← Back to Skills Marketplace
highnoonoffice

Agent Tollbooth

by highnoonoffice · GitHub ↗ · v2.2.0 · MIT-0
cross-platform ✓ Security Clean
136
Downloads
0
Stars
0
Active Installs
19
Versions
Install in OpenClaw
/install agent-tollbooth
Description
Web access privileges for your agent. So your agent stops hitting walls.
README (SKILL.md)

Agent Tollbooth

You're mid-task. Your agent fires a Yahoo Finance request. Gets a 429. Stops. You don't know if it's rate limits, a bad endpoint, a missing header, or just bad luck. You try again. Same thing. You start debugging blind.

Tollbooth is the field notes that stop this from happening twice. Observed operating profiles for 16 external services — safe endpoints, sleep intervals, caching patterns, auth requirements — built from real API friction. Your agent checks the profile before calling, follows the safe pattern, and logs what happens. Next time it already knows.

Every external service has a threshold. This skill provides the map so agents learn them once and stop hitting them twice.

Core Pattern

Before calling any external service:

  1. Check references/profiles.md for an existing profile
  2. Follow its safe pattern — endpoint, sleep, cache, auth
  3. If no profile exists, observe behavior and add an entry after

Caching

Always cache prices and API responses locally when TTL allows.

  • Default TTL: 300s (5 minutes) for prices
  • Cache file: $OPENCLAW_WORKSPACE/data/agent-tollbooth/cache/
  • Serve from cache first — only hit the API when stale or forced

Script: scripts/fetch-prices.py implements cache + sequential Yahoo Finance fetching. Use it instead of raw requests. CoinGecko and other services are covered by profiles in references/profiles.md.

How It Learns

Tollbooth grows with your usage. Three scripts form the learning loop:

Before any external call:

python3 scripts/check-profile.py coingecko.com

Returns the safe pattern if a profile exists. If not, logs the miss and returns exit code 1 — your agent can continue, but observation has started.

During any call — log what happens:

from scripts.web_log import log_event
log_event("my-api.com", "429", "hit rate limit at 10 req/min", worked=None)
log_event("my-api.com", "success", "sequential 500ms sleep worked", worked="sequential + 500ms sleep")

After enough observations — promote to a profile:

python3 scripts/promote-profile.py           # dry run, see what's ready
python3 scripts/promote-profile.py --write   # append drafts to profiles.md

Default threshold: 5 events. Auto-drafted profiles include all observed friction and working patterns. Review before trusting — they're drafts, not finished entries.

Events are written to $OPENCLAW_WORKSPACE/data/agent-tollbooth/web-access-log.json — outside the skill bundle, never modifying packaged files. Cache files go to $OPENCLAW_WORKSPACE/data/agent-tollbooth/cache/. Set OPENCLAW_WORKSPACE before running (standard on any OpenClaw install).

Workspace Access

This skill writes event logs and cache files to $OPENCLAW_WORKSPACE/data/agent-tollbooth/. No credentials are accessed. No sensitive data is written. No files outside this directory are touched.

Service Profiles

See references/profiles.md for all current profiles:

