Upstage Solar Delegation
PassAudited by ClawScan on May 6, 2026.
Overview
This instruction-only skill is coherent for delegating long responses to Upstage/OpenRouter, but users should understand that prompts may be sent to an external model and API keys/config settings are involved.
This skill appears purpose-aligned and has no code or install script, so the main considerations are privacy and account control. Install it only if you are comfortable sending longer prompts or chat context to Upstage/OpenRouter, use a dedicated API key with spending limits where possible, and review which sessions are enabled for delegation.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You may need to provide an Upstage or OpenRouter API key, which can incur costs and grants access to that provider account according to the key's scope.
The skill depends on provider API keys for its core function, while the registry requirements list no required env vars. This appears purpose-aligned, but users should notice the credential requirement.
| **Upstage Direct** | `solar-pro3` | `UPSTAGE_API_KEY` | Direct Upstage API call (recommended) | ... | **Via OpenRouter** | `openrouter/upstage/solar-pro-3` | `OPENROUTER_API_KEY` | Call through OpenRouter |
Use a dedicated API key with the minimum necessary permissions or spend limits, store it in a secrets mechanism where possible, and monitor provider usage.
Long prompts, conversation context, or messenger content may be processed by an external model provider when delegation is enabled.
The skill intentionally sends task context and writing instructions to a spawned Solar Pro3 session, which may route content to Upstage or OpenRouter.
If enabled and estimate >= threshold, run `sessions_spawn` with Solar Pro3.
Enable delegation only in sessions where external model processing is acceptable, avoid sending secrets or highly sensitive content, and review the provider's data handling terms.
A configuration change could make future long responses in selected sessions use Solar automatically until changed again.
The skill can persist delegation policy changes that affect later behavior, including which sessions delegate to the external model.
Users may request: threshold changes ... session enable/disable ... Apply updates to persistent memory/config used by your environment.
Keep delegation settings explicit, review which sessions are enabled, and document how to disable or reset the policy.
There is limited external provenance information to verify the publisher or documentation origin.
The package has no stated source or homepage. Because it is instruction-only with no install script or code files, this is a provenance note rather than a concrete unsafe behavior.
Source: unknown; Homepage: none
Review the included SKILL.md and setup guide before installing, and prefer known publishers for skills that handle credentials or provider configuration.