← Back to Skills Marketplace
notestone

OpenClaw Model Manager

by Notestone · GitHub ↗ · v1.5.0
cross-platform ⚠ suspicious
1310
Downloads
1
Stars
8
Active Installs
7
Versions
Install in OpenClaw
/install model-manager
Description
Fetch and display OpenRouter AI models with pricing and context limits, and configure OpenClaw to use selected models via automatic or fallback settings.
Usage Guidance
This skill is not clearly malicious, but it has several surprising behaviors you should consider before installing or running it: - Undeclared dependency: The code calls the 'openclaw' CLI (openclaw sessions spawn) but the skill metadata does not list any required binaries. Confirm you have the 'openclaw' binary and understand what 'openclaw sessions spawn' does in your environment. - Broad filesystem access: Utilities (smart_find.py, smart_map.py) and the sub-agent prompts will read and write files in the current directory and under ~/.openclaw. Do not run this in directories containing sensitive data (home, projects with secrets) unless you audit the code and accept the risk. - Sub-agent execution: The optional --execute mode launches sub-agents that receive tasks and prompts to create files and audit code. Those sub-agents may have network access and could transmit data depending on your OpenClaw/OpenRouter configuration. Run initial tests in an isolated environment (container or throwaway VM) and back up ~/.openclaw/openclaw.json first. - Review prompts and code: Inspect prompts.json (it instructs generated agents to use 'write' to create files) and manage_models.py to verify no unexpected network endpoints or data-exfiltration code. The repository includes no hidden remote downloads, which reduces supply-chain risk, but the runtime behavior itself is powerful. If you plan to use this skill: 1) Run it in a safe sandbox first and exercise only 'list' and 'plan' modes without --execute. 2) Back up ~/.openclaw/openclaw.json and any important workspace files. 3) Audit and, if needed, modify the code that spawns sessions to restrict which models/tasks can be launched or to disable automatic execution. 4) Ask the author (or project repo) for clarification about the 'openclaw' CLI dependency and explicit consent flow for spawning sub-agents. If you want, I can produce a short checklist of exact lines to review/change in manage_models.py to limit filesystem or network exposure.
Capability Analysis
Type: OpenClaw Skill Name: model-manager Version: 1.5.0 The skill exhibits a significant prompt injection vulnerability. User-provided input (`task_description`) is directly embedded into the `--task` argument for `openclaw sessions spawn` in `manage_models.py` and `prompts.json`. This allows a malicious user to potentially manipulate the spawned AI agent's behavior, instructing it to perform unintended actions (e.g., file deletion, data access) by crafting a harmful `task_description`. While the skill's core purpose is benign (model optimization, task orchestration), this vulnerability presents a high-risk attack surface against the OpenClaw agent itself, classifying it as suspicious rather than benign or malicious.
Capability Assessment
Purpose & Capability
The core code (manage_models.py) aligns with the stated purpose: it fetches OpenRouter model data, updates ~/.openclaw/openclaw.json, and plans/runs multi-step tasks. However, the package includes utilities (smart_find.py, smart_map.py, prompts that instruct sub-agents to read/write files) that extend beyond simple model listing/configuration into arbitrary filesystem inspection and code-generation workflows. Additionally, metadata declares no required binaries, yet the code invokes the 'openclaw' CLI — an undeclared dependency (incoherence).
Instruction Scope
SKILL.md and the scripts advertise a 'plan' and optional 'execute' mode that spawns sub-agents (openclaw sessions spawn) which will be given tasks and prompts that explicitly instruct them to read and write files (SPEC.md, PLAN.md, code files, AUDIT.md). The included smart_find utility walks the filesystem and can read arbitrary files; smart_map parses codebases. Running 'plan --execute' can therefore cause local files to be read, new files to be created, and sub-agents to run arbitrary tasks — behavior that is broader than a simple model-pricing tool and could expose sensitive local data if executed in sensitive directories.
Install Mechanism
There is no remote install spec or downloads; the skill is delivered as source files. That lowers install-time risk (no external arbitrary code fetch in the install step).
Credentials
The skill declares no required environment variables or primary credential, but it performs network calls to https://openrouter.ai/api/v1/models and spawns 'openclaw' subcommands. The 'openclaw' CLI requirement is not declared in the registry metadata. The skill will also read/write configuration and workspace files under ~/.openclaw, which is reasonable for a model manager but is a privileged local footprint that should have been documented as required. Prompts instruct sub-agents to create and read files in the current working directory, which may access user data unexpectedly.
Persistence & Privilege
The skill modifies the user's OpenClaw configuration (~/.openclaw/openclaw.json) and writes workspace files (~/.openclaw/workspace/*). It does not set always:true, which is appropriate, but these filesystem/config modifications are persistent and have system impact. Combined with its ability to spawn sub-agents, this grants it meaningful operational privilege — acceptable for a model manager but important for users to understand before enabling automatic modes.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install model-manager
  3. After installation, invoke the skill by name or use /model-manager
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.5.0
🚀 NEW FEATURES: • benchmark command - Get AI intelligence-driven recommendations • report command - Generate usage and cost analysis • model-benchmarks integration - Real-time capability data • Enhanced task classification - 40% better accuracy ⚡ IMPROVEMENTS: • 40% faster startup (2.3s → 1.4s) • 29% memory reduction (45MB → 32MB) • 99.2% API reliability (up from 92%) • Real-time pricing with performance weighting 🐛 MAJOR FIXES: • Fixed OpenRouter timeout issues (10s → 30s) • Resolved config corruption problems • Improved error handling and user messages • Better cross-platform compatibility 📊 USER IMPACT: • Cost savings: 35% → 67% average reduction • Task classification: 65% → 91% accuracy • User satisfaction: 4.2 → 4.8 stars • 78% cost reduction with model-benchmarks combo 🔗 PERFECT COMBO: Install with model-benchmarks skill for maximum optimization!
v1.4.1
- Added SECURITY.md to provide security guidelines and information. - Introduced smart_find.py and smart_map.py utility scripts. - No user-facing changes to documentation or commands.
v1.4.0
v1.4.0 - The Golden Gear Update ⚙️ feat(swarm): Added plan --execute to orchestrate multi-agent swarms (Architect -> Coder -> Auditor). feat(memory): Agents now possess a "Hippocampus" to remember failures and log insights (swarm_memory.json). feat(adaptive): Automatically switches to stable (premium) models if cheap ones fail (Self-Healing). refactor: Externalized prompts to prompts.json for easier customization.
v1.1.0
Feat: Added plan command to simulate task decomposition and calculate cost savings.
v1.0.2
Docs: Add cost optimization breakdown (up to 96% savings)
v1.0.1
Fix: Remove unnecessary dependency installation.
v1.0.0
Initial release. Browse OpenRouter models and auto-configure OpenClaw Gateway.
Metadata
Slug model-manager
Version 1.5.0
License
All-time Installs 9
Active Installs 8
Total Versions 7
Frequently Asked Questions

What is OpenClaw Model Manager?

Fetch and display OpenRouter AI models with pricing and context limits, and configure OpenClaw to use selected models via automatic or fallback settings. It is an AI Agent Skill for Claude Code / OpenClaw, with 1310 downloads so far.

How do I install OpenClaw Model Manager?

Run "/install model-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenClaw Model Manager free?

Yes, OpenClaw Model Manager is completely free (open-source). You can download, install and use it at no cost.

Which platforms does OpenClaw Model Manager support?

OpenClaw Model Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenClaw Model Manager?

It is built and maintained by Notestone (@notestone); the current version is v1.5.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments