← Back to Skills Marketplace
Claude Usage Release
by
Chunhua Liao
· GitHub ↗
· v1.0.1
891
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install openclaw-claude-usage
Description
Check Claude Max plan usage limits by launching Claude Code and running /usage. Use when the user asks about Claude plan usage, remaining quota, rate limits,...
Usage Guidance
This skill appears to do what it says (automate the Claude Code CLI to run /usage) but the metadata omits important runtime requirements and local file access. Before installing or enabling it, consider:
- Verify the claude CLI is trustworthy and up-to-date; this skill spawns that CLI with an automated TUI script.
- Inspect the contents of ~/.claude/stats-cache.json on your system to confirm it doesn't contain secrets you wouldn't want parsed or transmitted; the SKILL.md's fallback reads this file but the skill metadata does not declare it.
- Prefer a non-interactive, documented API or official CLI flag for usage data rather than PTY/expect automation where possible; expect-based automation is brittle and can accidentally surface more output than intended.
- Ask the skill author to update skill.yml/registry metadata to explicitly list required binaries (expect, claude), required config paths (e.g., ~/.claude/stats-cache.json), and to clarify exactly what data is read and formatted.
Given the inconsistencies, treat the skill as allowed only in a controlled environment and avoid granting it access to accounts containing sensitive tokens until these gaps are corrected.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-claude-usage
Version: 1.0.1
The skill is classified as suspicious due to its reliance on direct shell command execution via `expect -c '...'` in `SKILL.md` to interact with the `claude` CLI. While the stated purpose of checking Claude usage is benign, executing arbitrary shell commands, even hardcoded ones, introduces a significant attack surface and potential for privilege escalation or RCE if the `claude` CLI itself is compromised or if the `expect` script were to be modified or accept untrusted input. Additionally, it accesses a local file `~/.claude/stats-cache.json` for fallback, which could contain sensitive data. There is no clear evidence of intentional malicious behavior like data exfiltration to external endpoints or backdoor installation, but the high-risk capabilities warrant a 'suspicious' classification.
Capability Assessment
Purpose & Capability
The skill claims to check Claude Max usage (reasonable), but the package metadata/registry entry lists no required binaries or config paths while SKILL.md explicitly requires the Claude Code CLI and the expect binary (and authenticated Claude CLI). The omitted declarations are disproportionate to the metadata and reduce transparency.
Instruction Scope
Runtime instructions tell the agent to spawn an interactive Claude Code TUI via expect and parse its output (expected for a TUI workaround). The fallback instructs reading ~/.claude/stats-cache.json to obtain usage data—this reads a local config/cache file that may contain sensitive session data and was not declared in the skill's required config paths.
Install Mechanism
No install spec (instruction-only). This minimizes installer risk because nothing arbitrary is downloaded or written by the skill itself.
Credentials
The skill requests no environment variables, but it requires an authenticated Claude CLI and reads local cache (~/.claude/stats-cache.json) in fallback. Accessing local CLI auth state or cache is effectively access to credentials/session material and should have been declared; the lack of declared credentials/config paths is disproportionate.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills or system-wide settings. It runs only when invoked.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-claude-usage - After installation, invoke the skill by name or use
/openclaw-claude-usage - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Fixed: removed personal GitHub username from author field and README clone URL. Note: skill deprecated — superseded by native /usage command, ccusage CLI, and CC Usage MCP server.
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Claude Usage Release?
Check Claude Max plan usage limits by launching Claude Code and running /usage. Use when the user asks about Claude plan usage, remaining quota, rate limits,... It is an AI Agent Skill for Claude Code / OpenClaw, with 891 downloads so far.
How do I install Claude Usage Release?
Run "/install openclaw-claude-usage" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Claude Usage Release free?
Yes, Claude Usage Release is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Claude Usage Release support?
Claude Usage Release is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Claude Usage Release?
It is built and maintained by Chunhua Liao (@chunhualiao); the current version is v1.0.1.
More Skills