← Back to Skills Marketplace
cnoder-wgh

openviking-token-saver

by cnoder-wgh · GitHub ↗ · v2.2.0 · MIT-0
cross-platform ⚠ suspicious
312
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install openviking-token-saver
Description
OpenViking context database for AI agents — layered context loading (L0/L1/L2), semantic search, file-system memory management. Use when: (1) setting up Open...
Usage Guidance
This skill appears to implement an on-device context DB and token-tracking wrapper for OpenViking — its high-level claims match the code. Before installing, consider: (1) Review scripts (install.sh, setup-config.sh, viking.py) yourself — they will create ~/.openviking, a venv, and write ov.conf containing any API key you provide. (2) Avoid piping unknown remote scripts to bash; the optional Rust CLI installer uses a curl|bash pattern — prefer reviewing that script first or installing via cargo when possible. (3) Be careful which local paths you add: the CLI can read any files you point it at and will send their contents to the configured embedding/VLM providers, so do NOT add sensitive directories (password stores, SSH keys, private data) unless you understand and accept the risk. (4) Backup your shell rc (~/.zshrc/.bashrc) before running install.sh because it may append environment exports. (5) Consider running the skill in an isolated environment or VM, and inspect ~/.openviking/ov.conf after setup to confirm API endpoints and keys. If you need additional assurance, ask the author for a signed release or a pinned package version for openviking and avoid using the curl|bash installer.
Capability Analysis
Type: OpenClaw Skill Name: openviking-token-saver Version: 2.2.0 The skill bundle implements a context management system but utilizes several high-risk installation and configuration patterns. Specifically, 'scripts/install.sh' employs a 'curl | bash' pattern to execute a remote script from GitHub and modifies user shell configuration files (.zshrc/.bashrc) to persist environment variables. The 'scripts/setup-config.sh' script collects sensitive API keys and stores them in a local configuration file (~/.openviking/ov.conf). While these behaviors are functionally aligned with the stated purpose of integrating the OpenViking database, they constitute significant security risks and potential vulnerabilities (e.g., plaintext credential storage and unauthorized shell modification). Additionally, 'scripts/viking.py' contains a hardcoded absolute path in its shebang (/Users/wuguanhua/...), which is a functional flaw.
Capability Assessment
Purpose & Capability
Name/description, CLI wrapper (viking.py), and scripts all implement a local OpenViking context database, layered loading (L0/L1/L2), semantic search, and token tracking. The requested artifacts (install/setup scripts, venv, ov.conf) are consistent with that purpose.
Instruction Scope
Runtime instructions and viking.py operate on user-supplied local paths and URLs (add <path_or_url>), persist session stats (~/.openviking/session_stats.json) and configuration (~/.openviking/ov.conf), and will send document contents to the configured embedding/VLM provider. That means the skill can read arbitrary local files (if given paths) and transmit their contents to external APIs — behavior coherent with a context DB but creating a data-exfiltration risk if misused. The scripts also suggest running background servers and using venv binaries under ~/.openviking. SKILL.md includes explicit examples using home directories and hardcoded venv paths.
Install Mechanism
There is no packaged install spec — installation is via included shell scripts. The optional Rust CLI install uses curl -fsSL https://raw.githubusercontent.com/.../install.sh | bash (piped installer), which executes remote code; while hosted on GitHub raw (a known host), piping to shell is higher-risk. The Python dependency is installed via pip (openviking) without pinned versions; the scripts create a venv under $HOME/.openviking and write files there. Copying the skill into detected global OpenClaw skill directories requires filesystem writes in privileged locations (may need sudo in some installs).
Credentials
The skill does not declare required env vars in metadata, but the interactive setup asks for an API key and writes it into ~/.openviking/ov.conf (plain JSON). That API key is used for both VLM and embedding providers; requesting that API key is proportionate to the skill's purpose. However, storing keys in plaintext config and using them to transmit local document contents to third-party services is sensitive — only supply keys for providers you trust and review the ov.conf file before use.
Persistence & Privilege
The install and setup scripts create a venv and configuration under $HOME/.openviking, persist session statistics to ~/.openviking/session_stats.json, and (if run) append environment variable exports to the user's shell rc (~/.zshrc or ~/.bashrc) if not present. The skill is not 'always: true'. Modifying shell RC and creating files in home is normal for such tooling but still a privileged change the user should consent to and review.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openviking-token-saver
  3. After installation, invoke the skill by name or use /openviking-token-saver
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.2.0
修复 Python 路径问题;优化 token 对比输出格式;更新触发词(支持中文);完善 SKILL.md 文档;Console Web UI 启动说明
v2.1.0
更新至 2.1.0
v2.0.0
Replace with OpenViking context database skill: L0/L1/L2 layered context, viking:// protocol, token tracking.
v1.0.0
Help OpenClaw users reduce LLM token costs by 83% with OpenViking hierarchical context loading. Includes setup guide, coding and document workflow tips.
Metadata
Slug openviking-token-saver
Version 2.2.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 4
Frequently Asked Questions

What is openviking-token-saver?

OpenViking context database for AI agents — layered context loading (L0/L1/L2), semantic search, file-system memory management. Use when: (1) setting up Open... It is an AI Agent Skill for Claude Code / OpenClaw, with 312 downloads so far.

How do I install openviking-token-saver?

Run "/install openviking-token-saver" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is openviking-token-saver free?

Yes, openviking-token-saver is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does openviking-token-saver support?

openviking-token-saver is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created openviking-token-saver?

It is built and maintained by cnoder-wgh (@cnoder-wgh); the current version is v2.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments