ClawHub

OpenClaw Model Router Skill

v0.2.1

Deterministic model routing for OpenClaw with prefix routing (@codex/@mini), timezone-aware schedule switching, verify-after-switch, rollback, lock protectio...

0· 625·3 current·3 all-time
byTianqu@vulcanusalex
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description map to code and configs: prefix routing, schedule file, switch/verify/rollback flow, lock file and JSONL logging. The files and CLI implement exactly these features; required binaries and envs are configurable and default to safe values in the provided router.config.json.
Instruction Scope
SKILL.md commands and runbook instruct running the included CLI (node src/cli.js) and manipulating local config/schedule/log files. Runtime instructions do not request unrelated system data or external endpoints. They do call a local session controller binary (default 'openclaw') to query/set the active model, which is consistent with a model router.
Install Mechanism
No install spec (instruction-only distribution) — code is included in the package and intended to be run with node. No downloads or external installers are invoked. This is low risk given the code is present in the skill bundle and not fetched from arbitrary URLs.
Credentials
By default router.config.json.auth.requiredEnv is empty so no credentials are required. The code supports an auth.requiredEnv list which, if populated, will cause the CLI to check for those environment variables before switching. That's reasonable for an auth gate, but if you populate requiredEnv you should ensure only the needed secrets are present. Child processes inherit process.env when execFile is used, so any env secrets present will be visible to the invoked session-controller binary.
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or global agent configuration. It writes local lock and log files and reads local config/schedule files — behavior expected for a scheduler/router.
Assessment
This skill appears coherent and implements a local model router. Before installing or running in production: 1) Review router.config.json and router.schedule.json — confirm sessionController.binary points to a trusted binary (default 'openclaw') and that set/status args are correct. 2) If you populate auth.requiredEnv, only include the minimum secrets required and verify where those env vars are set. Child processes inherit process.env, so environment secrets will be exposed to the invoked binary. 3) The CLI writes lock and JSONL log files in the working directory by default; ensure file paths and rotation meet your operational policies. 4) Do not point sessionController.binary to an arbitrary or untrusted executable; that would let the skill run arbitrary commands. If you want extra assurance, run the tool in an isolated/test environment and audit the invoked binary's behavior before giving it access to production credentials or systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk976brh626a8gxb4wmpf8ddkhd820gx9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments