← Back to Skills Marketplace
140
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install minimax-token-plan-monitor
Description
MiniMax Token Plan 用量监控 — 专为云部署龙虾(OpenClaw)设计,自动查询本周/5小时窗口用量、套餐余量、剩余调用次数及重置时间。支持 QQ/Discord/Telegram 多通道通知,可配置告警阈值。触发词:minimax额度查询、token plan用量、本周用量、剩余次数、订阅状...
Usage Guidance
What to consider before installing:
- Hard-coded secrets: The package contains hard-coded bearer tokens/session keys and a password-like string ('sym,1998'). If those tokens are valid in your environment they could be used to send messages or trigger model/agent sessions on your host. Treat these as high-risk — do not run this code unmodified.
- Undocumented local API calls: Scripts call localhost:37701 (/tools/invoke and /v1/chat/completions) with Authorization and x-openclaw-session-key headers. SKILL.md does not document these tokens. Verify whether those endpoints and tokens are legitimate for your deployment; if not, do not install.
- Inconsistencies: The skill metadata lists no required env vars but SKILL.md requires MINIMAX_PHONE and MINIMAX_PASSWORD. The code also writes logs under /root/.openclaw/workspace/bb/... and attempts to trigger a bb session via cron — these behaviors should be explicitly documented and justified.
- Operational impact: Running the scripts requires Playwright/Chromium (heavy dependencies). The scripts simulate mouse movement and use stealth tooling — this is expected for scraping but increases attack surface.
Recommended actions before using/installing:
1) Do not run these scripts as-is. Inspect and remove or replace any hard-coded tokens and credentials. Prefer reading tokens from a secure environment store or documented env vars.
2) Ask the skill author to explain why the bearer token and session key are embedded, and to remove them or make them configurable and optional. They should document exactly what local APIs are called and why.
3) If you must test, run it in an isolated environment (disconnected VM/container) and rotate any tokens that were embedded in the package if they were ever used.
4) Consider modifying cron_send to avoid instructing a bb session to execute filesystem paths; instead run the scraper directly via a safe scheduler and deliver notifications via documented, credentialed channels.
5) If you rely on OpenClaw local gateways, verify that the bearer tokens/session keys used in the package are not valid for your instance; if they are, revoke/rotate them immediately.
If you want, I can list the exact lines/files with hard-coded tokens and produce a sanitized checklist of edits to make the package safe to run.
Capability Analysis
Type: OpenClaw Skill
Name: minimax-token-plan-monitor
Version: 1.2.1
The skill bundle contains multiple hardcoded sensitive credentials and authentication tokens, which is a significant security risk. Specifically, 'check_and_notify.js' and 'cron_send.js' include a hardcoded Bearer token (8d9c37620f26ffb66ec81daba1547ac537b6dee5aa0cc8fd), a specific session key, and a hardcoded password ('sym,1998'). While these currently target 'localhost' for local API interaction, the presence of static security artifacts in a distributed bundle is highly irregular and could be used to facilitate unauthorized access to the local OpenClaw gateway if the environment is not properly isolated.
Capability Tags
Capability Assessment
Purpose & Capability
The skill's declared purpose (MiniMax token-plan monitoring and notifications) matches the included scraping and notification code. However the SKILL metadata claims no required env vars while SKILL.md expects MINIMAX_PHONE/MINIMAX_PASSWORD in ~/.env — metadata and instructions are inconsistent. More importantly, the code contains hard-coded values (phone/password placeholders and a real-looking password, a hard-coded userId, and hard-coded bearer tokens/session keys) that go beyond simply requiring the user's MiniMax credentials and are not explained in the description.
Instruction Scope
SKILL.md instructs running the scraper and setting a cron. The scripts do that, but they also instruct or perform actions not described in the SKILL.md: contacting localhost:37701 endpoints (/tools/invoke and /v1/chat/completions) with hard-coded Authorization header and session key, and asking a bb session to execute local scripts. These actions grant the skill the ability to post to local agent APIs and trigger agent sessions — side effects not described in the public instructions.
Install Mechanism
There is no install spec (instruction-only skill), which is lower risk for automatic code downloads. However the package includes Node.js scripts and a package.json/package-lock.json listing heavy dependencies (playwright, puppeteer, stealth plugin) which will need to be installed manually or present on the host. The lockfile references a third-party npm mirror (mirrors.tencentyun.com) but no remote downloads are performed by an installer here — still, runtime requires large browser tooling (Chromium) and Playwright which increases the runtime attack surface.
Credentials
SKILL.md asks for MiniMax credentials in ~/.env which is reasonable for scraping. But the code includes multiple hard-coded secrets: a bearer token '8d9c37620f26ffb66ec81daba1547ac537b6dee5aa0cc8fd' used in sendQQMessage and cron_send authToken, and a bbSessionKey 'agent:bb:qqbot:direct:9bb108cd680d558f5bb78a066df4fb37'. These tokens are not declared in metadata or documented in SKILL.md and grant access to local OpenClaw messaging/model gateway endpoints. Also several scripts contain a hard-coded password string ('sym,1998'). Hard-coded credentials and hidden use of local gateway tokens are disproportionate and risky.
Persistence & Privilege
always:false and user-invocable:true (normal). The real concern is the script behavior: cron_send posts to the local model endpoint and instructs a bb session to execute the check script (it sends a message asking the bb session to run a file path). Combined with hard-coded session keys/Authorization tokens, the skill can programmatically trigger local agent sessions and send messages via the local gateway. While the skill doesn’t set always:true or rewrite other skills, this implicit ability to drive local agent behavior (using embedded tokens) is a privilege escalation risk relative to the declared purpose.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install minimax-token-plan-monitor - After installation, invoke the skill by name or use
/minimax-token-plan-monitor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.1
移除手机号替换为账号占位符;描述增加专为云部署龙虾专用;修复多处示例中的手机号
v1.2.0
补全 SKILL.md:新增完整配置说明、真实输出示例、告警阈值配置、定时任务设置、限速说明、故障排查
v1.1.0
优化描述,突出多通道通知和告警阈值功能
v1.0.0
Initial release: bilingual (zh/en), multi-channel notifications (QQ/Discord/Telegram), CI/CD ready, configurable alert thresholds
Metadata
Frequently Asked Questions
What is MiniMax Token Plan Usage Monitor?
MiniMax Token Plan 用量监控 — 专为云部署龙虾(OpenClaw)设计,自动查询本周/5小时窗口用量、套餐余量、剩余调用次数及重置时间。支持 QQ/Discord/Telegram 多通道通知,可配置告警阈值。触发词:minimax额度查询、token plan用量、本周用量、剩余次数、订阅状... It is an AI Agent Skill for Claude Code / OpenClaw, with 140 downloads so far.
How do I install MiniMax Token Plan Usage Monitor?
Run "/install minimax-token-plan-monitor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is MiniMax Token Plan Usage Monitor free?
Yes, MiniMax Token Plan Usage Monitor is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does MiniMax Token Plan Usage Monitor support?
MiniMax Token Plan Usage Monitor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created MiniMax Token Plan Usage Monitor?
It is built and maintained by bbzhi177 (@bbzhi177); the current version is v1.2.1.
More Skills