ClawRouter

Name/description match the instructions: it routes requests to many models and tells the agent to set models to blockrun/auto. However the description mentions routing 'all... through one wallet' while the skill declares no required env vars and only a single config path (models.providers.blockrun) — this is plausible if BlockRun is an aggregator, but the skill does not document what credentials or wallet config are required.

SKILL.md only instructs installing the external OpenClaw plugin and switching the agent's model to blockrun/auto or a pinned model. It does not ask the agent to read unrelated files, secrets, or system paths beyond the declared models.providers.blockrun config path.

This packaged skill is instruction-only and contains no code, but the provided workflow requires running 'openclaw plugins install @blockrun/clawrouter' which will download and install external code not present in this skill. The skill gives no install spec here, so installing will fetch code from outside the package (the homepage repo is given). That external install step could place arbitrary code on disk and should be audited before running.

The skill declares no required environment variables but does require the config path models.providers.blockrun. The description's 'one wallet' claim implies sensitive credentials/payment details will be used. The skill does not enumerate what secrets (wallet keys, provider API keys) are needed or how they are stored, which is a transparency gap and a proportionality concern.

always is false and there are no indications the skill requests persistent system-wide privileges or modifies other skills' configs. Autonomous invocation is allowed (default) but not combined here with other high-risk flags.