← 返回 Skills 市场
kr1json

ai-quota-check

作者 kr1json · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
2382
总下载
2
收藏
10
当前安装
2
版本数
在 OpenClaw 中安装
/install ai-quota-check
功能描述
**DEFAULT quota checker** - Use this skill FIRST when user says '쿼타', '쿼터', 'quota', '쿼타확인', '쿼터확인', or asks about quotas. Unified dashboard showing ALL providers (Antigravity, Copilot, Codex) in one view with model recommendations.
使用说明 (SKILL.md)

\r \r

ai-quota-check\r

\r Unified quota monitor and intelligent model recommender for all providers.\r \r

Output Instructions\r

\r IMPORTANT: When executing this skill, display the script output EXACTLY as-is in markdown format. Do NOT summarize or rephrase the output. The script produces a formatted dashboard that should be shown directly to the user.\r \r Example execution:\r

node skills/ai-quota-check/index.js --current-model="\x3Ccurrent_model_name>"\r
```\r
\r
Then copy the entire output and send it as your response.\r
\r
## Features\r
\r
1. **Provider Login Check** - Detects which providers are logged in\r
2. **Unified Quota Dashboard** - Antigravity + Copilot + OpenAI Codex\r
3. **Task-based Recommendations** - Optimal model selection with fallback\r
4. **Reset Detection** - Identifies models ready for ping (new cycle)\r
5. **Risk Level Info** - Warns about weekly caps and lockout risks\r
\r
## Usage\r
\r
```bash\r
# Full dashboard\r
node skills/ai-quota-check/index.js\r
\r
# Specific task recommendation\r
node skills/ai-quota-check/index.js --task=coding\r
node skills/ai-quota-check/index.js --task=reasoning\r
```\r
\r
## Model Routing Rules\r
\r
### Coding / Debugging\r
| Priority | Model | Fallback Condition |\r
|----------|-------|-------------------|\r
| 1st | `openai-codex/gpt-5.3-codex` | - |\r
| 2nd | `openai-codex/gpt-5.2-codex` | Primary \x3C 20% |\r
| 3rd | `google-antigravity/gemini-3-pro-high` | All above \x3C 20% |\r
\r
### Complex Reasoning / Analysis\r
| Priority | Model | Fallback Condition |\r
|----------|-------|-------------------|\r
| 1st | `google-antigravity/claude-opus-4.6-thinking` | - |\r
| 2nd | `github-copilot/claude-4.6-opus` | Primary \x3C 20% |\r
| 3rd | `github-copilot/claude-3.5-opus` | If 4.6 unavailable |\r
| 4th | `openai-codex/gpt-5.3` | All above \x3C 20% |\r
| 5th | `openai-codex/gpt-5.2` | Last fallback |\r
\r
## Fallback Threshold\r
\r
Default: **20%** - Switches to fallback when primary drops below this.\r
\r
## Cron Integration\r
\r
This skill is designed to be called periodically via Cron for:\r
- Quota monitoring\r
- Reset detection (ping optimization)\r
- Automatic model switching recommendations\r
安全使用建议
Before installing or running this skill: 1) Inspect the code (index.js) to confirm exactly which files it reads — it looks at ~/.openclaw/agents/main/agent/auth-profiles.json and ~/.codex/sessions/*.jsonl and will try to call provider APIs. 2) Open the auth-profiles.json file to see what tokens/emails it contains — if it stores provider API keys or session tokens you consider sensitive, do not run the script in a production environment. 3) Because SKILL.md instructs the agent to paste script output verbatim, run the script yourself in a sandbox or container first (node index.js) and inspect the output for leaked tokens or private data. 4) If you still want to use it, consider removing or redacting access to auth-profiles.json or running the skill under an account that has no stored tokens, or modify the script to only surface aggregated quota numbers (not raw profiles). 5) If anything in the auth file seems unrelated to quota checking (credentials for unrelated services), treat that as a stronger warning and avoid installing. Additional information that would change this assessment: explicit registry declaration that the skill needs and will read those config files, or a version of the script that only requests tokens via explicit, user-provided environment variables rather than reading agent auth files.
功能分析
