ClawHub

Reivo

v0.4.4

Track AI agent costs in real-time, set budget limits, and auto-detect runaway loops. Smart routing reduces costs 40-60%. Works with OpenAI, Anthropic, and Go...

1· 117·0 current·0 all-time
by@tazsat0512
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (cost tracking, budgeting, routing) match the declared requirement (REIVO_API_KEY) and the runtime behavior (calls to app.reivo.dev and proxy.reivo.dev). Required binaries (curl, node) are reasonable given the provided curl examples and Node scripts. No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md explicitly instructs routing provider API calls through Reivo's proxy endpoints and shows curl examples using REIVO_API_KEY to query the Reivo dashboard. This is consistent with the stated purpose, but it means end‑user prompts/requests will traverse a third party — the skill claims only metadata is stored, which is a privacy assertion the user should verify independently.
Install Mechanism
There is no download/install spec; the skill is instruction-driven and includes local Node scripts. No remote archives or obscure URLs are fetched during install. package.json has no dependencies and tests mock fetch; nothing in the manifest indicates an elevated install risk.
Credentials
Only REIVO_API_KEY is required (declared as primaryEnv). No unrelated secrets or config paths are requested. The number and type of env variables are proportionate to a hosted proxy/dashboard service.
Persistence & Privilege
Skill is not forced always:true and uses the platform default of allowing model invocation. That normal autonomous invocation combined with access to a single service API key is expected for this use case. The main privilege implication is that if you route provider calls through the proxy you are entrusting Reivo with live request metadata (and possibly transit of prompt content).
Assessment
This skill appears to do what it says: manage budgets and route requests through Reivo's proxy using a single REIVO_API_KEY. Before installing, consider the privacy/trust tradeoff: routing LLM API calls through proxy.reivo.dev means your agent's requests (and potentially prompt content) will transit a third party — verify Reivo's privacy policy and the open-source guardrail repo if you need guarantees. Use limited-scope or project-scoped provider keys as recommended, test with non-sensitive prompts first, and confirm the REIVO_API_KEY you receive matches the documented format (rv_...). Note: the registry describes the skill as instruction-only but the package includes Node scripts—if you plan to run any included scripts locally, review them (they call only app.reivo.dev and proxy.reivo.dev). If you need zero third‑party transit, consider self‑hosting the open-source reivo-guard instead.

Like a lobster shell, security has layers — review code before you run it.

agent-safetyvk97af7ze6h76h1x60w81hd0q2h83njynbudgetvk97af7ze6h76h1x60w81hd0q2h83njyncost-optimizationvk97af7ze6h76h1x60w81hd0q2h83njynlatestvk97d1s8r9khhmzbwzg8jd09p0s844y95llmvk97af7ze6h76h1x60w81hd0q2h83njynproxyvk97af7ze6h76h1x60w81hd0q2h83njynroutingvk97af7ze6h76h1x60w81hd0q2h83njyn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💰 Clawdis
OSmacOS · Linux
Binscurl, node
EnvREIVO_API_KEY
Primary envREIVO_API_KEY
Environment variables
REIVO_API_KEYrequiredReivo API key (starts with rv_). Get one free at https://reivo.dev

SKILL.md

Reivo — AI Agent Cost Optimizer

You are now equipped with Reivo, a cost optimization and protection layer for AI API calls.

What Reivo Does

Reivo is a transparent proxy that sits between your agent and the LLM provider. It:

  • Routes to cheaper models — analyzes each request and picks the cheapest model that delivers the same quality (40-60% cost reduction)
  • Tracks costs per session, agent, and model in real-time
  • Enforces budget limits — blocks requests when spending exceeds the limit
  • Detects runaway loops — auto-stops agents stuck in infinite loops (hash match + TF-IDF cosine similarity)
  • Anomaly detection — EWMA-based spike detection flags abnormal usage patterns
  • Graceful degradation — 4-level progressive response (normal → aggressive routing → new sessions only → blocked)
  • Sends Slack alerts — budget warnings, loop detection, and anomaly notifications

The guardrail engine is open source: reivo-guard (TypeScript + Python).

Configuration

The user's Reivo API key is available as $REIVO_API_KEY.

Proxy base URLs (use these instead of direct provider URLs):

  • OpenAI: https://proxy.reivo.dev/openai/v1
  • Anthropic: https://proxy.reivo.dev/anthropic/v1
  • Google: https://proxy.reivo.dev/google/v1beta

Dashboard: https://app.reivo.dev

Available Commands

When the user asks about costs, budgets, or Reivo, use the following:

Check Costs

When the user asks "how much am I spending?", "show costs", "cost report", or similar:

curl -s -H "Authorization: Bearer $REIVO_API_KEY" \
  "https://app.reivo.dev/api/v1/overview?days=7"

Present the response as:

  • Total spend for the period
  • Daily cost breakdown (as a simple text chart)
  • Top models by cost
  • Request count

Check Defense Status

When the user asks "budget status", "am I safe?", "loop status", or similar:

curl -s -H "Authorization: Bearer $REIVO_API_KEY" \
  "https://app.reivo.dev/api/v1/defense-status"

Present as:

  • Budget: $X.XX / $Y.YY (Z%) with visual progress bar
  • Loops detected: N today, N this week
  • Requests blocked: N today, N this week

Get Optimization Tips

When the user asks "how can I save?", "optimization tips", "reduce costs", or similar:

curl -s -H "Authorization: Bearer $REIVO_API_KEY" \
  "https://app.reivo.dev/api/v1/optimization"

Present each tip with severity, description, and estimated savings. Tips include:

  • Prompt caching — duplicate prompts that could use caching
  • Max tokens waste — requests using <20% of their max_tokens budget
  • Unused tools — tool definitions sent but never called

Set Budget

When the user says "set budget to $50", "limit spending", or similar:

curl -s -X POST \
  -H "Authorization: Bearer $REIVO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"budgetLimitUsd": 50}' \
  "https://app.reivo.dev/api/v1/settings"

Confirm the budget was set and explain that requests will be blocked once the limit is reached.

Clear Budget

When the user says "remove budget", "clear limit", or similar:

curl -s -X POST \
  -H "Authorization: Bearer $REIVO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"budgetLimitUsd": null}' \
  "https://app.reivo.dev/api/v1/settings"

Set Routing Mode

When the user says "aggressive mode", "quality mode", or "change routing":

curl -s -X POST \
  -H "Authorization: Bearer $REIVO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"routingMode": "aggressive"}' \
  "https://app.reivo.dev/api/v1/settings"

Modes: aggressive (maximize savings), balanced (default), quality (prefer original model).

Configure Slack Notifications

When the user says "set up Slack", "notify me on Slack", or similar:

curl -s -X POST \
  -H "Authorization: Bearer $REIVO_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"slackWebhookUrl": "https://hooks.slack.com/services/..."}' \
  "https://app.reivo.dev/api/v1/settings"

Manage Provider API Keys

Provider keys should be managed via the dashboard for security:

Add or rotate provider keys at: https://app.reivo.dev/settings

Keys are encrypted at rest and never exposed in API responses (shown masked, e.g. sk-abc1...xyz9). For maximum security, create limited-scope or project-scoped keys dedicated to Reivo.

To list currently configured keys:

curl -s -H "Authorization: Bearer $REIVO_API_KEY" \
  "https://app.reivo.dev/api/v1/provider-keys"

View Agent Breakdown

When the user asks "which agent costs the most?", "cost by agent", or similar:

curl -s -H "Authorization: Bearer $REIVO_API_KEY" \
  "https://app.reivo.dev/api/v1/agents?days=30"

Present agent-by-agent and model-by-model cost breakdown.

Monthly Report

When the user asks "monthly report", "this month's spending", or similar:

curl -s -H "Authorization: Bearer $REIVO_API_KEY" \
  "https://app.reivo.dev/api/v1/overview?days=30"

Open Dashboard

When the user says "open dashboard", "show dashboard", or "I want more detail":

Reivo Dashboard: https://app.reivo.dev

Sign in to see interactive cost charts, session replays, loop detection history, and optimization recommendations.

Setup Instructions

If the user hasn't set up Reivo yet, guide them:

  1. Sign up at https://app.reivo.dev
  2. Generate an API key in Settings (format: rv_...)
  3. Set the environment variable: 
    export REIVO_API_KEY="rv_your_key_here"
  4. Add provider keys via the dashboard at https://app.reivo.dev/settings (recommended for security — keys are encrypted at rest)
  5. Route API calls through the proxy by changing the base URL in your provider config.

For OpenClaw specifically, update the provider configuration:

{
  "providers": [
    {
      "name": "openai",
      "apiKey": "${REIVO_API_KEY}",
      "baseUrl": "https://proxy.reivo.dev/openai/v1"
    },
    {
      "name": "anthropic",
      "apiKey": "${REIVO_API_KEY}",
      "baseUrl": "https://proxy.reivo.dev/anthropic/v1"
    }
  ]
}

The proxy forwards your requests to the real provider using the provider key you registered. Your original API keys never leave the Reivo server.

Self-Hosted Guardrails

Want guardrails without the proxy? Use reivo-guard directly:

pip install reivo-guard    # Python
npm install reivo-guard    # TypeScript

reivo-guard provides budget enforcement, loop detection, anomaly detection, and more — all open source (MIT). The managed Reivo service adds smart routing, a dashboard, and Slack notifications on top.

What Reivo does NOT store

  • Prompt or completion content (forwarded and discarded)
  • Conversation history
  • Raw API keys in the database (encrypted at rest, decrypted only during proxying)

Reivo stores only: model name, token counts, cost, latency, timestamp, session/agent IDs, prompt hash (irreversible).

Behavior Guidelines

  • Always show costs in USD with 2 decimal places
  • When budget is over 80%, proactively warn the user
  • If an API call fails with 429 from Reivo proxy, explain it's a budget block (not rate limiting)
  • Never expose the full API key in output — show only rv_...xxxx (last 4 chars)
  • Suggest the dashboard for detailed analysis beyond what the API provides

Files

20 total
Select a file
Select a file to preview.

Comments

Loading comments…