← 返回 Skills 市场
highnoonoffice

Agent Tollbooth

作者 highnoonoffice · GitHub ↗ · v2.2.0 · MIT-0
cross-platform ✓ 安全检测通过
136
总下载
0
收藏
0
当前安装
19
版本数
在 OpenClaw 中安装
/install agent-tollbooth
功能描述
Web access privileges for your agent. So your agent stops hitting walls.
使用说明 (SKILL.md)

Agent Tollbooth

You're mid-task. Your agent fires a Yahoo Finance request. Gets a 429. Stops. You don't know if it's rate limits, a bad endpoint, a missing header, or just bad luck. You try again. Same thing. You start debugging blind.

Tollbooth is the field notes that stop this from happening twice. Observed operating profiles for 16 external services — safe endpoints, sleep intervals, caching patterns, auth requirements — built from real API friction. Your agent checks the profile before calling, follows the safe pattern, and logs what happens. Next time it already knows.

Every external service has a threshold. This skill provides the map so agents learn them once and stop hitting them twice.

Core Pattern

Before calling any external service:

  1. Check references/profiles.md for an existing profile
  2. Follow its safe pattern — endpoint, sleep, cache, auth
  3. If no profile exists, observe behavior and add an entry after

Caching

Always cache prices and API responses locally when TTL allows.

  • Default TTL: 300s (5 minutes) for prices
  • Cache file: $OPENCLAW_WORKSPACE/data/agent-tollbooth/cache/
  • Serve from cache first — only hit the API when stale or forced

Script: scripts/fetch-prices.py implements cache + sequential Yahoo Finance fetching. Use it instead of raw requests. CoinGecko and other services are covered by profiles in references/profiles.md.

How It Learns

Tollbooth grows with your usage. Three scripts form the learning loop:

Before any external call:

python3 scripts/check-profile.py coingecko.com

Returns the safe pattern if a profile exists. If not, logs the miss and returns exit code 1 — your agent can continue, but observation has started.

During any call — log what happens:

from scripts.web_log import log_event
log_event("my-api.com", "429", "hit rate limit at 10 req/min", worked=None)
log_event("my-api.com", "success", "sequential 500ms sleep worked", worked="sequential + 500ms sleep")

After enough observations — promote to a profile:

python3 scripts/promote-profile.py           # dry run, see what's ready
python3 scripts/promote-profile.py --write   # append drafts to profiles.md

Default threshold: 5 events. Auto-drafted profiles include all observed friction and working patterns. Review before trusting — they're drafts, not finished entries.

Events are written to $OPENCLAW_WORKSPACE/data/agent-tollbooth/web-access-log.json — outside the skill bundle, never modifying packaged files. Cache files go to $OPENCLAW_WORKSPACE/data/agent-tollbooth/cache/. Set OPENCLAW_WORKSPACE before running (standard on any OpenClaw install).

Workspace Access

This skill writes event logs and cache files to $OPENCLAW_WORKSPACE/data/agent-tollbooth/. No credentials are accessed. No sensitive data is written. No files outside this directory are touched.

Service Profiles

See references/profiles.md for all current profiles:

  • Yahoo Finance
  • CoinGecko
  • Ghost Admin API
  • ClawHub API
  • Telegram Bot API
  • Replicate
  • OpenAI API
  • Anthropic API
  • GitHub API
  • Brave Search API
  • Serper (Google Search)
  • Notion API
  • Airtable API
  • Stripe API
  • HuggingFace Inference API
  • Firecrawl
安全使用建议
This skill appears to do what it claims: log web-access events, recommend safe call patterns, cache price responses, and draft profiles from observed events. Before installing: 1) Ensure OPENCLAW_WORKSPACE is set to a controlled directory so logs and cache files are written outside the packaged files (otherwise the scripts may create a local data/ folder inside the skill bundle). 2) Be aware the scripts make outbound requests to services like Yahoo Finance and CoinGecko when used (so they will generate network traffic). 3) The promote step (--write) appends drafted profiles to the workspace profiles.md only when you explicitly pass --write — review drafts before writing. 4) If you want stricter containment, run these scripts with network or filesystem restrictions or review/redirect the workspace path to a dedicated directory. Overall: coherent and proportionate to its stated purpose.
功能分析
Type: OpenClaw Skill Name: agent-tollbooth Version: 2.2.0 The agent-tollbooth skill bundle is a utility designed to help AI agents manage API rate limits, caching, and service-specific operating patterns. It provides scripts (fetch-prices.py, fetch-crypto.py) for retrieving financial data with built-in caching and a logging system (web-log.py) to track API performance and errors. The skill operates within a designated workspace directory ($OPENCLAW_WORKSPACE/data/agent-tollbooth/) for logging and caching, and its instructions in SKILL.md focus on improving agent reliability and efficiency. No evidence of malicious intent, data exfiltration, or unauthorized execution was found.
能力标签
cryptocan-make-purchasesrequires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
Name/description (map safe request patterns, caching, and logging) match the included scripts: check-profile, web-log, promote-profile, fetch-prices, and fetch-crypto. No unrelated binaries, credentials, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to read bundled profiles and to read/write only under $OPENCLAW_WORKSPACE/data/agent-tollbooth — the scripts do this. Caveat: several scripts include a fallback that will create/read a local data/ directory inside the skill bundle if OPENCLAW_WORKSPACE is not present, which contradicts the SKILL.md claim 'never modifying packaged files.' The skill logs event details (service, event_type, detail) to the workspace; those logs may include service names and diagnostic text but do not appear to capture credentials.
Install Mechanism
Instruction-only with packaged Python scripts; no external installers, downloads, or extract steps. No third-party package pulls declared in an install spec.
Credentials
The skill requires no environment variables or credentials beyond the optional OPENCLAW_WORKSPACE path (standard for OpenClaw). Profiles reference many APIs (OpenAI, Stripe, etc.) only as documentation; the skill itself does not request those secrets.
Persistence & Privilege
always:false and no autonomous privilege escalation. Writes are limited to the workspace data directory (or the local bundle fallback if workspace isn't set) and to a workspace profiles.md when --write is used; it does not alter other skills or system-wide agent settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install agent-tollbooth
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /agent-tollbooth 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.2.0
Fix: promote-profile.py now writes to $OPENCLAW_WORKSPACE/data/agent-tollbooth/profiles.md — bundled references/profiles.md is read-only. Resolves write-back-to-bundle inconsistency flagged by scanner.
v2.1.0
Fix Suspicious flag: include all scripts in bundle (check-profile.py, promote-profile.py, fetch-prices.py, web-log.py); these were referenced but not packaged
v2.0.0
Added problem statement opener, fixed missing frontmatter fields (version, homepage, source, license)
v1.4.1
v1.4.1: Scanner fix — removed relative fallback write paths, all writes go to OPENCLAW_WORKSPACE only. Softened capability-triggering language in Stripe/Notion profiles.
v1.4.0
v1.4.0: 16 service profiles (added OpenAI, Anthropic, GitHub, Brave, Serper, Notion, Airtable, Stripe, HuggingFace, Firecrawl). Self-learning loop: check-profile.py for pre-flight lookups, promote-profile.py to mine event log and draft new profiles automatically.
v1.3.6
Remove fetch-image.py (Replicate image gen out of scope); no credentials accessed by any remaining script
v1.3.5
Move credential path to REPLICATE_CREDENTIALS_FILE env var — no hardcoded credential paths in code
v1.3.4
Add explicit credential and workspace access disclosure section; scanner should now see declared intent matching actual code behavior
v1.3.3
Declare credentials and config paths in SKILL.md frontmatter; align body text with actual script paths to resolve scanner mismatch
v1.3.2
Fix description field format — quoted short string.
v1.3.1
Force re-index to surface skill description on ClawHub card.
v1.3.0
Add fetch-crypto.py (CoinGecko batch fetch) and fetch-image.py (Replicate FLUX 1.1 Pro) — skill now ships working scripts for all major service profiles.
v1.2.3
Update description to locked copy: Web access privileges for your agent. So your agent stops hitting walls.
v1.2.2
Fix write paths to use OPENCLAW_WORKSPACE env var (standard for all OpenClaw installs). Fix description/code mismatch. Clear operational log before publish.
v1.2.1
Sanitize for public publish: clear operational log, generalize credential paths, neutral Telegram profile
v1.2.0
Feedback loop wired — logged events now annotate profiles.md automatically. The skill learns from live usage.
v1.1.1
Description update — web access privileges phrase added to opening line.
v1.1.0
Added self-logging feedback loop — scripts now write to web-access-log.json on every 429, timeout, auth failure, cache hit, and success. The skill learns from live usage instead of relying on static notes.
v1.0.0
Initial release — service profiles for Yahoo Finance, CoinGecko, Ghost Admin API, ClawHub, Telegram, and Replicate.
元数据
Slug agent-tollbooth
版本 2.2.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 19
常见问题

Agent Tollbooth 是什么?

Web access privileges for your agent. So your agent stops hitting walls. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 136 次。

如何安装 Agent Tollbooth?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install agent-tollbooth」即可一键安装,无需额外配置。

Agent Tollbooth 是免费的吗?

是的,Agent Tollbooth 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Agent Tollbooth 支持哪些平台?

Agent Tollbooth 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Agent Tollbooth?

由 highnoonoffice(@highnoonoffice)开发并维护,当前版本 v2.2.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论