← Back to Skills Marketplace
462
Downloads
0
Stars
2
Active Installs
2
Versions
Install in OpenClaw
/install model-setup
Description
安全地管理 OpenClaw 模型配置。用于添加、测试和配置新模型到 models.json,包括 API key 验证、模型可访问性测试、工具调用功能检测、设置默认模型和配置到特定 agent。所有操作都会自动备份配置文件以确保安全。
Usage Guidance
This skill appears to implement the claimed model-management features, but exercise caution before installing/using it:
- Required runtime: ensure Python 3 and curl are available (metadata omitted them).
- Secret handling: the scripts will store API keys in models.json in cleartext and pass keys on the curl command line (visible to other local users). Avoid entering high-privilege or long-lived keys unless you accept that risk. Prefer short-lived keys or rotate keys after use.
- Prefer to inspect and/or modify the scripts before use: consider changing test_model.py to use a Python HTTP client or pass Authorization via a safer mechanism (e.g., curl reading header from a file or using environment variables) to avoid command-line exposure.
- Check file paths carefully: the tool will write to models.json and agent config.json paths you provide; back up those files and verify permissions (restrict to your user) before running.
- Validate baseUrl: because test_model.py will POST to the provided baseUrl, only test against endpoints you trust to avoid sending credentials to a malicious server.
If you want to proceed, review and harden the scripts (avoid CLI-exposed secrets, lock down models.json permissions, and confirm agent paths) or ask the author to address these issues.
Capability Analysis
Type: OpenClaw Skill
Name: model-setup
Version: 1.0.1
This skill bundle is classified as suspicious due to critical vulnerabilities that could lead to arbitrary command execution and arbitrary file writes. The `SKILL.md` instructs the AI agent to execute shell commands (`python3 scripts/test_model.py`, `python3 scripts/add_model.py`) using user-provided inputs (JSON strings, model IDs, agent paths). If the agent does not properly sanitize or quote these inputs when constructing the shell command, it creates a severe prompt/shell injection vulnerability, allowing arbitrary command execution. Additionally, `scripts/add_model.py` uses a user-provided `agent_path` to construct file paths (`Path(agent_path) / "agent" / "config.json"`), making it vulnerable to path traversal attacks that could allow writing to arbitrary `config.json` files outside the intended directories. The `scripts/test_model.py` also executes `curl` commands with user-provided API keys and base URLs, further expanding the attack surface.
Capability Assessment
Purpose & Capability
Name/description, SKILL.md, and included scripts are consistent: they add, list, and test model entries in models.json and can set defaults or configure an agent. However the registry metadata declares no required binaries while the scripts clearly expect Python 3 (to run the scripts) and curl (used by test_model.py). That metadata omission is an inconsistency that should be corrected.
Instruction Scope
Runtime instructions request sensitive inputs (API keys, provider baseUrl, agent paths) and instruct the agent to write to user config files (models.json and agent config.json). test_model.py will send the provided API key and payload to whatever baseUrl the user supplies — useful for testing but risky if a malicious baseUrl is entered. The scripts back up files and restore on failure (good), but they also permit writing to arbitrary agent paths supplied by the user, so the operator must ensure paths are correct and trusted.
Install Mechanism
Instruction-only with bundled scripts and no install spec — nothing is downloaded or installed automatically, which reduces supply-chain risk.
Credentials
The skill does not declare required env vars, which is fine, but it requires the user to provide API keys which the scripts: (1) store directly inside models.json/provider_config (cleartext on disk), and (2) embed in a curl command-line invocation (Authorization: Bearer <key>) — passing secrets on the command line can expose them to other local users via process listings and shell histories. Storing long-lived credentials in plain JSON without guidance on file permissions is also risky.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It writes only to config paths the user provides (or the default agent paths), and it performs its own backups/atomic writes; it does not modify other skills or global agent settings beyond the specified agent config files.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install model-setup - After installation, invoke the skill by name or use
/model-setup - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Fix API key validation to support different formats (e.g., BigModel API keys without colon separator). Improved flexibility for various provider API key formats. All tests now pass: API key validation, model accessibility, tool calling, and streaming.
v1.0.0
Initial release: 安全地管理 OpenClaw 模型配置,包括 API key 验证、模型测试、工具调用检测、流式输出测试、成本验证和模型列表功能
Metadata
Frequently Asked Questions
What is Model Setup?
安全地管理 OpenClaw 模型配置。用于添加、测试和配置新模型到 models.json,包括 API key 验证、模型可访问性测试、工具调用功能检测、设置默认模型和配置到特定 agent。所有操作都会自动备份配置文件以确保安全。 It is an AI Agent Skill for Claude Code / OpenClaw, with 462 downloads so far.
How do I install Model Setup?
Run "/install model-setup" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Model Setup free?
Yes, Model Setup is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Model Setup support?
Model Setup is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Model Setup?
It is built and maintained by YuKaiXu (@ykaixu); the current version is v1.0.1.
More Skills