← 返回 Skills 市场
chunhualiao

Claude Usage Release

作者 Chunhua Liao · GitHub ↗ · v1.0.1
cross-platform ⚠ suspicious
891
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install openclaw-claude-usage
功能描述
Check Claude Max plan usage limits by launching Claude Code and running /usage. Use when the user asks about Claude plan usage, remaining quota, rate limits,...
安全使用建议
This skill appears to do what it says (automate the Claude Code CLI to run /usage) but the metadata omits important runtime requirements and local file access. Before installing or enabling it, consider: - Verify the claude CLI is trustworthy and up-to-date; this skill spawns that CLI with an automated TUI script. - Inspect the contents of ~/.claude/stats-cache.json on your system to confirm it doesn't contain secrets you wouldn't want parsed or transmitted; the SKILL.md's fallback reads this file but the skill metadata does not declare it. - Prefer a non-interactive, documented API or official CLI flag for usage data rather than PTY/expect automation where possible; expect-based automation is brittle and can accidentally surface more output than intended. - Ask the skill author to update skill.yml/registry metadata to explicitly list required binaries (expect, claude), required config paths (e.g., ~/.claude/stats-cache.json), and to clarify exactly what data is read and formatted. Given the inconsistencies, treat the skill as allowed only in a controlled environment and avoid granting it access to accounts containing sensitive tokens until these gaps are corrected.
功能分析
Type: OpenClaw Skill Name: openclaw-claude-usage Version: 1.0.1 The skill is classified as suspicious due to its reliance on direct shell command execution via `expect -c '...'` in `SKILL.md` to interact with the `claude` CLI. While the stated purpose of checking Claude usage is benign, executing arbitrary shell commands, even hardcoded ones, introduces a significant attack surface and potential for privilege escalation or RCE if the `claude` CLI itself is compromised or if the `expect` script were to be modified or accept untrusted input. Additionally, it accesses a local file `~/.claude/stats-cache.json` for fallback, which could contain sensitive data. There is no clear evidence of intentional malicious behavior like data exfiltration to external endpoints or backdoor installation, but the high-risk capabilities warrant a 'suspicious' classification.
能力评估
Purpose & Capability
The skill claims to check Claude Max usage (reasonable), but the package metadata/registry entry lists no required binaries or config paths while SKILL.md explicitly requires the Claude Code CLI and the expect binary (and authenticated Claude CLI). The omitted declarations are disproportionate to the metadata and reduce transparency.
Instruction Scope
Runtime instructions tell the agent to spawn an interactive Claude Code TUI via expect and parse its output (expected for a TUI workaround). The fallback instructs reading ~/.claude/stats-cache.json to obtain usage data—this reads a local config/cache file that may contain sensitive session data and was not declared in the skill's required config paths.
Install Mechanism
No install spec (instruction-only). This minimizes installer risk because nothing arbitrary is downloaded or written by the skill itself.
Credentials
The skill requests no environment variables, but it requires an authenticated Claude CLI and reads local cache (~/.claude/stats-cache.json) in fallback. Accessing local CLI auth state or cache is effectively access to credentials/session material and should have been declared; the lack of declared credentials/config paths is disproportionate.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills or system-wide settings. It runs only when invoked.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install openclaw-claude-usage
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /openclaw-claude-usage 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fixed: removed personal GitHub username from author field and README clone URL. Note: skill deprecated — superseded by native /usage command, ccusage CLI, and CC Usage MCP server.
v1.0.0
Initial release
元数据
Slug openclaw-claude-usage
版本 1.0.1
许可证
累计安装 1
当前安装数 0
历史版本数 2
常见问题

Claude Usage Release 是什么?

Check Claude Max plan usage limits by launching Claude Code and running /usage. Use when the user asks about Claude plan usage, remaining quota, rate limits,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 891 次。

如何安装 Claude Usage Release?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-claude-usage」即可一键安装,无需额外配置。

Claude Usage Release 是免费的吗?

是的,Claude Usage Release 完全免费(开源免费),可自由下载、安装和使用。

Claude Usage Release 支持哪些平台?

Claude Usage Release 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Claude Usage Release?

由 Chunhua Liao(@chunhualiao)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论