ClawHub

Openclaw Cache Kit

v1.1.1

Automatically apply Claude prompt caching optimizations to OpenClaw. Reduces API costs by up to 89% via cacheRetention long, 59-minute heartbeat, cache-ttl p...

2· 868·1 current·1 all-time
byTomas@lifeissea
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's purpose (apply OpenClaw caching optimizations) matches the actions in the scripts: it patches ~/.openclaw/openclaw.json, enables cache-related settings, enables cache tracing, and restarts the openclaw gateway. However the registry metadata lists no required binaries or config paths even though the scripts require the openclaw CLI and python3 and operate on $HOME/.openclaw/openclaw.json; that mismatch is an incoherence in the manifest.
Instruction Scope
Instructions and scripts are narrowly scoped to OpenClaw configuration and local logs: they back up and overwrite the user's openclaw.json, restart the gateway, and write/consume ~/.openclaw/logs/cache-trace.jsonl. There is no network exfiltration or external endpoints called. One flag of note: the script sets diagnostics.cacheTrace.includeSystem = true; while includeMessages/includePrompt are set false, includeSystem may capture system-level metadata (e.g., environment or runtime details) depending on OpenClaw's logging schema—that could expose more than just cache metrics, so inspect what 'includeSystem' logs contain before enabling.
Install Mechanism
No install/download steps; this is instruction-only with local shell/Python scripts. No remote code fetches or extracted archives are performed, which keeps install risk low.
!
Credentials
The scripts rely on (but the registry does not declare) the openclaw CLI, python3, and use config/log paths under $HOME/.openclaw (OPENCLAW_CONFIG, OPENCLAW_CACHE_LOG can be overridden via env). The absence of declared required binaries/config paths in the manifest is a proportionality/metadata issue. The scripts do not request secrets or external credentials.
Persistence & Privilege
The skill does modify a local application config and restarts the local gateway, which requires file-write and process control privileges for that service—these are expected for a config patching tool. It does not request permanent 'always: true' inclusion or modify other skills' configs.
What to consider before installing
What to check before running: - Verify the scripts on a non-production or test host first. They will overwrite $HOME/.openclaw/openclaw.json (a backup is made under $HOME/.openclaw/backups). - Ensure the openclaw CLI and python3 are present (apply.sh will abort otherwise). The skill metadata did not declare these requirements—this is an omission. - Inspect what OpenClaw writes into diagnostics.cacheTrace when includeSystem is true; confirm it does not capture sensitive host or environment data you don’t want logged. Consider changing includeSystem to false if uncertain. - Review the backup file before restoring or rolling out changes at scale. - Run bash scripts/check-savings.sh against a copy of the log file to validate calculations; logs are read locally from ~/.openclaw/logs/cache-trace.jsonl (or the OPENCLAW_CACHE_LOG env override). - Because the manifest omitted declared requirements, proceed cautiously and prefer manual application or a dry-run until you confirm precisely what will be logged and changed.

Like a lobster shell, security has layers — review code before you run it.

latestvk9784r1mrtfskkg6qncfj593dn81vw0g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments