Ai Model Router V2
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: ai-model-router-v2 Version: 1.1.0 The skill bundle implements a model routing utility designed to switch between local and cloud AI models based on task complexity and privacy requirements. The code in 'skill/core/router.py' and 'skill/modules/detector.py' is well-structured, lacks dangerous execution sinks (such as eval or subprocess), and performs only read-only operations on standard local configuration paths (e.g., ~/.ollama). The privacy detection feature is a security benefit, as it identifies sensitive patterns like API keys and passwords to ensure they are processed locally rather than sent to cloud providers.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Complex prompts may be handled by a cloud model if the agent uses the selected route and the privacy detector does not match the content.
The skill intentionally routes complex tasks to a secondary/cloud-capable model while forcing detected private data to primary/local. This is the stated purpose, but users should know that non-detected sensitive content could still be treated as a cloud-routable complex task.
Complex? → Secondary (capable) Private? → Primary (forced)
Use --force primary or configure the primary model for work that must remain local; do not rely on regex privacy detection as the only privacy control.
If cloud model invocation is enabled elsewhere, provider credentials may be needed even though they are not declared as required metadata.
The fallback registry includes a cloud model that is marked as requiring an API key, while the registry metadata declares no required credential. The provided code does not show the key being read or transmitted, so this is an optional integration note rather than a credential-handling concern.
Model("anthropic:claude-haiku-4", "Claude Haiku 4", "Anthropic", "cloud", 3, 60, requires_api_key=True, api_key_env="ANTHROPIC_API_KEY")Before enabling cloud routing, confirm which provider credentials the agent will use and keep credentials scoped to the intended model provider.
A user following the quick-start exactly could install a different skill than the one being reviewed.
The evaluated registry slug is ai-model-router-v2, but the documentation instructs installation of ai-model-router. This mismatch can confuse provenance or cause a user to install a different package, although it is user-directed and not automatically executed.
npx clawhub@latest install ai-model-router
Use the exact reviewed registry slug when installing, and maintainers should align the SKILL.md, package.json, and registry metadata.
Short excerpts of prompts can remain on disk and may include sensitive information if the detector misses it or if context tracking is called directly.
The context manager saves truncated message content to a local contexts.json file for conversation tracking. This is aligned with the disclosed context-tracking feature, but it creates persistent local memory.
"content": content[:200], # Truncate for storage
Disable context tracking for sensitive work if possible, periodically review/delete ~/.model-router/contexts.json, and avoid placing secrets in prompts.