← 返回 Skills 市场
89
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install gh-ratelimiter
功能描述
In-memory sliding window rate limiter for AI agents. Create rate limits per API key, check quota before calling, consume requests, reset, and list all limits...
使用说明 (SKILL.md)
RateLimiter
Track and enforce rate limits so your agent doesn't get throttled.
Start the server
uvicorn ratelimiter.app:app --port 8012
Create a rate limit
curl -s -X POST http://localhost:8012/v1/limits \
-H "Content-Type: application/json" \
-d '{"key": "openai-api", "max_requests": 60, "window_seconds": 60}' | jq
Check before calling
curl -s http://localhost:8012/v1/check/openai-api | jq '.allowed'
Consume after calling
curl -s -X POST http://localhost:8012/v1/consume/openai-api | jq
Returns allowed (true/false), remaining, and retry_after_seconds (how long to wait if exhausted).
List all limits
curl -s http://localhost:8012/v1/limits | jq
Reset quota
curl -s -X POST http://localhost:8012/v1/reset/openai-api | jq
Delete a limit
curl -s -X DELETE http://localhost:8012/v1/limits/openai-api | jq
Endpoints
| Method | Path | Description |
|---|---|---|
| POST | /v1/limits | Create/update a rate limit |
| GET | /v1/limits | List all rate limits |
| GET | /v1/check/{key} | Check if next request is allowed |
| POST | /v1/consume/{key} | Use one request from quota |
| POST | /v1/reset/{key} | Reset quota to full |
| DELETE | /v1/limits/{key} | Delete a rate limit |
安全使用建议
This skill appears to be what it claims: a simple in-memory FastAPI rate limiter. Before installing, consider: (1) run it in an isolated environment (virtualenv or container) to limit package scope; (2) ensure the installer will use PyPI/pip (verify the platform's 'uv' install kind resolves to pip); (3) do not bind the server to a public interface — use --host 127.0.0.1 or put it behind an authenticated proxy/firewall, because the API is unauthenticated and can create/delete limits; (4) if you intend to share this across processes, add authentication or network controls to avoid unauthorized manipulation of limits. If you want a review of adding authentication or deployment-hardening (example uvicorn flags, OAuth/Basic auth, or reverse-proxy config), provide how you plan to run it and I can suggest concrete changes.
功能分析
Type: OpenClaw Skill
Name: gh-ratelimiter
Version: 1.0.0
The gh-ratelimiter skill is a standard utility for managing API rate limits in-memory. The implementation in ratelimiter/app.py and ratelimiter/state.py uses FastAPI and a sliding window algorithm (deque of timestamps) to track requests, which aligns perfectly with its stated purpose. No indicators of data exfiltration, malicious execution, or prompt injection were found.
能力评估
Purpose & Capability
The name/description match the included code and SKILL.md. The FastAPI app implements the described endpoints (create/check/consume/reset/list/delete) and the files implement an in-memory sliding-window limiter. Required binaries and packages (python, fastapi, uvicorn, pydantic) are appropriate for the stated purpose.
Instruction Scope
SKILL.md's runtime instructions are narrowly scoped: start uvicorn on port 8012 and use the documented HTTP endpoints. It does not instruct the agent to read unrelated files or environment variables. However, the HTTP API is unauthenticated by default (no auth/ACLs) and will accept create/update/delete calls from any client that can reach the port — this is expected functionally but is a security consideration the user should be aware of.
Install Mechanism
The install lists pip packages (fastapi, uvicorn, pydantic), which is proportionate. There is no download from arbitrary URLs or archive extraction. One minor oddity: the install 'kind' is shown as "uv" in the metadata (nonstandard identifier); confirm the platform's installer will run pip in a trusted way. Overall low-to-moderate install risk.
Credentials
The skill requests no environment variables, credentials, or config paths. The code does not access secrets or external services. This credential footprint is minimal and appropriate for an in-memory rate limiter.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or persistent system configuration. It runs an in-memory server that listens on a network port; because it is unauthenticated, running it on a machine accessible to untrusted networks could expose the API. Consider restricting binding to localhost, firewalling the port, or adding auth.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install gh-ratelimiter - 安装完成后,直接呼叫该 Skill 的名称或使用
/gh-ratelimiter触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of gh-ratelimiter.
- Provides an in-memory sliding window rate limiter with REST API.
- Allows creation and management of per-key API rate limits.
- Includes endpoints to check quota, consume requests, reset, and list limits.
- Helps AI agents avoid exceeding external API rate limits.
元数据
常见问题
Ratelimiter 是什么?
In-memory sliding window rate limiter for AI agents. Create rate limits per API key, check quota before calling, consume requests, reset, and list all limits... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 89 次。
如何安装 Ratelimiter?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install gh-ratelimiter」即可一键安装,无需额外配置。
Ratelimiter 是免费的吗?
是的,Ratelimiter 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Ratelimiter 支持哪些平台?
Ratelimiter 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Ratelimiter?
由 mirni(@mirni)开发并维护,当前版本 v1.0.0。
推荐 Skills