← 返回 Skills 市场
428
总下载
1
收藏
0
当前安装
43
版本数
在 OpenClaw 中安装
/install sage-router
功能描述
Local-first AI model routing for serious agents. One endpoint. Any provider. The router figures out the rest.
安全使用建议
This package implements a capable local model router, but it includes several convenience features that touch sensitive local state and can expose your router to the Internet. Before installing or running it, consider the following:
- Review grok_sso_proxy.py carefully and decide whether you want the Grok SSO feature: it will read browser cookie DBs by default and can call the Bitwarden CLI (bw) to unlock and fetch stored items. If you don't want that, do not set GROK_SSO_* env vars, do not run the proxy, and do not mount your browser profile or ~/.dario into the container.
- If you deploy the Cloudflare Worker + connector or follow the Cloud Run deployment, be aware you can (if misconfigured) expose your local router publicly. Never deploy provider keys, cookies, or .env files to public Cloud Run or other public clouds; follow the repo's own caution but double-check the commands (the provided Cloud Run script uses --allow-unauthenticated by default).
- Limit mounts: avoid mounting your real ~/.openclaw, ~/.dario, browser profiles, or ~/.ssh into an unvetted image. Instead run in an isolated VM/container and mount only the minimal config you trust.
- Disable autostart features you don't need: set SAGE_ROUTER_DARIO_AUTOSTART=0 and SAGE_ROUTER_BUNDLED_OLLAMA_AUTOSTART=0 if you don't want bundled daemons started.
- Audit env vars and secrets: the repo references analytics and Supabase/Firestore tokens. If you enable analytics mirroring, understand what telemetry is sent and where.
- If you lack time or expertise to audit the code, treat this as untrusted: run it in a disposable environment, or avoid enabling the Grok SSO features and remote tunnel. Ask the author to explicitly list all env vars and side-effects (cookie reading, Bitwarden use, autostart behaviors) in the top-level metadata before using on a machine with sensitive data.
功能分析
Type: OpenClaw Skill
Name: sage-router
Version: 3.26.23
The sage-router bundle is a complex AI model routing gateway with several high-risk capabilities. Most notably, 'grok_sso_proxy.py' is designed to read and decrypt browser cookies (specifically from Brave/Chrome) and interact with the Bitwarden CLI ('bw') to retrieve credentials. Furthermore, the bundle includes a remote access tunnel implementation ('edge/cloudflare-ai-tunnel/worker.js' and 'scripts/sage_tunnel_connector.mjs') that allows remote execution of chat completions via WebSockets. While these features are aligned with the stated goal of providing a 'local-first' gateway for various AI providers, the combination of browser data access, credential manager interaction, and remote tunneling represents a broad and risky attack surface without clear proof of malicious intent.
能力标签
能力评估
Purpose & Capability
The name/description (model routing, one endpoint) matches the codebase: router.py, provider discovery, and many provider integrations are present and coherent with the stated purpose. However, the package also bundles auxiliary components (grok_sso_proxy, Dario autostart, Ollama autostart, Cloudflare tunnel connector, analytics mirror) that require access to browser cookies, password manager CLI, local files, or remote services. Those capabilities are plausible for convenience features but are not reflected in the registry-level requirements (which list no envs, no required binaries). That mismatch (declared requirements empty vs. many implicit runtime dependencies/privileges) is concerning.
Instruction Scope
SKILL.md and included docs instruct running a user systemd service, mounting ~/.openclaw and optionally ~/.dario and Ollama model dirs, and starting the router. Separate GROK_SSO.md and grok_sso_proxy.py reveal runtime behaviors not obvious from top-level metadata: the proxy can read Chromium cookie DBs, accept cookie JSON files, encrypt/decrypt stored cookies, and call out to the 'bw' (Bitwarden) CLI to unlock and fetch stored credentials. The router also can autostart bundled Dario/Ollama and provides a Cloudflare Worker + connector to expose a remote tunnel. These instructions direct the agent (and the operator) to access/transmit sensitive local state and to set up remote tunnels; that scope goes beyond a simple routing proxy and should be highlighted to users.
Install Mechanism
There is no registry install spec (instruction-only), so nothing automatic is written to disk by the platform. However, the repo includes deployment scripts (systemd unit templates, Dockerfile/docker-compose, Cloud Run deploy script, Cloudflare worker) that, if followed, will create persistent services, mount host config directories (e.g., ~/.openclaw, ~/.dario, ~/.ollama), and (in the GCP script) deploy a public Cloud Run instance with --allow-unauthenticated and service secrets. Those published deployment instructions increase the real-world blast radius if operators follow them without isolating credentials or reviewing what gets mounted or exposed.
Credentials
Registry metadata lists no required environment variables, but the SKILL.md and many files reference many envs and secrets (SAGE_ROUTER_HOME, SAGE_ROUTER_DARIO_AUTOSTART, SAGE_TUNNEL_TOKEN, SAGE_ROUTER_SUPABASE_* and analytics tokens, GROK_SSO_* variables, BW_PASSWORD/BW_SESSION used by grok_sso_proxy). The grok_sso_proxy will call the 'bw' CLI to unlock a Bitwarden vault and read items, and will read browser cookie DBs by default — both of which access high-privilege secrets. Requesting or using these credentials is disproportionate to a minimal model router unless the user explicitly wants the Grok SSO convenience; the top-level skill metadata does not make this explicit.
Persistence & Privilege
The skill does not request 'always: true' and does not itself force inclusion. It does, however, include systemd unit templates and Docker/container deployment guidance that create persistent services under the user's account and persist telemetry and latency stats under ~/.cache and ~/.config by default. That behavior (installing a user service, persisting latency telemetry, autostarting bundled daemons) is normal for a long-running router but increases attack surface and should be done in an isolated environment if users are concerned.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install sage-router - 安装完成后,直接呼叫该 Skill 的名称或使用
/sage-router触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.26.23
Treat Darkbloom as approved decentralized infrastructure in local-first/local-strict routing while continuing to reject centralized APIs and Ollama :cloud models.
v3.26.22
Make local-first/local-strict reject external API providers and only allow local, LAN, or Tailnet endpoints; exclude Ollama :cloud models.
v3.26.21
Match ClawHub listing description to README tagline
v3.26.20
Sync ClawHub listing description and README badge with current README copy
v3.26.19
Document router.py model selection pseudocode in README and refresh listing copy
v3.26.18
Add sagerouter.dev login entrypoint and fix OpenAI-compatible tool call argument formatting
v3.26.17
Update README documentation
v3.26.16
Add Darkbloom provider support and Cloudflare-ready landing page MVP
v3.26.15
Add Ollama Cloud catalog scanning, compatible auto-pull, local Cloud auth fallback, and bundled Ollama Docker startup.
v3.26.8
Bundle Dario in Docker image for Anthropic-compatible requests; add llama.cpp classifier sidecar wiring; expose Dario health status.
v3.26.7
Add an opt-in local Ollama intent classifier for GPU/docker deployments, controlled by SAGE_ROUTER_INTENT_CLASSIFIER_* flags, with docker-compose wiring and health visibility.
v3.26.6
Add SAGE_ROUTER_OPENROUTER_FREE_ONLY to restrict OpenRouter discovery and configured models to :free model IDs only; configured locally for cost control.
v3.26.5
Add structured route-events JSONL telemetry and an analysis script for ranking provider/model performance by intent, latency, and success rate.
v3.26.4
Honor disabled providers during direct and gateway discovery so disabled API-backed providers such as Google are not contacted at startup or routing time.
v3.26.3
Relax incidental OpenClaw tool-definition routing so normal chat with tools present does not produce empty provider chains; keep explicit required tool use routed to tool-capable models.
v3.26.2
Fix OpenClaw streamed tool-chat routing by buffering provider responses into SSE, restore visible-output sanitization/OCR helper ordering, and merge 3.26.x ClawHub updates.
v3.26.1
Add OCR support, NVIDIA NGC provider, SHOW_MODEL_PREFIX feature, glm-ocr non-chat, earlcoin channels no-mention
v3.26.0
feat: dynamic multimodal/vision detection for all models based on name patterns
v3.25.0
feat: add vision capability and multimodal support for GPT-5.4/5.5 models
v3.24.2
Add NVIDIA Cloud auto-discovery config docs
元数据
常见问题
Sage Router 是什么?
Local-first AI model routing for serious agents. One endpoint. Any provider. The router figures out the rest. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 428 次。
如何安装 Sage Router?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install sage-router」即可一键安装,无需额外配置。
Sage Router 是免费的吗?
是的,Sage Router 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Sage Router 支持哪些平台?
Sage Router 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Sage Router?
由 Earl Co(@earlvanze)开发并维护,当前版本 v3.26.23。
推荐 Skills