Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
火一五成本追踪技能
v1.0.0火一五成本追踪器 - 追踪 AI API 使用量、Token 消耗和成本计算。支持 MiniMax、OpenAI 等模型。触发词:成本追踪、火一五成本追踪、火一五成本追踪器、Cost Tracker、花费了多少、token 统计。
⭐ 0· 8·0 current·0 all-time
byJob Zhao@zhaobod1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the actual behavior: scripts record tokens, compute cost, generate reports and support thresholds. Nothing in the code requests unrelated cloud credentials or external services. However, there are surprising hardcoded absolute paths (e.g., /Users/jobzhao/.openclaw/...) instead of using the script's CONFIG_DIR variable, and SKILL.md references a config.sh that is not present in the file manifest. These mismatches suggest sloppy packaging or leftover developer paths.
Instruction Scope
Runtime instructions and scripts operate on local JSON stats under $HOME/.openclaw/workspace/memory/activity and on local config files in the skill directory — which is consistent with a local cost tracker. The SKILL.md asks users to add cron/heartbeat entries (user action). No network endpoints, no exfiltration instructions. Concerns: SKILL.md example cron/paths use /Users/jobzhao (not generic), and integration examples reference files in /tmp and a 'config.sh' that isn't included; these broaden the agent's discretion in fragile ways and could lead to accidental writes to unexpected locations.
Install Mechanism
No install spec; the skill is instruction + scripts only. No downloads or remote install steps are present. This is the lowest-risk install mechanism. Scripts will create/read local files in the user's home when run.
Credentials
The skill declares no required environment variables or credentials and the code doesn't attempt to read secrets or external credentials. It only reads/writes local config and stats JSON files. This is proportionate to its stated purpose.
Persistence & Privilege
The skill is not forced 'always: true' and is user-invocable by default. It suggests (but does not automatically create) cron/heartbeat entries — these are user actions. The skill does not modify other skills' configs or request elevated privileges.
What to consider before installing
This skill appears to be a local cost tracker and contains only shell + embedded Python that reads/writes local JSON files — no network/external credentials are used. However, before installing or adding scheduled tasks, check and fix these issues:
- Hardcoded paths: track.sh's get_model_pricing reads /Users/jobzhao/.openclaw/... instead of the script's CONFIG_DIR; SKILL.md examples and cron lines also use /Users/jobzhao. Update these to use relative paths or $HOME so the scripts run in your environment and don't accidentally read/write someone else's paths.
- Missing referenced files: SKILL.md mentions config.sh but it's not in the package; verify whether any missing helper is needed.
- Portability: some commands (e.g., sed -i '' usage) may be macOS-specific; test on your OS before scheduling cron jobs.
- Review file writes: the scripts will create and modify $HOME/.openclaw/workspace/memory/activity/cost-stats.json and backups; ensure you are comfortable with that location and the permissions.
If you want to proceed, run the scripts in a safe environment first (or inspect/patch the hardcoded paths), and avoid adding cron/heartbeat entries until confirmed. If you need, I can produce a patched version that replaces hardcoded paths with CONFIG_DIR/$HOME variables and remove missing-file references.Like a lobster shell, security has layers — review code before you run it.
latestvk97a2ajb5hsjmj2cb16d7zk01x84dnev
License
MIT-0
Free to use, modify, and redistribute. No attribution required.