← Back to Skills Marketplace
liekzejaws

Clawd Throttle

by liekzejaws · GitHub ↗ · v2.0.0
cross-platform ⚠ suspicious
1247
Downloads
0
Stars
3
Active Installs
2
Versions
Install in OpenClaw
/install clawd-throttle
Description
Routes LLM requests to the cheapest capable model across 8 providers (Anthropic, Google, OpenAI, DeepSeek, xAI, Moonshot, Mistral, Ollama) and 25+ models. Scores prompts on 8 dimensions in under 1ms, supports three routing modes (eco, standard, gigachad), and logs all decisions for cost tracking.
README (SKILL.md)

Clawd Throttle

Route every LLM request to the cheapest model that can handle it. Stop paying Opus prices for "hello" and "summarize this."

Supports 8 providers and 25+ models: Anthropic (Claude), Google (Gemini), OpenAI (GPT / o-series), xAI (Grok), DeepSeek, Moonshot (Kimi), Mistral, and Ollama (local).

How It Works

  1. Your prompt arrives
  2. The classifier scores it on 8 dimensions (token count, code presence, reasoning markers, simplicity indicators, multi-step patterns, question count, system prompt complexity, conversation depth) in under 1 millisecond
  3. The router maps the resulting tier (simple / standard / complex) to a model based on your active mode and configured providers
  4. The request is proxied to the correct API
  5. The routing decision and cost are logged to a local JSONL file

Routing Modes

Mode Simple Standard Complex
eco Grok 4.1 Fast Gemini Flash Haiku
standard Grok 4.1 Fast Haiku Sonnet
gigachad Haiku Sonnet Opus 4.6

Each cell shows the first-choice model. The router tries a preference list and falls through to the next available provider if the first is not configured.

Available Commands

Command What It Does
route_request Send a prompt and get a response from the cheapest capable model
classify_prompt Analyze prompt complexity without making an LLM call
get_routing_stats View cost savings and model distribution stats
get_config View current configuration (keys redacted)
set_mode Change routing mode at runtime
get_recent_routing_log Inspect recent routing decisions

Overrides

  • Heartbeats and summaries always route to the cheapest model
  • Type /opus, /sonnet, /haiku, /flash, or /grok-fast to force a specific model
  • Sub-agent calls automatically step down one tier from their parent

Setup

  1. Get at least one API key (Anthropic or Google required; others optional):
  2. Run the setup script: 
    npm run setup
  3. Choose your routing mode (eco / standard / gigachad)

Privacy

  • Prompt content is never stored. Only a SHA-256 hash is logged.
  • All data stays local in ~/.config/clawd-throttle/
  • API keys stored in your local config file
Capability Analysis
Type: OpenClaw Skill Name: clawd-throttle Version: 2.0.0 The OpenClaw AgentSkills skill bundle 'clawd-throttle' is classified as suspicious due to a potential vulnerability related to environment variable handling. While the skill's core functionality is benign (routing LLM requests), it allows overriding LLM provider base URLs (e.g., `ANTHROPIC_BASE_URL`, `GOOGLE_AI_API_KEY`) via environment variables, as seen in `src/config/index.ts` and `src/proxy/dispatcher.ts`. If an attacker can control the environment variables of the process running this skill, they could redirect LLM API calls to a malicious server, potentially exfiltrating prompt content and API keys. This is a risky capability that, while having legitimate uses, presents a data exfiltration vulnerability without clear malicious intent within the skill's own code.
Capability Assessment
Purpose & Capability
The code, README, and data files implement an LLM-routing/proxy skill as described (classifier, routing table, providers, logging). Required binary 'node' is appropriate. However the registry metadata / SKILL.md lists ANTHROPIC_API_KEY and GOOGLE_AI_API_KEY as required env vars while the runtime code only needs at least one provider configured (it will exit only if no provider is configured). This mismatch between declared required envs and actual code is inconsistent and could mislead users about what must be provided.
Instruction Scope
SKILL.md and setup scripts instruct the agent/user to run npm setup, enter API keys, and write config to ~/.config/clawd-throttle/. Instructions and code limit data stored to SHA-256 prompt hashes and local JSONL logs, which is consistent with the privacy statement. A pre-scan pattern flagged 'system-prompt-override' (the SKILL.md refers to system prompts), which is expected for a classifier that considers system prompts but should be treated with care: verify that prompts aren’t being sent to external endpoints beyond the configured providers. Overall instructions stay inside the advertised scope (classify, route, proxy, log), but the system-prompt text and the prompt-hashing claim should be validated by inspecting the hashing implementation before trusting privacy guarantees.
Install Mechanism
Install is standard Node/npm (npm install, no unusual downloads). package.json dependencies are normal and install scripts are local (scripts/setup.sh / .ps1). No extract-from-arbitrary-URL or IP-hosted installers were found in the provided files.
Credentials
The skill legitimately needs provider API keys to proxy requests. But the registry metadata declares both ANTHROPIC_API_KEY and GOOGLE_AI_API_KEY as required while the code treats many keys as optional and requires only at least one configured provider. The setup scripts write API keys and other settings to a local config file (and read env vars at runtime) — storing keys to disk is functional but increases risk if the config file permissions or location are not secured. No unrelated secrets appear to be requested, but the metadata inconsistency is misleading.
Persistence & Privilege
The skill persists configuration and logs under ~/.config/clawd-throttle/ (config.json, routing.jsonl) — expected for this kind of tool. It also can start an HTTP proxy. Notably, the server is started with httpServer.listen(config.http.port) (no explicit host), which in Node defaults to listening on all interfaces; that can unintentionally expose the proxy (and the configured provider API keys / quota) to external network users if the host is reachable. always:false and normal autonomous invocation are fine, but you should ensure the HTTP proxy binds to localhost and protect the config/log files' filesystem permissions.
scan_findings_in_context
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install clawd-throttle
  3. After installation, invoke the skill by name or use /clawd-throttle
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.0
Major update: Windows compatibility, improved routing engine, bug fixes from Claude Code development
v1.0.0
Initial release: 8 providers, 27+ models, sub-1ms prompt classification, 3 routing modes (eco/standard/performance), MCP server + HTTP reverse proxy, 114 passing tests
Metadata
Slug clawd-throttle
Version 2.0.0
License
All-time Installs 3
Active Installs 3
Total Versions 2
Frequently Asked Questions

What is Clawd Throttle?

Routes LLM requests to the cheapest capable model across 8 providers (Anthropic, Google, OpenAI, DeepSeek, xAI, Moonshot, Mistral, Ollama) and 25+ models. Scores prompts on 8 dimensions in under 1ms, supports three routing modes (eco, standard, gigachad), and logs all decisions for cost tracking. It is an AI Agent Skill for Claude Code / OpenClaw, with 1247 downloads so far.

How do I install Clawd Throttle?

Run "/install clawd-throttle" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Clawd Throttle free?

Yes, Clawd Throttle is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Clawd Throttle support?

Clawd Throttle is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Clawd Throttle?

It is built and maintained by liekzejaws (@liekzejaws); the current version is v2.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments