ClawHub

top-coding-models

v1.0.0

Use when user wants benchmark rankings, pricing, token limits, or IDE compatibility info for top 20 agentic coding models. Supports OpenRouter, OpenAI, Anthr...

0· 26·0 current·0 all-time
by@waiyannyeinnaing
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (top coding models, pricing, token limits, IDE compatibility) match the implementation: the script fetches BenchLM leaderboard data and OpenRouter model data and cross-references them. The declared capabilities are proportional to the required actions.
Instruction Scope
SKILL.md directs the agent to run the included Python script and describes network calls only to BenchLM and OpenRouter. The runtime instructions do not ask the agent to read unrelated local files, environment variables, or to transmit data to other endpoints.
Install Mechanism
No install spec is present (instruction-only skill with an included script). There is no remote download or installer; the included Python script runs with standard library urllib, so install risk is low.
Credentials
The skill declares no required environment variables, credentials, or config paths and the code does not read os.environ or other secrets. The SKILL.md gives example provider env var usage (e.g., ANTHROPIC_BASE_URL) but those are illustrative, not required by the script.
Persistence & Privilege
always is false, the skill is user-invocable and does not request permanent presence or modify other skills/system configuration. It performs only outgoing HTTP GETs at runtime.
Assessment
This skill includes a Python script that makes live HTTP GET requests to https://benchlm.ai and https://openrouter.ai to gather model and pricing data. It does not request credentials or access local files. If you are comfortable allowing outgoing requests to those two domains, the skill appears safe and coherent with its stated purpose. If you want extra caution: (1) review the full script locally before running, (2) run it in a restricted environment or with network egress only to the two domains, or (3) inspect any dynamic name-matching results before using them for automated actions (the script uses fuzzy matching which can occasionally map names imperfectly).

Like a lobster shell, security has layers — review code before you run it.

latestvk970p1e3wx6b04xc3pd0dkq8t184edwb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments