ClawHub

Agent Token Sentinel

v1.1.0

Real-time cost & quota guardian for AI Agents. It monitors API usage and automatically kills recursive loops or excessive reasoning to protect your wallet. O...

0· 436·1 current·1 all-time
bySystem Architect Zero@tmstudio667-commits
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The README claims real-time monitoring, loop-killing, quota enforcement and notifications, yet the package declares no binaries, no credentials, no config paths, and contains no code — there is no clear mechanism by which it could perform those actions.
!
Instruction Scope
SKILL.md is high-level marketing text and a single CLI usage example; it provides no runtime instructions for how to observe API usage, kill processes, or send alerts. That vagueness grants broad, undefined discretion to the agent and is scope-creep (it claims powerful runtime actions but doesn't specify the safe, limited steps to do them).
Install Mechanism
No install spec and no code files are present, which minimizes direct on-disk risk. However, absence of an install mechanism also means the skill can't transparently add the plumbing necessary to perform the claimed monitoring.
!
Credentials
No environment variables, credentials, or config paths are requested — yet the functionality would normally require access to agent API keys, usage meters, or process control permissions. This mismatch suggests the skill is incomplete or intentionally vague about required privileges.
Persistence & Privilege
always is false (normal) and the skill is user-invocable. It does not declare persistent system modifications, but because its claimed behavior would require elevated access (to agent runtime or tokens), lack of declared privileges is notable. There is currently no evidence it can actually act autonomously on system processes.
What to consider before installing
This skill reads like a placeholder or marketing stub rather than a working guardian: it promises automatic token/loop control but provides no code, no required credentials, and no concrete runtime instructions. Before installing or relying on it, ask the author for: (1) the implementation (source code) showing how it reads usage metrics and terminates loops, (2) a list of exact permissions or environment variables it needs, and (3) what endpoints it contacts to send alerts. Because it currently lacks transparency, do not treat it as a reliable security control — prefer tools with auditable code, explicit permission requests, and clear install steps. If you must test it, run it in an isolated environment and monitor what the agent actually does (network calls, process control) rather than trusting the description.

Like a lobster shell, security has layers — review code before you run it.

2026vk97bh5kv06702y2vg5h1hqwvrs825geacost-controlvk978ta85gvm99j6npf3af1vdm5828ty0latestvk978ta85gvm99j6npf3af1vdm5828ty0securityvk978ta85gvm99j6npf3af1vdm5828ty0utilityvk978ta85gvm99j6npf3af1vdm5828ty0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

💰 Clawdis

Comments