ClawHub

AI Task Router Auto-Route Prompts by Complexity (Local/Cloud)

v1.0.0

Regex-based routing sends simple tasks to local AI, medium to mid-tier, complex to premium — saving 60%+ on API costs.

0· 408·4 current·4 all-time
byShadow Rose@theshadowrose
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description say regex routing by complexity and the code implements that: pattern table, route(message) logic, add/remove/export rules. There are no unrelated environment variables, binaries, or install steps requested.
Instruction Scope
SKILL.md and src/task-router.js confine behavior to local routing decisions. The only scope risk is that config.customRules are accepted and compiled into RegExp at construction time (new RegExp(rule.pattern,...)) — loading untrusted pattern strings can cause runtime exceptions or ReDoS (catastrophic backtracking) if patterns are malicious or poorly written. Otherwise the instructions do not read OS files, env vars, or transmit data.
Install Mechanism
No install spec (instruction-only plus a small JS module). Nothing is downloaded or written to disk by an installer; risk from install mechanism is minimal.
Credentials
The skill declares no required env vars, no primary credential, and the code does not reference process.env or other credentials. Requested privileges are proportionate to a routing library.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. It exposes exportRules/getRules for local config management only.
Assessment
This skill appears to do what it claims: local regex-based routing with no external calls or credential requests. Before installing, consider: 1) The author/source is unknown and there's no homepage — verify the source or run in a sandbox. 2) If you accept customRules from untrusted users, malicious or poorly written regexes can crash the process or cause ReDoS; validate or sandbox user-supplied patterns. 3) Test routing behavior on representative prompts so sensitive requests aren't accidentally sent to cheaper models; tune rules and overrides (context.forceModel) accordingly. 4) Keep backups of any config you persist and run in a controlled environment if you rely on it for production routing.

Like a lobster shell, security has layers — review code before you run it.

auto-routingvk9750et2pa3mw14me92sm81fpn82s9bxcomplexity-detectionvk9750et2pa3mw14me92sm81fpn82s9bxcost-optimizationvk9750et2pa3mw14me92sm81fpn82s9bxlatestvk9750et2pa3mw14me92sm81fpn82s9bxollamavk9750et2pa3mw14me92sm81fpn82s9bxsmart-dispatchvk9750et2pa3mw14me92sm81fpn82s9bxtask-routingvk9750et2pa3mw14me92sm81fpn82s9bx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments