Updating OpenRouter Free Models

Use when needing to fetch, test, and update OpenRouter free model lists in Claude Code or OpenClaw configurations

This package appears to implement exactly what it claims (fetching/testing OpenRouter free models and updating Claude/OpenClaw config), but take these precautions before installing or letting an agent run it automatically: - Metadata vs runtime mismatch: The registry lists no required environment variables, but test_models.py expects ANTHROPIC_AUTH_TOKEN or OPENROUTER_API_KEY (or will read an apiKey from ~/.openclaw/openclaw.json). Do not assume it will work without providing a token; also be aware it may read stored tokens from your OpenClaw config. - Inspect code before running: Review fetch_models.py, test_models.py, apply_updates.py / apply_updates_openclaw.js, and restart_openclaw.sh. They will overwrite ~/.claude/settings.json and ~/.openclaw/openclaw.json and may kill/restart processes (pkill / launchctl / nohup). Confirm the JSON updates match your desired config structure. - Backup configs: Make backups of ~/.claude/settings.json and ~/.openclaw/openclaw.json before running apply/update steps so you can restore if something is wrong. - Prefer manual/apply-review workflow: Run python3 fetch_models.py and python3 test_models.py to produce /tmp/verified_models.txt, inspect that file, and only then run the updater scripts manually. Avoid giving an autonomous agent the instruction in README that copies and executes these files without human confirmation. - Secrets handling: Prefer setting environment variables for API tokens (OPENROUTER_API_KEY) for testing rather than relying on stored tokens in other config files. Check whether openclaw.json contains sensitive apiKey entries you don't want scripts to read or modify. - Test in a safe environment first: Run the complete_test.sh in a container or a throwaway user account to observe behavior (it will try to update and validate configs and call node/openclaw). Confirm restart behavior is acceptable for your system. - Provenance: The skill's 'Source' and 'Homepage' are unknown. If you require stronger trust guarantees, request the author/source, or prefer using officially maintained tooling or a vetted plugin. If you want, I can list the exact lines in each file that read/write configs, call external endpoints, or restart services so you can review them quickly.

Type: OpenClaw Skill Name: updating-openrouter-free-models Version: 1.0.0 The skill bundle automates the synchronization of OpenRouter free models by fetching data from the OpenRouter API and updating local configuration files. It exhibits high-risk behaviors including reading API keys from environment variables and configuration files (test_models.py), modifying sensitive application settings in ~/.claude/settings.json and ~/.openclaw/openclaw.json (apply_updates.py, apply_updates_openclaw.js), and restarting system services using launchctl or pkill (restart_openclaw.sh). While these actions are consistent with the stated purpose, the broad permissions and potential for configuration corruption or credential exposure justify a suspicious classification.