← 返回 Skills 市场
2233admin

ClawAPI Manager

作者 2233admin · GitHub ↗ · v1.1.2
cross-platform ⚠ suspicious
564
总下载
0
收藏
2
当前安装
9
版本数
在 OpenClaw 中安装
/install clawapi-manager
功能描述
OpenClaw-native API management and cost optimization. Multi-provider key management, real-time monitoring, smart routing, and automated failover.
使用说明 (SKILL.md)

ClawAPI Manager

🔧 Professional API management and cost optimization for OpenClaw deployments

English | 中文

English

Overview

ClawAPI Manager is an OpenClaw-native tool for managing API keys, monitoring costs, and optimizing API spending through intelligent routing. It saves 30-90% on API costs by automatically routing simple tasks to free models.

Capabilities

  • Multi-Provider Management: Manage keys for OpenAI, Anthropic, Google, and 40+ providers
  • Cost Tracking: Real-time monitoring of API usage and spending
  • Smart Routing: Automatically route tasks to cost-effective models
  • Key Health Monitoring: Detect expired, rate-limited, or invalid keys
  • Config Validation: Detect and auto-fix configuration issues
  • Budget Alerts: Multi-channel notifications (Telegram, Discord, Slack, Feishu, QQ)
  • Automated Failover: Round-robin key rotation with health checks

How to Use

1. Installation

cd ~/.openclaw/workspace/skills
git clone https://github.com/2233admin/clawapi-manager.git
cd clawapi-manager
pip install -r requirements.txt

2. Basic Commands

# List all providers
python3 claw_api_manager_central.py list

# Validate configuration
python3 claw_api_manager_central.py validate

# Auto-fix configuration issues
python3 claw_api_manager_central.py fix

# Update API key
python3 claw_api_manager_central.py update provider-name new-key

# Add new provider
python3 claw_api_manager_central.py add provider-name https://api.example.com sk-key anthropic-messages

3. Configuration

# Create example configs
cp config/managed_keys_central.json.example config/managed_keys_central.json
cp config/openrouter_keys.json.example config/openrouter_keys.json

# Edit with your keys
nano config/managed_keys_central.json

Example Usage

Scenario 1: Validate Configuration

User: "Check if my OpenClaw config is valid"
Assistant: [Runs validate command, reports issues]

Scenario 2: Auto-Fix Issues

User: "Fix my config errors"
Assistant: [Runs fix command, repairs common issues]

Scenario 3: Add OpenRouter Key

User: "Add this OpenRouter key: sk-or-v1-xxx"
Assistant: [Adds key, configures rotation]

Scripts

  • claw_api_manager_central.py: Main management CLI
  • lib/config_manager.py: Configuration management core
  • lib/key_rotation.py: Automated key rotation
  • lib/cost_monitor.py: Cost tracking and reporting
  • lib/smart_router.py: Intelligent task routing

Limitations

  • Requires Python 3.8+
  • Only supports OpenClaw deployments
  • Config validation covers common issues only
  • Smart routing requires OpenRouter integration

Troubleshooting

Issue: "Unknown model" error

  • Run: python3 claw_api_manager_central.py validate
  • Run: python3 claw_api_manager_central.py fix
  • Restart gateway: openclaw gateway restart

Issue: Key rotation not working

  • Check: config/openrouter_keys.json exists
  • Verify: All keys have enabled: true
  • Check logs: ~/.openclaw/logs/gateway.log

中文

概述

ClawAPI Manager 是 OpenClaw 原生的 API 管理和成本优化工具。通过智能路由自动将简单任务分配给免费模型,节省 30-90% 的 API 成本。

功能

  • 多 Provider 管理:管理 OpenAI、Anthropic、Google 等 40+ 家 API 密钥
  • 成本追踪:实时监控 API 使用和花费
  • 智能路由:自动将任务路由到性价比最高的模型
  • 密钥健康监控:检测过期、限流或无效的密钥
  • 配置验证:检测并自动修复配置问题
  • 预算告警:多渠道通知(Telegram、Discord、Slack、飞书、QQ)
  • 自动故障转移:Round-robin 密钥轮换 + 健康检查

使用方法

1. 安装

cd ~/.openclaw/workspace/skills
git clone https://github.com/2233admin/clawapi-manager.git
cd clawapi-manager
pip install -r requirements.txt

