← 返回 Skills 市场
pouria3

Cron Cost Guard

作者 pouria3 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
104
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install cron-cost-guard
功能描述
Audit AI agent cron jobs for token cost risks, model-switch loops, and session isolation failures. Use when setting up new cron jobs, debugging unexpected to...
使用说明 (SKILL.md)

Cron Cost Guard

Prevent silent token budget burns from misconfigured AI agent cron jobs.

Quick Audit

Run this checklist on every cron setup or when investigating a cost spike:

1. Session Isolation (Critical)

Check every cron job for session binding conflicts:

cron list (includeDisabled: true)

Red flags:

  • sessionKey: "agent:main:main" with sessionTarget: "isolated" → stale binding, will cause model conflicts
  • agentId pointing to a different agent than the session owner → cross-agent model contamination
  • consecutiveErrors >= 3 → likely stuck in a retry loop
  • lastError containing LiveSessionModelSwitchError → model-switch loop confirmed

Fix: Remove and recreate the job without sessionKey. Set sessionTarget: "isolated".

2. Model Conflicts

In multi-agent setups (e.g., Agent A on Claude, Agent B on GPT), each agent's crons must be scoped to that agent only.

  • Set agentId explicitly on every cron job
  • Set model explicitly in the payload when available
  • Never let Agent B's cron inherit Agent A's session model

3. System Prompt Size

Audit injected workspace files:

wc -c MEMORY.md SOUL.md AGENTS.md TOOLS.md USER.md QUEUE.md

Target: \x3C 20KB total injected. Move large files (playbooks, heartbeat templates, reference docs) to references/ for on-demand reading.

Size Status
\x3C 20KB Healthy
20-40KB Trim soon
> 40KB Trim now — every API call is bloated

4. Cost Monitoring

sessions_list (limit: 10, messageLimit: 1)

Look for sessions with high estimatedCostUsd but low output tokens — that's a retry loop signature.

Metric Healthy Warning Critical
Cron consecutive errors 0 1-2 ≥3
Session cost (cron) \x3C $0.50 $0.50-2.00 > $2.00
Model switch retries 0 1-2 ≥3

Diagnosis: Token Spike

For detailed diagnosis steps and post-incident checklist, read references/diagnosis.md.

Prevention Rules

  1. Every cron job: sessionTarget: "isolated", no stale sessionKey
  2. Every cron job: explicit timeoutSeconds (never unlimited)
  3. Multi-agent: explicit agentId matching the agent that should run it
  4. After changing default model: audit all cron jobs for conflicts
  5. Weekly: check consecutiveErrors across all jobs — anything ≥ 3 needs investigation
安全使用建议
This skill appears to do what it says (audit cron jobs for token/cost issues), but be cautious: its instructions ask the agent to read local gateway logs (~/.openclaw/logs/gateway.log) and workspace files and to remove cron jobs — operations that can expose sensitive data or change system state. Before installing: (1) confirm you trust the skill source, (2) run it in a read-only or manual-approval mode first (so the agent can only report, not delete), (3) restrict autonomous invocation until you’ve observed its behavior, and (4) ensure your audit logs/backups exist so you can recover if a job is removed. If you need, request the author to declare the config paths the skill will access (so the platform can present clear permission prompts).
能力评估
Purpose & Capability
Name/description (cron cost auditing) align with the provided runtime instructions: listing crons, inspecting sessions, checking system-prompt sizes, and killing offending cron jobs are all relevant to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to read and act on local state beyond the workspace (e.g., tail -200 ~/.openclaw/logs/gateway.log) and to remove cron jobs (cron remove). The metadata declares no required config paths or credentials, yet the instructions explicitly reference a specific home-path log file and several workspace files (MEMORY.md, AGENTS.md, etc.). That mismatch between declared requirements and actual file access is a scope/permission concern.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low risk from install mechanics (nothing is downloaded or written by an installer).
Credentials
The skill declares no required env vars or config paths, which is consistent with being instruction-only. However, the runtime instructions access sensitive local files and logs (workspace docs and ~/.openclaw/logs/gateway.log) without those accesses being declared in the metadata — a minor proportionality mismatch to be aware of.
Persistence & Privilege
always:false and default autonomous invocation are normal. However, the instructions include potentially destructive operations (removing cron jobs) and guidance to recreate jobs; if the agent is allowed to act autonomously, the skill could cause configuration changes. This is expected for an auditing/remediation skill but worth limiting to manual approval or read-only analysis until validated.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install cron-cost-guard
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /cron-cost-guard 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release. Audit AI agent cron jobs for token cost risks, model-switch loops, and session isolation failures.
元数据
Slug cron-cost-guard
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Cron Cost Guard 是什么?

Audit AI agent cron jobs for token cost risks, model-switch loops, and session isolation failures. Use when setting up new cron jobs, debugging unexpected to... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 104 次。

如何安装 Cron Cost Guard?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install cron-cost-guard」即可一键安装,无需额外配置。

Cron Cost Guard 是免费的吗?

是的,Cron Cost Guard 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Cron Cost Guard 支持哪些平台?

Cron Cost Guard 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Cron Cost Guard?

由 pouria3(@pouria3)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论