功能描述

Track AI agent usage and costs with Drip metered billing. Use when you need to record aggregate LLM usage, tool calls, agent runs, or other metered usage for...

使用说明 (SKILL.md)

Drip Billing Integration

Name: Drip Billing
Author: lucas-309

Track usage and costs for AI agents, LLM calls, tool invocations, and any metered workload.

When to Use This Skill

Recording LLM usage quantities (for example total tokens per call)
Tracking tool/function call costs
Logging agent execution traces
Metering API requests for billing
Attributing costs to customers or workflows

Security & Data Privacy

Key scoping (least privilege):

Use pk_ (public) keys for usage tracking, customer management, and billing. This is sufficient for all skill operations.
Only use sk_ (secret) keys if you need admin operations: webhook management, API key rotation, or feature flags.
Public keys (pk_) cannot manage webhooks, rotate API keys, or toggle feature flags — this limits blast radius if the key is compromised.

Metadata safety:

Include only minimal non-sensitive operational context in metadata.
Never include PII, secrets, passwords, API keys, raw user prompts, model outputs, or full request/response bodies.
Use a strict allowlist and redaction policy before telemetry writes.
Prefer hashes/IDs (for example queryHash) instead of raw user text.

What data is transmitted:

Usage quantities (meter name + numeric value)
Customer identifiers
Run lifecycle events (start/end, status, duration)
Sanitized metadata you explicitly provide (model family, tool name, status code, latency, hashed IDs)

What is NOT transmitted:

Raw prompts, completions, or model outputs
Environment variables or secrets
File contents or source code

Installation

npm install @drip-sdk/node

Environment Setup

# Recommended: public key — sufficient for all usage tracking and billing
export DRIP_API_KEY=pk_live_...

# Only if you need admin operations (webhooks, key management, feature flags):
# export DRIP_API_KEY=sk_live_...

Telemetry Safety Contract

Send only metadata needed for billing and diagnostics.
Do not send raw prompts, raw model outputs, raw query text, full request/response bodies, or credentials.
Prefer stable identifiers and hashes (for example queryHash) over raw user content.
Emit telemetry only to a trusted DRIP_BASE_URL.

Quick Start

1. Initialize the SDK

import { Drip } from '@drip-sdk/node';

// Reads DRIP_API_KEY from environment automatically (pk_live_... recommended)
const drip = new Drip({
  apiKey: process.env.DRIP_API_KEY
});

2. Track Usage (Simple)

await drip.trackUsage({
  customerId: 'customer_123',
  meter: 'llm_tokens',
  quantity: 1500,
  // metadata is optional — only include operational context, never PII or secrets
  metadata: { model: 'gpt-4' }
});

3. Record Agent Runs (Complete Execution)

await drip.recordRun({
  customerId: 'cus_123',
  workflow: 'research-agent',
  events: [
    { eventType: 'llm.call', model: 'gpt-4', quantity: 1700, units: 'tokens' },
    { eventType: 'tool.call', name: 'web-search', duration: 1500 },
    { eventType: 'llm.call', model: 'gpt-4', quantity: 1000, units: 'tokens' },
  ],
  status: 'COMPLETED',
});

4. Streaming Execution (Real-Time)

// Start the run
const run = await drip.startRun({
  customerId: 'cus_123',
  workflowSlug: 'document-processor',
});

// Log each step as it happens
await drip.emitEvent({
  runId: run.id,
  eventType: 'llm.call',
  model: 'gpt-4',
  quantity: 1700,
  units: 'tokens',
});

await drip.emitEvent({
  runId: run.id,
  eventType: 'tool.call',
  name: 'web-search',
  duration: 1500,
});

// Complete the run
await drip.endRun(run.id, { status: 'COMPLETED' });

Event Types

Event Type	Description	Key Fields
`llm.call`	LLM API call	`model`, `quantity`, `units`
`tool.call`	Tool invocation	`name`, `duration`, `status`
`agent.plan`	Planning step	`description`
`agent.execute`	Execution step	`description`, `metadata`
`error`	Error occurred	`description`, `metadata`

Common Patterns

Wrap Tool Calls

async function trackedToolCall\x3CT>(runId: string, toolName: string, fn: () => Promise\x3CT>): Promise\x3CT> {
  const start = Date.now();
  try {
    const result = await fn();
    await drip.emitEvent({
      runId,
      eventType: 'tool.call',
      name: toolName,
      duration: Date.now() - start,
      status: 'success',
    });
    return result;
  } catch (error: unknown) {
    const message = error instanceof Error ? error.message : 'Unknown error';
    await drip.emitEvent({
      runId,
      eventType: 'tool.call',
      name: toolName,
      duration: Date.now() - start,
      status: 'error',
      // Only include the error message — never include stack traces, env vars, or user data
      metadata: { error: message },
    });
    throw error;
  }
}

LangChain Auto-Tracking

import { DripCallbackHandler } from '@drip-sdk/node/langchain';

const handler = new DripCallbackHandler({
  drip,
  customerId: 'cus_123',
  workflow: 'research-agent',
});

// All LLM calls and tool usage automatically tracked
const result = await agent.invoke(
  { input: 'Research the latest AI news' },
  { callbacks: [handler] }
);

API Reference

See references/API.md for complete SDK documentation.

安全使用建议

Before installing or enabling this skill: - Verify the upstream package and publisher: find the @drip-sdk/node package on the official npm registry and confirm the publisher and source repository/homepage match what you expect. The registry metadata here lacks a homepage/source which is a red flag. - Prefer using a public 'pk_' key (as the SKILL.md recommends) rather than an 'sk_' secret key. An sk_ key grants admin operations (webhooks, key rotation, feature flags) and would greatly increase risk if the agent or package is compromised. - If you run the MCP server via `npx @drip/mcp-server`, run it in a restricted environment (no sensitive env vars exposed) and only with a pk_ key; npx will execute remote code from npm. - Confirm the DRIP_BASE_URL value is a trusted endpoint you control or recognize, and enforce metadata allowlists/redaction before emitting telemetry (do not send prompts, PII, secrets, or full request bodies). - Ask the publisher for source code or a canonical homepage/repository if you need higher assurance. Without clear provenance and matching registry metadata, treat this package as unverified and exercise standard supply-chain caution (review package contents, pins, or run in sandboxed environments). - If you need further certainty, request the skill maintainer to fix the metadata inconsistencies (declare required env vars in the registry spec) and provide a verified source repo and release tarball.

功能分析

Type: OpenClaw Skill Name: drip-billing Version: 1.0.3 The OpenClaw AgentSkills skill bundle for 'drip-billing' is designed for usage tracking and billing, and its documentation (`SKILL.md`, `references/API.md`) is exceptionally transparent and security-conscious. It explicitly details what data is sent (usage quantities, customer IDs, sanitized metadata) and, crucially, what is NOT sent (raw prompts, secrets, environment variables, file contents). The skill repeatedly emphasizes using least-privileged API keys (`pk_` over `sk_`) and warns against including PII or secrets in metadata. While the MCP server integration allows an agent autonomous access to Drip tools, the documentation proactively highlights this and recommends using `pk_` keys to limit the blast radius. There is no evidence of intentional harmful behavior, obfuscation, or instructions for prompt injection against the agent to perform unauthorized actions; instead, it provides strong security guidance.

能力评估

ℹ Purpose & Capability

The skill's stated purpose (metered billing / usage tracking) matches the SDK calls and examples in SKILL.md and references/API.md. Required credentials (a DRIP_API_KEY) and a base URL are plausible for this purpose. However, the registry metadata included with the skill claims no required env vars/binaries while SKILL.md explicitly declares DRIP_API_KEY and DRIP_BASE_URL — an inconsistency in packaging/metadata that should be resolved.

ℹ Instruction Scope

Runtime instructions stay within the billing/telemetry domain (trackUsage, recordRun, startRun, emitEvent, middleware integrations). They explicitly warn not to send raw prompts/PII and recommend least-privilege public keys. The notable scope expansion: SKILL.md offers an MCP server example using `npx @drip/mcp-server` that would give the agent native 'drip_*' tools and allow autonomous telemetry calls — expected for an integration but raises the risk surface if misconfigured or provided with an admin key.

⚠ Install Mechanism

The skill is instruction-only (no install spec), but it instructs the user/agent to install or run packages from npm (e.g., `npm install @drip-sdk/node`, `npx @drip/mcp-server`). Installing packages via npm/npx is a common pattern but is higher-risk than instruction-only skills because it pulls and executes third-party code. There is no verified upstream homepage or source in the registry metadata to validate the npm package; SKILL.md recommends checking the package on npm but does not provide a canonical upstream link.

ℹ Credentials

The only required secrets described are DRIP_API_KEY (primary) and DRIP_BASE_URL; DRIP_WORKFLOW_ID is optional. These are proportional to a billing/tracking SDK. The SKILL.md explicitly distinguishes public keys (pk_) for tracking from secret keys (sk_) that grant admin abilities; supplying an sk_ key would substantially increase risk (webhook & key management capabilities). The registry metadata, however, contradicts SKILL.md by claiming no required env vars — this mismatch is a red flag.

ℹ Persistence & Privilege

The skill does not request 'always: true' or other elevated installation privileges. It does provide instructions to run an MCP server (via npx) that would register native tools the agent can call autonomously; this is normal for integrations but increases blast radius if a high-privilege API key is used or if the MCP server is obtained from an untrusted package. The skill does not appear to modify other skills or system-wide settings.

版本历史

v1.0.3

Added detailed credential scoping guidance (public vs. secret keys) and recommended minimal privilege usage.

元数据

Slug drip-billing

版本 1.0.3

许可证 —

累计安装 0

当前安装数 0

历史版本数 1

常见问题

Drip Billing 是什么？

Track AI agent usage and costs with Drip metered billing. Use when you need to record aggregate LLM usage, tool calls, agent runs, or other metered usage for... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 274 次。

如何安装 Drip Billing？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install drip-billing」即可一键安装，无需额外配置。

Drip Billing 是免费的吗？

是的，Drip Billing 完全免费（开源免费），可自由下载、安装和使用。

Drip Billing 支持哪些平台？

Drip Billing 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Drip Billing？

由 lucas-309（@lucas-309）开发并维护，当前版本 v1.0.3。

Drip Billing