2. 基本命令

# 列出所有 providers
python3 claw_api_manager_central.py list

# 验证配置
python3 claw_api_manager_central.py validate

# 自动修复配置问题
python3 claw_api_manager_central.py fix

# 更新 API Key
python3 claw_api_manager_central.py update provider-name new-key

# 添加新 provider
python3 claw_api_manager_central.py add provider-name https://api.example.com sk-key anthropic-messages

3. 配置

# 创建示例配置
cp config/managed_keys_central.json.example config/managed_keys_central.json
cp config/openrouter_keys.json.example config/openrouter_keys.json

# 编辑你的密钥
nano config/managed_keys_central.json

使用示例

场景 1:验证配置

用户:"检查我的 OpenClaw 配置是否正确"
助手:[运行 validate 命令,报告问题]

场景 2:自动修复

用户:"修复我的配置错误"
助手:[运行 fix 命令,修复常见问题]

场景 3:添加 OpenRouter 密钥

用户:"添加这个 OpenRouter 密钥:sk-or-v1-xxx"
助手:[添加密钥,配置轮换]

脚本

  • claw_api_manager_central.py:主管理 CLI
  • lib/config_manager.py:配置管理核心
  • lib/key_rotation.py:自动密钥轮换
  • lib/cost_monitor.py:成本追踪和报告
  • lib/smart_router.py:智能任务路由

限制

  • 需要 Python 3.8+
  • 仅支持 OpenClaw 部署
  • 配置验证仅覆盖常见问题
  • 智能路由需要 OpenRouter 集成

故障排除

问题:"Unknown model" 错误

  • 运行:python3 claw_api_manager_central.py validate
  • 运行:python3 claw_api_manager_central.py fix
  • 重启 gateway:openclaw gateway restart

问题:密钥轮换不工作

  • 检查:config/openrouter_keys.json 是否存在
  • 验证:所有密钥都有 enabled: true
  • 查看日志:~/.openclaw/logs/gateway.log

📖 详细文档: README.md
🐛 问题反馈: GitHub Issues
🚀 快速开始: 运行 python3 claw_api_manager_central.py --help

安全使用建议
This package appears to implement an API key manager and cost monitor, but there are several red flags you should address before installing or running it: - Do not run install.sh or pip commands without reviewing them. The SKILL.md references pip install -r requirements.txt, but requirements.txt is not in the bundle — confirm what dependencies are required. - Inspect lib/config_manager.py and lib/key_rotation.py (and any code that touches backups or ~/.openclaw) to confirm where API keys are stored, whether they are encrypted before being transmitted or uploaded, and whether any remote endpoints receive keys. - Look for any code that posts keys or configs to external servers. The notifier scripts send messages to Telegram/webhooks (expected), but verify they don't send secrets elsewhere. - Confirm the exact filesystem paths the skill will modify (config/.env, ~/.openclaw/openclaw.json, ~/.openclaw/backups, logs) and back up those files before experimenting. - If you plan to try it, run it in a sandboxed or isolated environment (non-production machine or container) and provide only test API keys with limited privileges. - Ask the publisher for provenance: where is the canonical source repo, who maintains it, and why registry metadata lists Source: unknown. If provenance can't be verified, treat the package as untrusted. If you want, I can: (1) list the specific files/functions to inspect for remote network calls and key handling, (2) search the full code for any outbound network endpoints, or (3) draft a short checklist of lines to review in config_manager.py and key_rotation.py to assess exfiltration risk.
功能分析
Type: OpenClaw Skill Name: clawapi-manager Version: 1.1.2 The skill is classified as suspicious due to several high-risk capabilities, primarily involving privileged system operations and direct manipulation of core OpenClaw configuration. Specifically, `install.sh` attempts to modify system-wide logrotate configuration (`/etc/logrotate.d`) and suggests cron job installation, which are privileged operations and potential persistence mechanisms. The `read_openclaw_config.sh` script extracts API keys from the main OpenClaw configuration and writes them to a new `.env` file, creating an additional sensitive credential storage point. Furthermore, several scripts (`auto_rotate.sh`, `check_cost.sh`, `check_quota.sh`, `lib/notifier.py`) perform external network calls for notifications, and core Python modules (`claw_api_manager_central.py`, `lib/config_manager.py`, `lib/model_switcher.py`, `clawapi_helper.py`) directly modify the sensitive `~/.openclaw/openclaw.json` file, including API keys and routing. The `clawapi_helper.py` script is explicitly designed to expose these configuration manipulation functions to an AI agent, posing a significant prompt injection risk for unauthorized configuration changes.
能力评估
Purpose & Capability
The name/description claim a multi-provider API key manager and cost optimizer, and included code (key rotation, cost monitor, notifier, config manager, smart router) is consistent with that purpose. However the package metadata declares no required environment variables or primary credential while multiple scripts explicitly source a config/.env and expect provider keys and webhook tokens. Also SKILL.md tells users to pip install -r requirements.txt but no requirements.txt appears in the provided manifest — an incoherence between claimed install steps and included files.
Instruction Scope
Runtime instructions (SKILL.md) instruct cloning from GitHub and running Python scripts and editing config files, which is expected. But SKILL.md omits mention of the config/.env file that many shell scripts source; scripts assume access to ~/.openclaw/logs and backups and run commands like openclaw gateway restart and clawhub list. Several components will read/write global OpenClaw config paths (backups, ~/.openclaw) and require full API keys; the instructions give the agent broad permission to read and modify sensitive local config without declaring those needs.
Install Mechanism
There is no formal install spec in registry metadata (instruction-only), but the SKILL.md instructs running git clone and pip install -r requirements.txt. The repository bundle provided contains many scripts and an install.sh, but requirements.txt is not present in the manifest — this mismatch is suspicious and means the documented install steps may fail or hide additional installation behaviors. Because there is an install.sh present, a user should review its contents before executing any install commands.
Credentials
Registry fields list no required env vars, yet many scripts source config/.env and reference variables like TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID, QUOTA_CRITICAL_THRESHOLD, COST_BUDGET_THRESHOLD and provider API keys. The skill will therefore require sensitive credentials to operate (API keys, webhook tokens) but doesn't declare them. The skill also reads/writes global OpenClaw config and logs (which may contain other credentials) — broader access than the metadata suggests.
Persistence & Privilege
always:false and disable-model-invocation:false (normal). But the code includes backup/restore and direct writes to OpenClaw config paths; central management utilities (config_manager) imply it will modify core OpenClaw files (backups, main config). That means it can change system-wide configuration and stored API keys — a significant level of privilege. This is expected for a key-management tool but should be explicitly documented and surfaced in the registry metadata (it is not).
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install clawapi-manager
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /clawapi-manager 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.2
Major documentation overhaul: Bilingual support (EN+中文), official Claude Skills format, comprehensive CHANGELOG, improved structure
v1.1.1
v1.1.1: Security fix - removed all API keys from git history. Added config validation and auto-fix commands.
v1.3.0
v1.3.0: API key rotation with cooldown, balance checker for OpenAI/Anthropic, billing disable support
v1.2.0
v1.2.0: Protocol detection (anthropic-messages/openai-chat/openai-compatible), troubleshooting guide (401/403/404/429/500/503), config repair, enhanced documentation
v1.1.0
v1.1.0: Complete TUI with Textual/Rich, channel management, conversational interface for QQ/Feishu, smart environment detection
v1.0.5
v1.0.5: Lightweight scheduler (pure memory + JSON, 10x faster) | v1.0.4: Task scheduler with load balancing, queue, node selection, retry | v1.0.3: AI complexity prediction using Qwen 0.5B | v1.0.2: Model switcher with safe JSON modification
v1.0.2
feat: integrate model switcher from openclaw-switch - safe model switching with fallback chain visualization
v1.0.1
Security fix: Remove sensitive data
v1.0.0
ClawAPI Manager initial release: - Provides comprehensive API key management, rotation, and AES-256 encrypted storage. - Real-time monitoring of API usage, gateway health, quotas, and session analytics. - Smart, cost-optimized task routing with OpenRouter integration for free model usage. - Multi-channel notification support (Telegram, Discord, Slack, Feishu, QQ, DingTalk) with alerting and reporting. - Built-in fault tolerance, circuit breaker, and failover/bypass modes for high reliability. - Modular architecture for easy integration with OpenClaw and customizable cost-saving strategies.
元数据
Slug clawapi-manager
版本 1.1.2
许可证
累计安装 2
当前安装数 2
历史版本数 9
常见问题

ClawAPI Manager 是什么?

OpenClaw-native API management and cost optimization. Multi-provider key management, real-time monitoring, smart routing, and automated failover. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 564 次。

如何安装 ClawAPI Manager?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawapi-manager」即可一键安装,无需额外配置。

ClawAPI Manager 是免费的吗?

是的,ClawAPI Manager 完全免费(开源免费),可自由下载、安装和使用。

ClawAPI Manager 支持哪些平台?

ClawAPI Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 ClawAPI Manager?

由 2233admin(@2233admin)开发并维护,当前版本 v1.1.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论