← Back to Skills Marketplace
forceconstant

Nano Gpt Plugin

by ForceConstant · GitHub ↗ · v0.1.3 · MIT-0
cross-platform ⚠ suspicious
93
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install nano-gpt-plugin
Description
Access dynamic NanoGPT models with API key authentication, usage tracking, and support for multiple model families in the OpenClaw platform.
Usage Guidance
This package appears to be a real OpenClaw provider for NanoGPT, but there are a few issues to check before installing: - Confirm API-key handling: the plugin expects a NANOGPT_API_KEY (see provider config and code) but the registry metadata claims no required env vars — ask the publisher to correct the metadata so you know what credentials are required. - Do NOT run final_integration_test.sh or any included test scripts against an untrusted or public remote host. The script copies the plugin to a remote 'ssh_gateway', runs onboarding with "$NANOGPT_API_KEY" on the remote side, and scp's logs and session files back — this will expose your API key and any session transcripts to that host. - If you want to use the plugin, prefer installing it via your trusted OpenClaw workflows (openclaw plugins install from a vetted package) and only provide the NanoGPT API key to OpenClaw via its documented onboarding mechanism. Verify openclaw.plugin.json/providerAuthChoices are set up as you expect. - Ask the publisher for a homepage/repository URL and a signed/verified package publication source. The registry shows an owner id but no homepage — lack of provenance reduces trust. - If you need higher assurance, request the publisher to remove or sanitize integration scripts (or document them clearly), or run a code review in a sandboxed environment first. If you can confirm the metadata and that you will not run the remote test script (or that the remote host is fully controlled/trusted), the plugin's code and behavior look coherent with its stated purpose. Otherwise treat the integration/test artifacts as a potential leak path for your API key and session data.
Capability Analysis
Type: OpenClaw Skill Name: nano-gpt-plugin Version: 0.1.3 The bundle is a legitimate OpenClaw provider plugin for NanoGPT, implementing model catalog discovery, authentication, and usage tracking. While the 'final_integration_test.sh' script performs powerful remote operations via SSH (syncing files, installing plugins, and executing commands), these are clearly scoped for development and integration testing. The core logic in 'src/provider.ts' and 'src/catalog.ts' aligns with the stated purpose of integrating with the NanoGPT API (nano-gpt.com), and the documentation (SKILL.md, AGENTS.md) contains standard development instructions without evidence of prompt injection or malicious intent.
Capability Tags
cryptocan-make-purchasesrequires-oauth-token
Capability Assessment
Purpose & Capability
The name/description, docs, and code consistently implement a NanoGPT OpenClaw provider (dynamic catalog, auth via API key, usage/balance endpoints). However the registry metadata claims no required environment variables while the code and manifest clearly expect a NANOGPT_API_KEY / provider API key (provider auth config and functions call resolveProviderApiKey/resolveApiKeyFromConfigAndStore). This metadata mismatch should be resolved.
Instruction Scope
The SKILL.md is minimal and aligned with the plugin purpose. But the repository includes final_integration_test.sh which, if executed, will tar up the plugin, ssh to a hardcoded remote host placeholder (ssh_gateway), run openclaw install on that host and invoke an onboarding command that injects $NANOGPT_API_KEY on the remote side; it also scp's gateway logs and session files back to the plugin directory. Those test steps can expose API keys and session transcripts to the remote host and transfer files over network — this is outside the normal provider scope and not documented in SKILL.md. If you won't run these scripts or the platform won't run them automatically, risk is limited; if you do run them, ensure the remote host is trusted and keys are handled safely.
Install Mechanism
There is no install spec in the registry (so nothing will be automatically downloaded/executed by the platform), which is lower risk. But the package contains full source and dev/test scripts. The integration/test script performs tar/ssh/scp operations (remote execution) — it's a high-impact developer script that should not be run on untrusted hosts. No remote download-from-arbitrary-URL install step is present in the plugin itself.
Credentials
The plugin legitimately needs a single service credential (NANOGPT_API_KEY) to access the NanoGPT APIs; that is proportionate. However the registry metadata omits required env vars while multiple files and the plugin entry reference the API key. Additionally, the integration script demonstrates transmitting that key to a remote host during onboarding, which could leak the credential if run against an untrusted machine.
Persistence & Privilege
The plugin does not request 'always: true' or other elevated persistent platform privileges. It is a normal provider plugin. The integration script does remove/replace the installed extension directory and clears session files on the remote host as part of its tests — those are installer/tester actions but not a platform-level always-on privilege.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install nano-gpt-plugin
  3. After installation, invoke the skill by name or use /nano-gpt-plugin
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.3
- Added dynamic model catalog from NanoGPT API. - Introduced API key authentication via onboarding flow. - Implemented usage and balance tracking. - Added support for multiple model families (OpenAI, Anthropic, Google, xAI, DeepSeek, etc.).
Metadata
Slug nano-gpt-plugin
Version 0.1.3
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Nano Gpt Plugin?

Access dynamic NanoGPT models with API key authentication, usage tracking, and support for multiple model families in the OpenClaw platform. It is an AI Agent Skill for Claude Code / OpenClaw, with 93 downloads so far.

How do I install Nano Gpt Plugin?

Run "/install nano-gpt-plugin" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Nano Gpt Plugin free?

Yes, Nano Gpt Plugin is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Nano Gpt Plugin support?

Nano Gpt Plugin is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Nano Gpt Plugin?

It is built and maintained by ForceConstant (@forceconstant); the current version is v0.1.3.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments