by 安全扫描
OpenClaw
安全
medium confidenceThe skill appears to do what it claims (route between local and cloud models, detect privacy, track context) and contains only local file operations; a few small inconsistencies and omissions are worth noting before use.
评估建议
This skill is largely coherent with its stated purpose, but review a few things before installing: 1) File/path mismatches: SKILL.md examples reference skill/core/router.py and modules/* while the files are under skill/*. Confirm how the package will be executed and fix paths before running. 2) The router will create ~/.model-router and write contexts and models.json — expect local persistence of truncated message text. 3) Cloud models in the built-in registry may require API keys (e.g., ANTHROP...详细分析 ▾
✓ 用途与能力
Name/description (route between local and cloud models based on complexity/privacy) aligns with the code: detector reads local Ollama configs, router scores complexity and checks privacy, and context manager stores conversation state. No unrelated credentials or binaries are requested. Minor mismatch: SKILL.md and examples reference paths like skill/core/router.py and modules/..., but the repo files are skill/router.py, skill/detector.py, skill/context.py — code attempts to import modules.context / modules.detector which may raise ImportError (the router has a fallback). Also SKILL.md claims `core ~200 lines` while router.py is larger; these are inconsistency/accuracy issues but not inherently malicious.
ℹ 指令范围
Runtime instructions stay within the stated purpose (route tasks, detect privacy, optionally read local Ollama config and write ~/.model-router config/context). They do write/read files in the user's home (~/.model-router, ~/.ollama/models.json and /usr/share/ollama/models.json) and the context manager persists truncated message content. The SKILL.md examples reference paths that don't match the shipped files (may confuse automated installs or cause ImportError), and the SKILL.md instructs local CLI commands that will execute Python scripts on the user's machine — review those paths before running.
✓ 安装机制
No install spec provided (instruction-only install), no external downloads, no brew/npm installs. The code is present in the package so installing will only place those files locally; there is no installer that fetches remote code.
ℹ 凭证需求
The package declares no required env vars, and most operations are local/read-only. However built-in fallback models indicate cloud models may require API keys (e.g., ANTHROPIC_API_KEY is referenced in a Model definition). The skill does not declare or request those env vars in metadata — using cloud models will require the user to supply credentials separately. Privacy detection will scan text for tokens/emails, which is expected behavior but could flag benign inputs.
✓ 持久化与权限
The skill does create and write files under the user's home (~/.model-router/contexts.json and models.json) for configuration and conversation context — this is consistent with its purpose. It does not request global agent privileges, does not set always:true, and does not modify other skills or system-wide configuration in the visible code.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv2.0.02026/3/16
No changes detected in this release. - Version number and documentation remain unchanged. - No file or feature updates.
● 无害
安装命令
点击复制官方npx clawhub@latest install ai-model-router
镜像加速npx clawhub@latest install ai-model-router --registry https://cn.longxiaskill.com