← 返回 Skills 市场
Api Rate Limiter
作者
monline-code
· GitHub ↗
· v1.0.0
· MIT-0
101
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install api-rate-limiter
功能描述
Manages API request rates with delay, concurrency limits, configurable policies, automatic retries, and real-time status monitoring.
使用说明 (SKILL.md)
API Rate Limiter
概述
全局API请求频率限制器,用于管理API请求的频率,防止触发服务提供商的限流机制。
功能特性
1. 请求频率控制
- 智能延迟管理
- 并发请求限制
- 时间窗口限流
2. 配置管理
- 动态配置加载
- 策略调整
- 状态监控
3. 服务集成
- 全局API请求拦截
- 自动限流应用
- 失败重试机制
使用方法
应用请求延迟
api-rate-limiter apply-delay [request-type]
检查限流状态
api-rate-limiter check-status
查看当前配置
api-rate-limiter show-config
更新配置
api-rate-limiter update-config --key value
支持的请求类型
- light: 轻量请求 (默认延迟 300ms)
- medium: 中量请求 (默认延迟 600ms)
- heavy: 重量请求 (默认延迟 1000ms)
- custom: 自定义延迟
配置项
- base_delay_ms: 基础延迟毫秒数
- max_requests_per_minute: 每分钟最大请求数
- max_requests_per_hour: 每小时最大请求数
- concurrency_limit: 并发请求数限制
- retry_count: 重试次数
- cache_enabled: 是否启用缓存
安全使用建议
This skill appears to implement the claimed rate-limiting functionality, but there are implementation inconsistencies you should address before installing: 1) The main script uses DEFAULT_CONFIG_FILE and the entrypoint path hard-coded to /root/.openclaw/..., while install.sh installs files under $HOME — fix these paths to be consistent (use $HOME or relative skill dir) to avoid needing root or silently failing. 2) install.sh creates a /usr/local/bin symlink and may call sudo — run the installer with care and inspect the script first. 3) Ensure jq is installed; the scripts exit if jq is missing. 4) Consider running the skill in a sandbox or testing environment first (or manually copy files rather than running install.sh) so you can confirm it doesn't attempt to read/write root-owned paths. If the author intended to require root, ask why; if not, request a patch that removes hard-coded /root references and uses the installed skill directory or $HOME consistently.
功能分析
Type: OpenClaw Skill
Name: api-rate-limiter
Version: 1.0.0
The skill provides a local API rate limiting utility, but contains high-risk patterns and vulnerabilities. Specifically, 'install.sh' attempts to use 'sudo' to create a global symbolic link in '/usr/local/bin', which is an unnecessarily privileged action for a local skill. Additionally, the 'update_config' function in 'scripts/api-rate-limiter.sh' is vulnerable to injection because it inserts the user-provided '--key' argument directly into a 'jq' filter string without sanitization. The scripts also contain inconsistent hardcoded paths (e.g., referencing '/root/'), which is atypical for standard user-space skills.
能力评估
Purpose & Capability
The name, README, SKILL.md, and scripts coherently implement an API rate limiter with delay, concurrency and config management. Requiring jq and using copy/sleep logic is proportional to that purpose. However, some implementation choices (hard-coded /root default path) don't match the install instructions and expected install locations, which is unexpected for a user-level skill.
Instruction Scope
The runtime instructions map to the provided scripts and CLI commands. But the scripts reference and write to /root/.openclaw/workspace/skills/... (DEFAULT_CONFIG_FILE) while install.sh copies files into $HOME/.openclaw/workspace/skills — this mismatch means the skill may try to read/write files in /root unexpectedly. The scripts do not access network endpoints or external secrets, so no obvious data exfiltration, but the filesystem path usage is outside the skill's stated simple scope.
Install Mechanism
There is no remote installer (no downloads). install.sh copies local files into ~/.openclaw/workspace/skills and attempts to create a /usr/local/bin symlink (using sudo if available). No external URLs or archives are fetched. The install is local and traceable, but it attempts to create a system-wide symlink and therefore may ask for sudo.
Credentials
The skill does not request environment variables, credentials, or external tokens. It does require jq (and optionally bc) which is reasonable for JSON parsing and arithmetic. No hidden credential access is present in the code.
Persistence & Privilege
The installer will create a symlink in /usr/local/bin (possibly with sudo), giving a system-wide command. More importantly, the scripts write/read a DEFAULT_CONFIG_FILE located under /root — this hard-coded root path may cause the tool to require elevated privileges or to operate inconsistently between users. The skill does not set always:true, nor does it modify other skills, but the root-path behavior increases its privilege/permission footprint unexpectedly.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install api-rate-limiter - 安装完成后,直接呼叫该 Skill 的名称或使用
/api-rate-limiter触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of API Rate Limiter.
- Provides global API request rate limiting to prevent hitting service provider limits.
- Features intelligent delay management, concurrency and time window controls, and dynamic strategy adjustment.
- Supports global API request interception, auto limiting, and retry mechanism.
- Includes commands for delay application, status checking, and configuration management.
- Supports multiple request types (light, medium, heavy, custom) and flexible configuration options.
元数据
常见问题
Api Rate Limiter 是什么?
Manages API request rates with delay, concurrency limits, configurable policies, automatic retries, and real-time status monitoring. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 101 次。
如何安装 Api Rate Limiter?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install api-rate-limiter」即可一键安装,无需额外配置。
Api Rate Limiter 是免费的吗?
是的,Api Rate Limiter 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Api Rate Limiter 支持哪些平台?
Api Rate Limiter 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Api Rate Limiter?
由 monline-code(@monline-code)开发并维护,当前版本 v1.0.0。
推荐 Skills