Type: OpenClaw Skill Name: ai-quota-check Version: 1.0.1 The skill is classified as suspicious due to the use of `child_process.execSync` in `index.js` and a prompt injection instruction in `SKILL.md`. While `execSync` is currently used with hardcoded, seemingly benign commands (`codex exec` and `sleep`) for refreshing local quota data, it is a powerful primitive that introduces a significant risk of shell injection if the command string were ever to incorporate unsanitized user input. Additionally, `SKILL.md` explicitly instructs the OpenClaw agent to "display the script output EXACTLY as-is," which is a prompt injection vector, bypassing the agent's potential summarization or filtering and allowing any malicious output from the script to be directly presented or acted upon by the agent. The skill also accesses sensitive local files (`~/.openclaw/agents/main/agent/auth-profiles.json`, `~/.codex/sessions/`) but does not show evidence of exfiltration.
能力评估
Purpose & Capability
The skill's code implements a unified quota checker (Antigravity, Copilot, Codex) and model routing as described. Requiring the 'codex' binary and calling provider APIs is consistent with the stated functionality. However, the skill also reads the agent's local auth-profiles and Codex session files (to infer login status and quotas), which is reasonable for a local quota checker but was not declared in the skill's metadata/requirements.
Instruction Scope
SKILL.md instructs the agent to run the bundled script and display its output EXACTLY as-is. The code reads local files (~/.openclaw/agents/main/agent/auth-profiles.json and ~/.codex/sessions/*) and runs 'codex exec' — these file reads and commands are not called out in the SKILL.md or the registry metadata. Requiring the agent to relay raw script output increases the risk of unintentionally exposing sensitive data present in those outputs.
Install Mechanism
There is no install spec (instruction-only with included code). No remote downloads or archive extraction are performed by the skill itself. This is a lower install risk; the skill relies on local 'node' and 'codex' binaries which are reasonable for its task.
Credentials
Registry metadata lists no required config paths or credentials, yet the code reads the user's OpenClaw agent auth file and Codex session files in the home directory — files that likely contain provider tokens/credentials. The skill will use those tokens to call provider APIs. Accessing other skills'/agent auth files is sensitive and should have been declared; the lack of declared config requirements is a mismatch and disproportionate to what was advertised.
Persistence & Privilege
The skill does not set always:true and does not persist changes, which is good. However, it reads another skill/agent's auth file (agent/auth-profiles.json), giving it read access to possibly many provider tokens. While not persistent, this one-time read is a high-privilege action relative to the advertised capability and should have been explicitly declared and justified.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install ai-quota-check
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /ai-quota-check 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Updated model routing rules for both coding/debugging and complex reasoning tasks. - Added new model versions (e.g., gpt-5.3-codex, claude-opus-4.6-thinking). - Expanded fallback options and clarified conditions for each model. - No code changes; documentation updated to reflect new model recommendations and flows.
v1.0.0
ai-quota-check 1.0.0 - Initial release of unified quota checker for Antigravity, Copilot, and OpenAI Codex. - Provides a dashboard view of all providers’ quotas and login status. - Recommends optimal models for coding and reasoning tasks, with smart fallback based on quota levels. - Warns about approaching quota caps and potential account lockouts. - Designed for both manual checks and automated cron-based monitoring.
元数据
Slug ai-quota-check
版本 1.0.1
许可证
累计安装 11
当前安装数 10
历史版本数 2
常见问题

ai-quota-check 是什么?

**DEFAULT quota checker** - Use this skill FIRST when user says '쿼타', '쿼터', 'quota', '쿼타확인', '쿼터확인', or asks about quotas. Unified dashboard showing ALL providers (Antigravity, Copilot, Codex) in one view with model recommendations. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2382 次。

如何安装 ai-quota-check?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install ai-quota-check」即可一键安装,无需额外配置。

ai-quota-check 是免费的吗?

是的,ai-quota-check 完全免费(开源免费),可自由下载、安装和使用。

ai-quota-check 支持哪些平台?

ai-quota-check 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 ai-quota-check?

由 kr1json(@kr1json)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论