ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Free Ride - Unlimited free AI

v1.0.6

Manages free AI models from OpenRouter for OpenClaw. Automatically ranks models by quality, configures fallbacks for rate-limit handling, and updates opencla...

8· 6k·60 current·69 all-time
byShaishav Pidadi@shaivpidadi·duplicate of @shaivpidadi/free-ride (1.0.5)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's code, README, and SKILL.md all clearly implement OpenRouter free-model discovery, ranking, and updating of ~/.openclaw/openclaw.json. That functionality is coherent with the name/description. However, the registry summary at the top of this package evaluation claims "Required env vars: none" and "Primary credential: none", while skill.json and SKILL.md require OPENROUTER_API_KEY and the code reads it. This metadata mismatch is an incoherence that could mislead less-technical users.
Instruction Scope
The SKILL.md instructs installing the package, setting OPENROUTER_API_KEY, running CLI commands (freeride auto, list, switch, etc.) and restarting the OpenClaw gateway. The code performs exactly those actions: it queries OpenRouter, ranks models, and updates only the OpenClaw keys under agents.defaults.model and agents.defaults.models. It also creates a cache file (~/.openclaw/.freeride-cache.json) and a watcher state file (~/.openclaw/.freeride-watcher-state.json). These file reads/writes are within the declared purpose but are persistent changes to your OpenClaw config and state.
Install Mechanism
There is no high-risk remote download; the package is a standard Python package with setup.py and a normal pip editable install recommended in SKILL.md/README. The skill.json includes an install string invoking npx clawhub and pip install -e ., and README describes the same. The mismatch between 'No install spec' in the registry summary and the presence of an install string is an inconsistency to be aware of, but the install mechanism itself is a common pip install from local workspace (moderate risk, expected for CLI skills).
!
Credentials
The skill requires OPENROUTER_API_KEY to call OpenRouter — that single credential is proportional to the task. However, the registry metadata incorrectly listed no required env vars while skill.json marks the key as required and SKILL.md instructs the user to set it. That discrepancy is concerning because it could hide the fact that a secret (API key) is needed and used. The code reads the key from environment or from the OpenClaw config; no other unrelated secrets or credentials are requested.
Persistence & Privilege
The watcher can run as a daemon and will autonomously monitor and rotate models, updating OpenClaw config files and writing a watcher state file. always:false (not force-included) and disable-model-invocation:false (normal) — so the skill can be invoked autonomously by agents. Combined with the ability to modify ~/.openclaw/openclaw.json, this gives it meaningful persistent influence over your agent's behavior. This is coherent with the skill's purpose but worth conscious consideration before enabling daemon/autonomous behavior.
What to consider before installing
What to check before installing: - Metadata mismatch: The registry summary omitted required env vars but skill.json and SKILL.md require OPENROUTER_API_KEY. Treat that as a red flag: the skill will use an API key and make network calls to openrouter.ai. - Review and back up: Backup ~/.openclaw/openclaw.json before running the installer or any freeride commands (the skill updates agents.defaults.model and agents.defaults.models). - Inspect the code: The bundled Python files are readable and make requests only to openrouter.ai and write cache/state under ~/.openclaw — review them yourself if you can. If you cannot, restrict installation to an isolated environment. - Daemon behavior: The freeride-watcher can run as a daemon and will autonomously rotate models; don’t enable or run the watcher as a system daemon unless you trust the code and the key you provide. - Limit the API key: Use a dedicated OpenRouter key (not shared credentials) and revoke it if you stop using the skill. - Verify provenance: The skill references a GitHub repo but the registry homepage is missing. Try to locate and review the upstream repository (https://github.com/Shaivpidadi/FreeRide is mentioned) and confirm the author before trusting and enabling autonomous behavior. If you want me to, I can highlight exact lines in the code that read/write config, call the API, or persist state so you can inspect them quickly.

Like a lobster shell, security has layers — review code before you run it.

latestvk977gqb6be33rbjwf71r0ev1ns83ppxs

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments