功能描述

Automatically reduce OpenClaw API costs by 60-80%. One-command setup: config optimization, spend caps, retry loop protection, and ClawTK Engine compression.

使用说明 (SKILL.md)

ClawTK — Cut Your OpenClaw Costs by 60-80%

Name: Skill
Author: skl3

You are ClawTK, a cost optimization assistant for OpenClaw. You help users reduce their API spending through config optimization, spend caps, and token compression.

First-Run Detection

If the file ~/.openclaw/clawtk-state.json does not exist, the user has not completed setup. Tell them:

ClawTK is installed but needs one-time setup. Say /clawtk setup to start. This will:

Back up your current config

Optimize heartbeat settings (biggest cost saver)

Set context limits to prevent runaway spending

Install spend caps to protect against retry loops

Your original config is always restorable with /clawtk restore.

Commands

`/clawtk setup`

Run the setup script to optimize the user's OpenClaw configuration:

bash ~/.openclaw/skills/clawtk/scripts/setup.sh

After setup completes, summarize what changed and the estimated savings.

`/clawtk status`

Show current optimization status:

bash ~/.openclaw/skills/clawtk/scripts/setup.sh --status

`/clawtk savings`

Show actual cost savings since installation:

bash ~/.openclaw/skills/clawtk/scripts/check-savings.sh

`/clawtk restore`

Restore the original OpenClaw configuration from backup:

bash ~/.openclaw/skills/clawtk/scripts/setup.sh --restore

Always confirm with the user before restoring. Warn them that this will remove all ClawTK optimizations.

`/clawtk override`

Temporarily disable spend caps for 1 hour (for when the user needs to do heavy work):

bash ~/.openclaw/skills/clawtk/scripts/setup.sh --override

`/clawtk activate \x3Ckey>`

Activate ClawTK Pro with a license key:

bash ~/.openclaw/skills/clawtk/scripts/activate-pro.sh "$1"

`/clawtk sync`

Push local spend data to the ClawTK cloud dashboard (Pro/Cloud tier only):

bash ~/.openclaw/skills/clawtk/scripts/sync.sh

Add --compact to also clean up old synced entries from the local log:

bash ~/.openclaw/skills/clawtk/scripts/sync.sh --compact

If the user wants automatic syncing, suggest adding a cron job: */30 * * * * bash ~/.openclaw/skills/clawtk/scripts/sync.sh

`/clawtk uninstall`

Completely remove ClawTK and restore original config:

bash ~/.openclaw/skills/clawtk/scripts/uninstall.sh

Always confirm with the user before uninstalling.

Runtime Requirements

Node.js: Required. Hook handlers (spend-guard, cache) are TypeScript and run in a Node-compatible runtime.
sqlite3 CLI: Optional. Required only for the semantic cache feature (Pro tier). If missing, caching is silently disabled — all other features work normally.
brew: Optional. Used as preferred install method for ClawTK Engine. Falls back to official installer if unavailable.

Network Calls

ClawTK makes network requests in exactly two scenarios, both requiring explicit user action:

Engine install (/clawtk setup with Pro tier, or /clawtk activate): Downloads the rtk binary via Homebrew or the official installer from github.com/rtk-ai/rtk. The installer URL is pinned to a tagged release.
License validation & sync (/clawtk activate, /clawtk sync): Contacts api.clawtk.co to validate license keys and (optionally) push spend data. Spend data contains only: timestamp, token count, estimated cost, and tool name. No message content, file contents, or conversation data is ever transmitted.

No network calls are made during normal operation (spend-guard and cache hooks are fully local).

Behavior Guidelines

When reporting savings, always show concrete dollar amounts, not just percentages
If the user complains about API costs, proactively suggest /clawtk savings to show their current optimization status
Never modify the user's config without explicit consent (setup requires the user to run /clawtk setup)
If a spend cap blocks an action, explain clearly what happened and how to override it

安全使用建议

This skill appears to do what it promises (local config patches, spend caps, caching, and an optional external 'rtk' engine for compression). Before installing: - Review the backup: /clawtk setup creates a backup of your OpenClaw config; verify that backup location in ~/.openclaw before accepting changes. - Inspect remote installers: installing the ClawTK Engine falls back to downloading and executing an installer script from GitHub (rtk). The installer file is saved locally first (scripts log the tmp path and size) — inspect that file if you want to review what will run. - Understand global effects: rtk init -g --auto-patch may modify global shell/tool hooks to compress CLI output; if you prefer no global changes, install rtk manually and adjust configuration as needed. - Data sent to cloud: license activation and optional sync call api.clawtk.co; SKILL.md states only license validation and spend summaries (timestamp, token count, estimated cost, tool name) are transmitted, not conversation or file contents — still verify network endpoints if you have strict policies. - Recovery: /clawtk restore is provided to revert changes; confirm the backup exists before proceeding. If you accept those trade-offs and trust the upstream rtk project and api.clawtk.co, the skill is coherent and reasonable for its purpose.

功能分析

Type: OpenClaw Skill Name: clawtk Version: 1.1.0 The bundle provides cost-optimization tools but employs high-risk implementation patterns, most notably a 'curl | sh' installer in scripts/install-engine.sh that downloads and executes a shell script from a remote GitHub repository. Additionally, the caching hook in hooks/clawtk-cache/handler.ts is vulnerable to SQL injection because it uses template literals to construct queries for the sqlite3 CLI using potentially untrusted tool names and parameters. While these behaviors are documented and align with the stated purpose of token compression and spend management, the combination of remote code execution and lack of input sanitization in hooks warrants a suspicious classification.

能力评估

✓ Purpose & Capability

Name/description align with what the code does: patch OpenClaw config, install an optional 'rtk' engine, provide local spend tracking, caching, and a spend-guard. Required binaries (bash, jq, node, curl/wget) and optional sqlite3/brew are appropriate for the tasks.

✓ Instruction Scope

SKILL.md and scripts operate on ~/.openclaw config, a local state file, and local logs. Hooks only run in Pro for caching and spend-guard operates locally. Commands that make network calls (license validation, engine installer, sync) are explicitly tied to user actions described in SKILL.md.

ℹ Install Mechanism

No packaged install spec is present; installer scripts may download and run an upstream installer (Homebrew or an official GitHub raw install.sh for rtk). Downloading and executing a remote installer script is expected for installing external binaries but carries inherent risk — the skill does show the downloaded installer path/size so users can inspect it before execution.

✓ Credentials

The skill requests no secrets or unrelated environment variables. It uses OPENCLAW_DIR if set (defaults to $HOME/.openclaw) and only reads/writes files within that directory. Required/optional binaries are proportional to the features offered (jq for config patches, sqlite3 optional for cache, curl/wget optional for network).

✓ Persistence & Privilege

The skill writes state and logs under the user's home (~/.openclaw) and registers hooks with OpenClaw if available; it does not request always:true or system-wide elevated privileges. The installer may run global rtk auto-patching (rtk init -g) which modifies tooling behavior — this is consistent with providing a compression engine but is an important side-effect to be aware of.

版本历史

v1.1.0

Fix missing runtime declarations, pin installer URL to tagged release, add network call transparency

v1.0.0

ClawTK 1.0.0 — Initial Release - Automates OpenClaw API cost reductions by 60-80% through one-command setup. - Provides spend cap enforcement, config optimization, retry-loop protection, and token compression. - Simple commands enable setup, status checks, cost savings reports, config restoration, and syncing. - Includes Pro activation, cloud sync features, and clear guidance to protect against overspending.

元数据

Slug clawtk

版本 1.1.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 2

常见问题

Skill 是什么？

Automatically reduce OpenClaw API costs by 60-80%. One-command setup: config optimization, spend caps, retry loop protection, and ClawTK Engine compression. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 86 次。

如何安装 Skill？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawtk」即可一键安装，无需额外配置。

Skill 是免费的吗？

是的，Skill 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Skill 支持哪些平台？

Skill 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（macos, linux）。

谁开发了 Skill？

由 skl3（@skl3）开发并维护，当前版本 v1.1.0。

Skill

ClawTK — Cut Your OpenClaw Costs by 60-80%

First-Run Detection

Commands

/clawtk setup

/clawtk status

/clawtk savings

/clawtk restore

/clawtk override

/clawtk activate \x3Ckey>

/clawtk sync

/clawtk uninstall