  • Yahoo Finance
  • CoinGecko
  • Ghost Admin API
  • ClawHub API
  • Telegram Bot API
  • Replicate
  • OpenAI API
  • Anthropic API
  • GitHub API
  • Brave Search API
  • Serper (Google Search)
  • Notion API
  • Airtable API
  • Stripe API
  • HuggingFace Inference API
  • Firecrawl
Usage Guidance
This skill appears to do what it claims: log web-access events, recommend safe call patterns, cache price responses, and draft profiles from observed events. Before installing: 1) Ensure OPENCLAW_WORKSPACE is set to a controlled directory so logs and cache files are written outside the packaged files (otherwise the scripts may create a local data/ folder inside the skill bundle). 2) Be aware the scripts make outbound requests to services like Yahoo Finance and CoinGecko when used (so they will generate network traffic). 3) The promote step (--write) appends drafted profiles to the workspace profiles.md only when you explicitly pass --write — review drafts before writing. 4) If you want stricter containment, run these scripts with network or filesystem restrictions or review/redirect the workspace path to a dedicated directory. Overall: coherent and proportionate to its stated purpose.
Capability Analysis
Type: OpenClaw Skill Name: agent-tollbooth Version: 2.2.0 The agent-tollbooth skill bundle is a utility designed to help AI agents manage API rate limits, caching, and service-specific operating patterns. It provides scripts (fetch-prices.py, fetch-crypto.py) for retrieving financial data with built-in caching and a logging system (web-log.py) to track API performance and errors. The skill operates within a designated workspace directory ($OPENCLAW_WORKSPACE/data/agent-tollbooth/) for logging and caching, and its instructions in SKILL.md focus on improving agent reliability and efficiency. No evidence of malicious intent, data exfiltration, or unauthorized execution was found.
Capability Tags
cryptocan-make-purchasesrequires-oauth-tokenrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
Name/description (map safe request patterns, caching, and logging) match the included scripts: check-profile, web-log, promote-profile, fetch-prices, and fetch-crypto. No unrelated binaries, credentials, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to read bundled profiles and to read/write only under $OPENCLAW_WORKSPACE/data/agent-tollbooth — the scripts do this. Caveat: several scripts include a fallback that will create/read a local data/ directory inside the skill bundle if OPENCLAW_WORKSPACE is not present, which contradicts the SKILL.md claim 'never modifying packaged files.' The skill logs event details (service, event_type, detail) to the workspace; those logs may include service names and diagnostic text but do not appear to capture credentials.
Install Mechanism
Instruction-only with packaged Python scripts; no external installers, downloads, or extract steps. No third-party package pulls declared in an install spec.
Credentials
The skill requires no environment variables or credentials beyond the optional OPENCLAW_WORKSPACE path (standard for OpenClaw). Profiles reference many APIs (OpenAI, Stripe, etc.) only as documentation; the skill itself does not request those secrets.
Persistence & Privilege
always:false and no autonomous privilege escalation. Writes are limited to the workspace data directory (or the local bundle fallback if workspace isn't set) and to a workspace profiles.md when --write is used; it does not alter other skills or system-wide agent settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install agent-tollbooth
  3. After installation, invoke the skill by name or use /agent-tollbooth
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.2.0
Fix: promote-profile.py now writes to $OPENCLAW_WORKSPACE/data/agent-tollbooth/profiles.md — bundled references/profiles.md is read-only. Resolves write-back-to-bundle inconsistency flagged by scanner.
v2.1.0
Fix Suspicious flag: include all scripts in bundle (check-profile.py, promote-profile.py, fetch-prices.py, web-log.py); these were referenced but not packaged
v2.0.0
Added problem statement opener, fixed missing frontmatter fields (version, homepage, source, license)
v1.4.1
v1.4.1: Scanner fix — removed relative fallback write paths, all writes go to OPENCLAW_WORKSPACE only. Softened capability-triggering language in Stripe/Notion profiles.
v1.4.0
v1.4.0: 16 service profiles (added OpenAI, Anthropic, GitHub, Brave, Serper, Notion, Airtable, Stripe, HuggingFace, Firecrawl). Self-learning loop: check-profile.py for pre-flight lookups, promote-profile.py to mine event log and draft new profiles automatically.
v1.3.6
Remove fetch-image.py (Replicate image gen out of scope); no credentials accessed by any remaining script
v1.3.5
Move credential path to REPLICATE_CREDENTIALS_FILE env var — no hardcoded credential paths in code
v1.3.4
Add explicit credential and workspace access disclosure section; scanner should now see declared intent matching actual code behavior
v1.3.3
Declare credentials and config paths in SKILL.md frontmatter; align body text with actual script paths to resolve scanner mismatch
v1.3.2
Fix description field format — quoted short string.
v1.3.1
Force re-index to surface skill description on ClawHub card.
v1.3.0
Add fetch-crypto.py (CoinGecko batch fetch) and fetch-image.py (Replicate FLUX 1.1 Pro) — skill now ships working scripts for all major service profiles.
v1.2.3
Update description to locked copy: Web access privileges for your agent. So your agent stops hitting walls.
v1.2.2
Fix write paths to use OPENCLAW_WORKSPACE env var (standard for all OpenClaw installs). Fix description/code mismatch. Clear operational log before publish.
v1.2.1
Sanitize for public publish: clear operational log, generalize credential paths, neutral Telegram profile
v1.2.0
Feedback loop wired — logged events now annotate profiles.md automatically. The skill learns from live usage.
v1.1.1
Description update — web access privileges phrase added to opening line.
v1.1.0
Added self-logging feedback loop — scripts now write to web-access-log.json on every 429, timeout, auth failure, cache hit, and success. The skill learns from live usage instead of relying on static notes.
v1.0.0
Initial release — service profiles for Yahoo Finance, CoinGecko, Ghost Admin API, ClawHub, Telegram, and Replicate.
Metadata
Slug agent-tollbooth
Version 2.2.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 19
Frequently Asked Questions

What is Agent Tollbooth?

Web access privileges for your agent. So your agent stops hitting walls. It is an AI Agent Skill for Claude Code / OpenClaw, with 136 downloads so far.

How do I install Agent Tollbooth?

Run "/install agent-tollbooth" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Agent Tollbooth free?

Yes, Agent Tollbooth is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Agent Tollbooth support?

Agent Tollbooth is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Agent Tollbooth?

It is built and maintained by highnoonoffice (@highnoonoffice); the current version is v2.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments