← Back to Skills Marketplace
kr1json

ai-quota-check

by kr1json · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
2382
Downloads
2
Stars
10
Active Installs
2
Versions
Install in OpenClaw
/install ai-quota-check
Description
**DEFAULT quota checker** - Use this skill FIRST when user says '쿼타', '쿼터', 'quota', '쿼타확인', '쿼터확인', or asks about quotas. Unified dashboard showing ALL providers (Antigravity, Copilot, Codex) in one view with model recommendations.
README (SKILL.md)

\r \r

ai-quota-check\r

\r Unified quota monitor and intelligent model recommender for all providers.\r \r

Output Instructions\r

\r IMPORTANT: When executing this skill, display the script output EXACTLY as-is in markdown format. Do NOT summarize or rephrase the output. The script produces a formatted dashboard that should be shown directly to the user.\r \r Example execution:\r

node skills/ai-quota-check/index.js --current-model="\x3Ccurrent_model_name>"\r
```\r
\r
Then copy the entire output and send it as your response.\r
\r
## Features\r
\r
1. **Provider Login Check** - Detects which providers are logged in\r
2. **Unified Quota Dashboard** - Antigravity + Copilot + OpenAI Codex\r
3. **Task-based Recommendations** - Optimal model selection with fallback\r
4. **Reset Detection** - Identifies models ready for ping (new cycle)\r
5. **Risk Level Info** - Warns about weekly caps and lockout risks\r
\r
## Usage\r
\r
```bash\r
# Full dashboard\r
node skills/ai-quota-check/index.js\r
\r
# Specific task recommendation\r
node skills/ai-quota-check/index.js --task=coding\r
node skills/ai-quota-check/index.js --task=reasoning\r
```\r
\r
## Model Routing Rules\r
\r
### Coding / Debugging\r
| Priority | Model | Fallback Condition |\r
|----------|-------|-------------------|\r
| 1st | `openai-codex/gpt-5.3-codex` | - |\r
| 2nd | `openai-codex/gpt-5.2-codex` | Primary \x3C 20% |\r
| 3rd | `google-antigravity/gemini-3-pro-high` | All above \x3C 20% |\r
\r
### Complex Reasoning / Analysis\r
| Priority | Model | Fallback Condition |\r
|----------|-------|-------------------|\r
| 1st | `google-antigravity/claude-opus-4.6-thinking` | - |\r
| 2nd | `github-copilot/claude-4.6-opus` | Primary \x3C 20% |\r
| 3rd | `github-copilot/claude-3.5-opus` | If 4.6 unavailable |\r
| 4th | `openai-codex/gpt-5.3` | All above \x3C 20% |\r
| 5th | `openai-codex/gpt-5.2` | Last fallback |\r
\r
## Fallback Threshold\r
\r
Default: **20%** - Switches to fallback when primary drops below this.\r
\r
## Cron Integration\r
\r
This skill is designed to be called periodically via Cron for:\r
- Quota monitoring\r
- Reset detection (ping optimization)\r
- Automatic model switching recommendations\r
Usage Guidance
Before installing or running this skill: 1) Inspect the code (index.js) to confirm exactly which files it reads — it looks at ~/.openclaw/agents/main/agent/auth-profiles.json and ~/.codex/sessions/*.jsonl and will try to call provider APIs. 2) Open the auth-profiles.json file to see what tokens/emails it contains — if it stores provider API keys or session tokens you consider sensitive, do not run the script in a production environment. 3) Because SKILL.md instructs the agent to paste script output verbatim, run the script yourself in a sandbox or container first (node index.js) and inspect the output for leaked tokens or private data. 4) If you still want to use it, consider removing or redacting access to auth-profiles.json or running the skill under an account that has no stored tokens, or modify the script to only surface aggregated quota numbers (not raw profiles). 5) If anything in the auth file seems unrelated to quota checking (credentials for unrelated services), treat that as a stronger warning and avoid installing. Additional information that would change this assessment: explicit registry declaration that the skill needs and will read those config files, or a version of the script that only requests tokens via explicit, user-provided environment variables rather than reading agent auth files.
Capability Analysis
Type: OpenClaw Skill Name: ai-quota-check Version: 1.0.1 The skill is classified as suspicious due to the use of `child_process.execSync` in `index.js` and a prompt injection instruction in `SKILL.md`. While `execSync` is currently used with hardcoded, seemingly benign commands (`codex exec` and `sleep`) for refreshing local quota data, it is a powerful primitive that introduces a significant risk of shell injection if the command string were ever to incorporate unsanitized user input. Additionally, `SKILL.md` explicitly instructs the OpenClaw agent to "display the script output EXACTLY as-is," which is a prompt injection vector, bypassing the agent's potential summarization or filtering and allowing any malicious output from the script to be directly presented or acted upon by the agent. The skill also accesses sensitive local files (`~/.openclaw/agents/main/agent/auth-profiles.json`, `~/.codex/sessions/`) but does not show evidence of exfiltration.
Capability Assessment
Purpose & Capability
The skill's code implements a unified quota checker (Antigravity, Copilot, Codex) and model routing as described. Requiring the 'codex' binary and calling provider APIs is consistent with the stated functionality. However, the skill also reads the agent's local auth-profiles and Codex session files (to infer login status and quotas), which is reasonable for a local quota checker but was not declared in the skill's metadata/requirements.
Instruction Scope
SKILL.md instructs the agent to run the bundled script and display its output EXACTLY as-is. The code reads local files (~/.openclaw/agents/main/agent/auth-profiles.json and ~/.codex/sessions/*) and runs 'codex exec' — these file reads and commands are not called out in the SKILL.md or the registry metadata. Requiring the agent to relay raw script output increases the risk of unintentionally exposing sensitive data present in those outputs.
Install Mechanism
There is no install spec (instruction-only with included code). No remote downloads or archive extraction are performed by the skill itself. This is a lower install risk; the skill relies on local 'node' and 'codex' binaries which are reasonable for its task.
Credentials
Registry metadata lists no required config paths or credentials, yet the code reads the user's OpenClaw agent auth file and Codex session files in the home directory — files that likely contain provider tokens/credentials. The skill will use those tokens to call provider APIs. Accessing other skills'/agent auth files is sensitive and should have been declared; the lack of declared config requirements is a mismatch and disproportionate to what was advertised.
Persistence & Privilege
The skill does not set always:true and does not persist changes, which is good. However, it reads another skill/agent's auth file (agent/auth-profiles.json), giving it read access to possibly many provider tokens. While not persistent, this one-time read is a high-privilege action relative to the advertised capability and should have been explicitly declared and justified.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ai-quota-check
  3. After installation, invoke the skill by name or use /ai-quota-check
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Updated model routing rules for both coding/debugging and complex reasoning tasks. - Added new model versions (e.g., gpt-5.3-codex, claude-opus-4.6-thinking). - Expanded fallback options and clarified conditions for each model. - No code changes; documentation updated to reflect new model recommendations and flows.
v1.0.0
ai-quota-check 1.0.0 - Initial release of unified quota checker for Antigravity, Copilot, and OpenAI Codex. - Provides a dashboard view of all providers’ quotas and login status. - Recommends optimal models for coding and reasoning tasks, with smart fallback based on quota levels. - Warns about approaching quota caps and potential account lockouts. - Designed for both manual checks and automated cron-based monitoring.
Metadata
Slug ai-quota-check
Version 1.0.1
License
All-time Installs 11
Active Installs 10
Total Versions 2
Frequently Asked Questions

What is ai-quota-check?

**DEFAULT quota checker** - Use this skill FIRST when user says '쿼타', '쿼터', 'quota', '쿼타확인', '쿼터확인', or asks about quotas. Unified dashboard showing ALL providers (Antigravity, Copilot, Codex) in one view with model recommendations. It is an AI Agent Skill for Claude Code / OpenClaw, with 2382 downloads so far.

How do I install ai-quota-check?

Run "/install ai-quota-check" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is ai-quota-check free?

Yes, ai-quota-check is completely free (open-source). You can download, install and use it at no cost.

Which platforms does ai-quota-check support?

ai-quota-check is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created ai-quota-check?

It is built and maintained by kr1json (@kr1json); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 Comments