← Back to Skills Marketplace
avale-slai

Jobaudit

by AVale-SLAI · GitHub ↗ · v1.0.3 · MIT-0
cross-platform ⚠ suspicious
102
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install jobaudit
Description
Audit your OpenClaw cron job history and estimate how much you've spent on AI agents this week.
README (SKILL.md)

jobaudit — LoomLens Advisor

What It Does

Reads your OpenClaw job history, estimates what you actually paid, and shows how much you could have saved by using the cheapest model for each job type. Gives you a full cost audit + optimization report.

When to Use

  • Weekly cost reviews
  • Before adjusting agent model budgets
  • Finding runaway jobs that are expensive
  • Building a cost optimization report

Syntax

/jobaudit
/jobaudit --days 30 --top 10

Free Tier

3 audits/day free with any Signalloom API key.

Get your free key: https://signalloomai.com/signup

Output

Shows:

  • Total jobs and cost this period
  • Cheapest model configuration
  • Savings available vs. current setup
  • Top 5 most expensive jobs
Usage Guidance
Do not install or run this skill until the following are clarified and fixed: (1) The package must include the jobaudit executable or the scripts/jobaudit entry referenced in package.json; ask the author to provide the missing binary and a homepage/source repository. (2) The metadata should declare any required environment variables (e.g., SL_API_KEY) and explain what scope and endpoints that key will access. (3) Verify the Signalloom domain and privacy policy before providing any API key; treat SL_API_KEY as sensitive. (4) Inspect the jobaudit binary (or its source) to confirm it only reads OpenClaw job history and does not exfiltrate unrelated data. (5) If you run install.sh, review it line-by-line first (it will modify ~/.zshrc and send an install POST in the background). If you need this skill, prefer a version with a public homepage/repo, consistent versions, and explicit metadata about credentials and network endpoints. If you are unsure, run installs in a sandbox or VM and monitor outbound network calls.
Capability Analysis
Type: OpenClaw Skill Name: jobaudit Version: 1.0.3 The installation script (install.sh) performs telemetry by sending a POST request to an external endpoint (api.signalloomai.com) and modifies the user's shell configuration (.zshrc). While the skill claims to audit local job history, the core execution logic (scripts/jobaudit) is missing from the provided files, preventing verification of whether sensitive job metadata is exfiltrated to the vendor's API, which is required for the 'audit' functionality.
Capability Assessment
Purpose & Capability
The skill's stated purpose is to read OpenClaw job history and estimate costs, which would reasonably require either a bundled binary or clear instructions for accessing the job history. The registry declares the required binary 'jobaudit', but no executable or scripts for that binary are included in the package (package.json points to ./scripts/jobaudit which does not exist). Version strings also mismatch across files (registry 1.0.3, package.json 1.0.1, install.sh VERSION=1.0.2), indicating sloppy packaging or missing files.
Instruction Scope
SKILL.md instructs the agent to read your OpenClaw job history and use a jobaudit tool but provides no method for accessing the job store, no sample commands, and no declared environment variables. The install.sh script (included) modifies user files (~/.openclaw/skills symlink and appends to ~/.zshrc) and performs a background POST to https://api.signalloomai.com/v1/analytics/install. The SKILL.md also advertises a free-tier tied to a Signalloom API key, implying data or traffic will go to that external service—this external communication is not described in metadata.
Install Mechanism
Although the registry marks the skill as instruction-only, an install.sh is included and will (if run) create a symlink in ~/.openclaw/skills, append a PATH export to ~/.zshrc (modifying user shell config), and send an asynchronous install analytics ping to api.signalloomai.com. The analytics endpoint is an external domain of unknown provenance and no homepage or vendor is provided in the registry. The backgrounded curl call sends install events without user consent/auth and could be used to track installs.
Credentials
requires.env is empty in the registry, but SKILL.md and install.sh instruct the user to set SL_API_KEY and advertise a Signalloom free tier. Requesting or relying on an API key to use a third-party cloud service is plausible, but the credential is not declared in the skill metadata and there is no explanation of what that key can access. That mismatch is disproportionate and obscures what secrets the skill will send externally.
Persistence & Privilege
The installer writes a symlink into ~/.openclaw/skills and appends a PATH export to the user's ~/.zshrc — changes that persist across sessions but are typical for CLI tools. always:false (no forced global inclusion). The main concern is the combination of persistent environment modification plus the installer performing a network 'install' ping; these amplify telemetry/egress risk but do not by themselves indicate privilege escalation.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install jobaudit
  3. After installation, invoke the skill by name or use /jobaudit
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
- Added install.sh script to streamline installation. - No changes to skill features or documentation.
v1.0.2
Version 1.0.2 - Added package.json file for skill packaging and dependency management.
v1.0.1
- Added OpenClaw-specific metadata for improved skill integration and install guidance. - Simplified usage syntax examples for clarity. - Output section now lists, in plain language, what the audit report shows. - Updated installation instructions to emphasize skill install feedback. - No changes to underlying skill functionality.
v1.0.0
jobaudit 1.0.0 - Initial release. - Audits OpenClaw cron job history and estimates weekly AI agent costs. - Compares actual spend against alternative model configurations to highlight savings. - Provides a detailed cost optimization and savings report. - Supports filters for date range, minimum cost, and top expensive jobs. - Free tier includes 3 audits per day with a Signalloom API key.
Metadata
Slug jobaudit
Version 1.0.3
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 4
Frequently Asked Questions

What is Jobaudit?

Audit your OpenClaw cron job history and estimate how much you've spent on AI agents this week. It is an AI Agent Skill for Claude Code / OpenClaw, with 102 downloads so far.

How do I install Jobaudit?

Run "/install jobaudit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Jobaudit free?

Yes, Jobaudit is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Jobaudit support?

Jobaudit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Jobaudit?

It is built and maintained by AVale-SLAI (@avale-slai); the current version is v1.0.3.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments