OpenClaw Vertex Credit-Safe Setup
Safely configure Google Vertex AI for a fresh OpenClaw setup using a Google Cloud project, service-account JSON auth, minimal-cost verification, and explicit...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 2 · 0 current installs · 0 all-time installs
by@ztl970
MIT-0
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (safe Vertex AI setup, service-account JSON, minimal-cost verification) match the SKILL.md and reference checklist. Requested inputs (project ID, billing confirmation, service-account JSON path, permission to inspect OpenClaw config) are reasonable for this purpose and not excessive.
Instruction Scope
SKILL.md instructs the agent to 'audit the current machine state' and check for old ADC state, old API keys, and OpenClaw config entries. Those actions are consistent with safe setup, but 'audit the machine' is somewhat open-ended — the skill should explicitly constrain which files/paths/commands it will read/run and require user confirmation before accessing sensitive files. It does request explicit permission to inspect config files, which is good.
Install Mechanism
There is no install spec and no code files executed; this is instruction-only, so nothing will be downloaded or written by an installer. Low install risk.
Credentials
The skill does not declare or require any environment variables or external credentials in the registry metadata. The only sensitive artifact it legitimately needs is a service-account JSON file (user-supplied path) and a project ID/billing confirmation — these are proportionate to configuring Vertex AI.
Persistence & Privilege
Flags are default (always:false, agent invocation allowed). The skill does instruct changing OpenClaw model routing/config, which is within scope for setup, but it does not request permanent elevated privileges or attempt to modify other skills or system-wide agent settings.
Assessment
This skill appears coherent for safely configuring Vertex AI and deliberately asks for a service-account JSON path and permission to inspect OpenClaw config — both reasonable for first-time setup. Before running it: 1) Confirm you trust the skill source (no homepage/source provided). 2) Provide the minimal-privilege service account (least privilege) and use a test project if possible. 3) Ask the agent to list exactly which files/paths and commands it will inspect and require your explicit approval before each sensitive read. 4) Back up existing OpenClaw config before allowing changes and verify the single tiny test request result and billing lines in the Cloud Console yourself. If you prefer more control, perform the read/check steps manually rather than granting broad 'audit the machine' permission.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
OpenClaw Vertex Credit-Safe Setup
Use this skill when a user wants to configure Google Vertex AI for OpenClaw from scratch and wants to minimize billing mistakes.
Goal
Set up Vertex AI in a way that:
- uses a Google Cloud project
- uses Vertex AI, not Gemini API direct access
- prefers service-account JSON for first-time setup
- keeps model routing on
google-vertex/... - validates with one tiny request before wider use
- explicitly checks billing / credits after the test
Use this skill when
- the machine is a fresh or mostly fresh OpenClaw setup
- the user wants to use Google free credits or trial credits safely
- the user is unsure whether to use ADC, API keys, or service accounts
- the user wants a repeatable first-time setup process
- the user wants to avoid accidental extra spend from the wrong provider path
Required inputs
- target Google Cloud project ID
- confirmation that billing / credits are attached to that project
- a local path where a service-account JSON file may be stored
- permission to inspect current OpenClaw config files
Workflow
- Audit the current machine state.
- Confirm the target Google Cloud project and billing intent.
- Prefer a new service-account JSON path for first setup.
- Configure OpenClaw to use only
google-vertex/...models for this setup. - Run one minimal test request.
- Tell the user exactly what to check in Google Cloud Billing.
- Only after billing looks correct should broader rollout happen.
Guardrails
- Do not present Gemini API direct setup as equivalent to Vertex AI setup.
- Do not say setup is complete before the minimal test.
- Do not say billing is correct unless the user checks the billing console.
- Do not reuse ambiguous old auth state without stating it.
- Do not broaden rollout across many agents until the tiny test is confirmed.
Preferred first-time auth path
For first-time setup, prefer:
- Google Cloud project
- Vertex AI API enabled
- dedicated service account
- dedicated service-account JSON file
Do not default to:
- Gemini API key
- mixed
google/...andgoogle-vertex/...models - unclear old ADC state
- “it worked once on this machine” assumptions
Model routing rules
When configuring models, keep them on the Vertex provider path only:
google-vertex/gemini-3.1-pro-previewgoogle-vertex/gemini-3-pro-previewgoogle-vertex/gemini-2.5-progoogle-vertex/gemini-2.5-flash
Do not silently substitute:
google/...- Gemini API direct routes
- partner-model assumptions when the user explicitly wants the safest likely credit-covered path
Required report format
Return:
- current machine state
- current Google path in use
- target project
- auth method
- JSON path
- configured
google-vertex/...models - minimal test result
- billing checks to perform next
Reference
For a compact checklist, read references/vertex-first-setup-checklist.md.
Files
3 totalSelect a file
Select a file to preview.
Comments
Loading comments…