ClawHub

Save upto 50% for model tokens: OpenAI GPT, Claude, Gemini, Qwen, Deepseek, Grok and more with one single key

v1.0.1

Unified LLM Gateway - One API for 70+ AI models. Route to GPT, Claude, Gemini, Qwen, Deepseek, Grok and more with a single API key.

5· 1.3k·2 current·2 all-time
by@0xjordansg-yolo·duplicate of @aisadocs/openclaw-aisa-llm-router
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description, SKILL.md examples, README, and the included Python client all consistently implement a unified router to api.aisa.one and require a single AISA_API_KEY. Requested binaries (python3, curl) and the single env var are appropriate for this functionality.
Instruction Scope
Runtime instructions and the client send user messages, images (URL or base64), and other payloads to https://api.aisa.one/v1. The instructions do not ask for unrelated files or other environment variables, but they do direct potentially sensitive data (prompts, images, function arguments) to an external service — a privacy/data-exposure consideration rather than a technical incoherence.
Install Mechanism
There is no install spec (instruction-only with an included client script). Nothing in the package downloads or executes third-party code beyond the provided Python script, which uses standard library urllib. Low install risk.
Credentials
Only a single credential (AISA_API_KEY) is required and is clearly the primary credential for the gateway — proportional to the described purpose. Note that this one key likely grants broad access and billing to many backend models, so leakage would be impactful.
Persistence & Privilege
The skill does not request always:true, system-wide config changes, or other skills' credentials. It behaves as a normal, user-invocable skill and does not ask for elevated or persistent platform privileges.
Scan Findings in Context
[no_findings_detected] expected: Static pre-scan reported no injection signals. For an instruction-only skill with a provided client script that performs straightforward HTTP calls, the absence of findings is expected.
Assessment
This skill legitimately implements a unified LLM gateway and only needs a single AISA_API_KEY, but keep in mind: using it will send your prompts, any attached images (including base64 data), and function payloads to api.aisa.one (a third party). Do not send passwords, private keys, or highly sensitive PII through this gateway unless you trust the provider and have reviewed their data-retention and privacy policies. Use a dedicated API key, monitor billing/usage, rotate the key if leaked, and test with non-sensitive data first. If you need stronger guarantees (on-prem or contractual data handling), verify the provider (openclaw.ai / marketplace.aisa.one) and their security/privacy documentation before production use.

Like a lobster shell, security has layers — review code before you run it.

latestvk979z0azwapm5x5bx8420nryr180my07

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Binscurl, python3
EnvAISA_API_KEY
Primary envAISA_API_KEY

Comments