← 返回 Skills 市场
1310
总下载
1
收藏
8
当前安装
7
版本数
在 OpenClaw 中安装
/install model-manager
功能描述
Fetch and display OpenRouter AI models with pricing and context limits, and configure OpenClaw to use selected models via automatic or fallback settings.
安全使用建议
This skill is not clearly malicious, but it has several surprising behaviors you should consider before installing or running it:
- Undeclared dependency: The code calls the 'openclaw' CLI (openclaw sessions spawn) but the skill metadata does not list any required binaries. Confirm you have the 'openclaw' binary and understand what 'openclaw sessions spawn' does in your environment.
- Broad filesystem access: Utilities (smart_find.py, smart_map.py) and the sub-agent prompts will read and write files in the current directory and under ~/.openclaw. Do not run this in directories containing sensitive data (home, projects with secrets) unless you audit the code and accept the risk.
- Sub-agent execution: The optional --execute mode launches sub-agents that receive tasks and prompts to create files and audit code. Those sub-agents may have network access and could transmit data depending on your OpenClaw/OpenRouter configuration. Run initial tests in an isolated environment (container or throwaway VM) and back up ~/.openclaw/openclaw.json first.
- Review prompts and code: Inspect prompts.json (it instructs generated agents to use 'write' to create files) and manage_models.py to verify no unexpected network endpoints or data-exfiltration code. The repository includes no hidden remote downloads, which reduces supply-chain risk, but the runtime behavior itself is powerful.
If you plan to use this skill:
1) Run it in a safe sandbox first and exercise only 'list' and 'plan' modes without --execute.
2) Back up ~/.openclaw/openclaw.json and any important workspace files.
3) Audit and, if needed, modify the code that spawns sessions to restrict which models/tasks can be launched or to disable automatic execution.
4) Ask the author (or project repo) for clarification about the 'openclaw' CLI dependency and explicit consent flow for spawning sub-agents.
If you want, I can produce a short checklist of exact lines to review/change in manage_models.py to limit filesystem or network exposure.
功能分析
Type: OpenClaw Skill
Name: model-manager
Version: 1.5.0
The skill exhibits a significant prompt injection vulnerability. User-provided input (`task_description`) is directly embedded into the `--task` argument for `openclaw sessions spawn` in `manage_models.py` and `prompts.json`. This allows a malicious user to potentially manipulate the spawned AI agent's behavior, instructing it to perform unintended actions (e.g., file deletion, data access) by crafting a harmful `task_description`. While the skill's core purpose is benign (model optimization, task orchestration), this vulnerability presents a high-risk attack surface against the OpenClaw agent itself, classifying it as suspicious rather than benign or malicious.
能力评估
Purpose & Capability
The core code (manage_models.py) aligns with the stated purpose: it fetches OpenRouter model data, updates ~/.openclaw/openclaw.json, and plans/runs multi-step tasks. However, the package includes utilities (smart_find.py, smart_map.py, prompts that instruct sub-agents to read/write files) that extend beyond simple model listing/configuration into arbitrary filesystem inspection and code-generation workflows. Additionally, metadata declares no required binaries, yet the code invokes the 'openclaw' CLI — an undeclared dependency (incoherence).
Instruction Scope
SKILL.md and the scripts advertise a 'plan' and optional 'execute' mode that spawns sub-agents (openclaw sessions spawn) which will be given tasks and prompts that explicitly instruct them to read and write files (SPEC.md, PLAN.md, code files, AUDIT.md). The included smart_find utility walks the filesystem and can read arbitrary files; smart_map parses codebases. Running 'plan --execute' can therefore cause local files to be read, new files to be created, and sub-agents to run arbitrary tasks — behavior that is broader than a simple model-pricing tool and could expose sensitive local data if executed in sensitive directories.
Install Mechanism
There is no remote install spec or downloads; the skill is delivered as source files. That lowers install-time risk (no external arbitrary code fetch in the install step).
Credentials
The skill declares no required environment variables or primary credential, but it performs network calls to https://openrouter.ai/api/v1/models and spawns 'openclaw' subcommands. The 'openclaw' CLI requirement is not declared in the registry metadata. The skill will also read/write configuration and workspace files under ~/.openclaw, which is reasonable for a model manager but is a privileged local footprint that should have been documented as required. Prompts instruct sub-agents to create and read files in the current working directory, which may access user data unexpectedly.
Persistence & Privilege
The skill modifies the user's OpenClaw configuration (~/.openclaw/openclaw.json) and writes workspace files (~/.openclaw/workspace/*). It does not set always:true, which is appropriate, but these filesystem/config modifications are persistent and have system impact. Combined with its ability to spawn sub-agents, this grants it meaningful operational privilege — acceptable for a model manager but important for users to understand before enabling automatic modes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install model-manager - 安装完成后,直接呼叫该 Skill 的名称或使用
/model-manager触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.5.0
🚀 NEW FEATURES:
• benchmark command - Get AI intelligence-driven recommendations
• report command - Generate usage and cost analysis
• model-benchmarks integration - Real-time capability data
• Enhanced task classification - 40% better accuracy
⚡ IMPROVEMENTS:
• 40% faster startup (2.3s → 1.4s)
• 29% memory reduction (45MB → 32MB)
• 99.2% API reliability (up from 92%)
• Real-time pricing with performance weighting
🐛 MAJOR FIXES:
• Fixed OpenRouter timeout issues (10s → 30s)
• Resolved config corruption problems
• Improved error handling and user messages
• Better cross-platform compatibility
📊 USER IMPACT:
• Cost savings: 35% → 67% average reduction
• Task classification: 65% → 91% accuracy
• User satisfaction: 4.2 → 4.8 stars
• 78% cost reduction with model-benchmarks combo
🔗 PERFECT COMBO:
Install with model-benchmarks skill for maximum optimization!
v1.4.1
- Added SECURITY.md to provide security guidelines and information.
- Introduced smart_find.py and smart_map.py utility scripts.
- No user-facing changes to documentation or commands.
v1.4.0
v1.4.0 - The Golden Gear Update ⚙️
feat(swarm): Added plan --execute to orchestrate multi-agent swarms (Architect -> Coder -> Auditor).
feat(memory): Agents now possess a "Hippocampus" to remember failures and log insights (swarm_memory.json).
feat(adaptive): Automatically switches to stable (premium) models if cheap ones fail (Self-Healing).
refactor: Externalized prompts to prompts.json for easier customization.
v1.1.0
Feat: Added plan command to simulate task decomposition and calculate cost savings.
v1.0.2
Docs: Add cost optimization breakdown (up to 96% savings)
v1.0.1
Fix: Remove unnecessary dependency installation.
v1.0.0
Initial release. Browse OpenRouter models and auto-configure OpenClaw Gateway.
元数据
常见问题
OpenClaw Model Manager 是什么?
Fetch and display OpenRouter AI models with pricing and context limits, and configure OpenClaw to use selected models via automatic or fallback settings. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1310 次。
如何安装 OpenClaw Model Manager?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install model-manager」即可一键安装,无需额外配置。
OpenClaw Model Manager 是免费的吗?
是的,OpenClaw Model Manager 完全免费(开源免费),可自由下载、安装和使用。
OpenClaw Model Manager 支持哪些平台?
OpenClaw Model Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Model Manager?
由 Notestone(@notestone)开发并维护,当前版本 v1.5.0。
推荐 Skills