ClawHub

OpenClaw Scheduler Token Auditor

v1.0.2

Audit OpenClaw scheduler token usage for cron jobs, scheduled tasks, and heartbeat sessions. Use when the user wants to know which scheduled job is expensive...

1· 92·1 current·1 all-time
by@yueeli
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md describes using OpenClaw cron and session APIs (or the openclaw CLI fallback) to collect run records and usage.total_tokens. Nothing requested (no env vars, no external downloads) looks unrelated to auditing scheduler token usage.
Instruction Scope
Runtime instructions stay on-task: they tell the agent to call cron list/runs and session APIs, to prefer authoritative usage.total_tokens, and to treat heartbeats as bounded when exact usage is absent. There are no instructions to read arbitrary filesystem paths or unrelated environment variables, nor to exfiltrate data to third-party endpoints.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk category. The only fallback is a platform CLI example (openclaw), which is reasonable and not itself an installer.
Credentials
No required env vars or credentials declared. The work described reasonably requires access to OpenClaw scheduler/session records; that is proportional to the auditing purpose. Users should be aware the agent executing the skill will need whatever platform access/permissions are normally required to call those APIs.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes. Autonomous invocation is allowed (default) but not combined with other red flags.
Assessment
This is an instruction-only skill that appears coherent and conservative: it relies on OpenClaw scheduler/session APIs (or the openclaw CLI) and explicitly requires authoritative fields like usage.total_tokens rather than estimating. Before enabling it, confirm that the agent identity you run it under already has read access to scheduler run records and session transcripts — those transcripts can contain sensitive prompt or user data. If you want tighter control, restrict the skill from autonomous invocation or run audits under an account with read-only, minimal-scope permissions. If you need assurance about the specific API calls the agent will make, request the implementation details or a list of concrete endpoints it will call.

Like a lobster shell, security has layers — review code before you run it.

auditvk97et4j1zb40gmewwxfqkd3gzx83d1vwlatestvk97ds8s0mm59p0e90qezmngyc183hmysopenclawvk97et4j1zb40gmewwxfqkd3gzx83d1vw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments