← 返回 Skills 市场
140
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install minimax-token-plan-monitor
功能描述
MiniMax Token Plan 用量监控 — 专为云部署龙虾(OpenClaw)设计,自动查询本周/5小时窗口用量、套餐余量、剩余调用次数及重置时间。支持 QQ/Discord/Telegram 多通道通知,可配置告警阈值。触发词:minimax额度查询、token plan用量、本周用量、剩余次数、订阅状...
安全使用建议
What to consider before installing:
- Hard-coded secrets: The package contains hard-coded bearer tokens/session keys and a password-like string ('sym,1998'). If those tokens are valid in your environment they could be used to send messages or trigger model/agent sessions on your host. Treat these as high-risk — do not run this code unmodified.
- Undocumented local API calls: Scripts call localhost:37701 (/tools/invoke and /v1/chat/completions) with Authorization and x-openclaw-session-key headers. SKILL.md does not document these tokens. Verify whether those endpoints and tokens are legitimate for your deployment; if not, do not install.
- Inconsistencies: The skill metadata lists no required env vars but SKILL.md requires MINIMAX_PHONE and MINIMAX_PASSWORD. The code also writes logs under /root/.openclaw/workspace/bb/... and attempts to trigger a bb session via cron — these behaviors should be explicitly documented and justified.
- Operational impact: Running the scripts requires Playwright/Chromium (heavy dependencies). The scripts simulate mouse movement and use stealth tooling — this is expected for scraping but increases attack surface.
Recommended actions before using/installing:
1) Do not run these scripts as-is. Inspect and remove or replace any hard-coded tokens and credentials. Prefer reading tokens from a secure environment store or documented env vars.
2) Ask the skill author to explain why the bearer token and session key are embedded, and to remove them or make them configurable and optional. They should document exactly what local APIs are called and why.
3) If you must test, run it in an isolated environment (disconnected VM/container) and rotate any tokens that were embedded in the package if they were ever used.
4) Consider modifying cron_send to avoid instructing a bb session to execute filesystem paths; instead run the scraper directly via a safe scheduler and deliver notifications via documented, credentialed channels.
5) If you rely on OpenClaw local gateways, verify that the bearer tokens/session keys used in the package are not valid for your instance; if they are, revoke/rotate them immediately.
If you want, I can list the exact lines/files with hard-coded tokens and produce a sanitized checklist of edits to make the package safe to run.
功能分析
Type: OpenClaw Skill
Name: minimax-token-plan-monitor
Version: 1.2.1
The skill bundle contains multiple hardcoded sensitive credentials and authentication tokens, which is a significant security risk. Specifically, 'check_and_notify.js' and 'cron_send.js' include a hardcoded Bearer token (8d9c37620f26ffb66ec81daba1547ac537b6dee5aa0cc8fd), a specific session key, and a hardcoded password ('sym,1998'). While these currently target 'localhost' for local API interaction, the presence of static security artifacts in a distributed bundle is highly irregular and could be used to facilitate unauthorized access to the local OpenClaw gateway if the environment is not properly isolated.
能力标签
能力评估
Purpose & Capability
The skill's declared purpose (MiniMax token-plan monitoring and notifications) matches the included scraping and notification code. However the SKILL metadata claims no required env vars while SKILL.md expects MINIMAX_PHONE/MINIMAX_PASSWORD in ~/.env — metadata and instructions are inconsistent. More importantly, the code contains hard-coded values (phone/password placeholders and a real-looking password, a hard-coded userId, and hard-coded bearer tokens/session keys) that go beyond simply requiring the user's MiniMax credentials and are not explained in the description.
Instruction Scope
SKILL.md instructs running the scraper and setting a cron. The scripts do that, but they also instruct or perform actions not described in the SKILL.md: contacting localhost:37701 endpoints (/tools/invoke and /v1/chat/completions) with hard-coded Authorization header and session key, and asking a bb session to execute local scripts. These actions grant the skill the ability to post to local agent APIs and trigger agent sessions — side effects not described in the public instructions.
Install Mechanism
There is no install spec (instruction-only skill), which is lower risk for automatic code downloads. However the package includes Node.js scripts and a package.json/package-lock.json listing heavy dependencies (playwright, puppeteer, stealth plugin) which will need to be installed manually or present on the host. The lockfile references a third-party npm mirror (mirrors.tencentyun.com) but no remote downloads are performed by an installer here — still, runtime requires large browser tooling (Chromium) and Playwright which increases the runtime attack surface.
Credentials
SKILL.md asks for MiniMax credentials in ~/.env which is reasonable for scraping. But the code includes multiple hard-coded secrets: a bearer token '8d9c37620f26ffb66ec81daba1547ac537b6dee5aa0cc8fd' used in sendQQMessage and cron_send authToken, and a bbSessionKey 'agent:bb:qqbot:direct:9bb108cd680d558f5bb78a066df4fb37'. These tokens are not declared in metadata or documented in SKILL.md and grant access to local OpenClaw messaging/model gateway endpoints. Also several scripts contain a hard-coded password string ('sym,1998'). Hard-coded credentials and hidden use of local gateway tokens are disproportionate and risky.
Persistence & Privilege
always:false and user-invocable:true (normal). The real concern is the script behavior: cron_send posts to the local model endpoint and instructs a bb session to execute the check script (it sends a message asking the bb session to run a file path). Combined with hard-coded session keys/Authorization tokens, the skill can programmatically trigger local agent sessions and send messages via the local gateway. While the skill doesn’t set always:true or rewrite other skills, this implicit ability to drive local agent behavior (using embedded tokens) is a privilege escalation risk relative to the declared purpose.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install minimax-token-plan-monitor - 安装完成后,直接呼叫该 Skill 的名称或使用
/minimax-token-plan-monitor触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.1
移除手机号替换为账号占位符;描述增加专为云部署龙虾专用;修复多处示例中的手机号
v1.2.0
补全 SKILL.md:新增完整配置说明、真实输出示例、告警阈值配置、定时任务设置、限速说明、故障排查
v1.1.0
优化描述,突出多通道通知和告警阈值功能
v1.0.0
Initial release: bilingual (zh/en), multi-channel notifications (QQ/Discord/Telegram), CI/CD ready, configurable alert thresholds
元数据
常见问题
MiniMax Token Plan Usage Monitor 是什么?
MiniMax Token Plan 用量监控 — 专为云部署龙虾(OpenClaw)设计,自动查询本周/5小时窗口用量、套餐余量、剩余调用次数及重置时间。支持 QQ/Discord/Telegram 多通道通知,可配置告警阈值。触发词:minimax额度查询、token plan用量、本周用量、剩余次数、订阅状... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 140 次。
如何安装 MiniMax Token Plan Usage Monitor?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install minimax-token-plan-monitor」即可一键安装,无需额外配置。
MiniMax Token Plan Usage Monitor 是免费的吗?
是的,MiniMax Token Plan Usage Monitor 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
MiniMax Token Plan Usage Monitor 支持哪些平台?
MiniMax Token Plan Usage Monitor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MiniMax Token Plan Usage Monitor?
由 bbzhi177(@bbzhi177)开发并维护,当前版本 v1.2.1。
推荐 Skills