data.js	Agent 数据更新器
quota-tracker.js	自学习额度预测器
ecosystem.config.js	PM2 服务配置
agent-data.json	Agent 状态数据
quota-data.json	额度追踪数据