Safety Report

OpenClaw Cost Guard (Budgets + Token-Saving Playbook)

Name: OpenClaw Cost Guard (Budgets + Token-Saving Playbook)
Rating: 5 (3 reviews)
Author: DasWeltall

Track OpenClaw/Clawdbot token and cost usage from session JSONL logs (prefer real usage.cost when present), generate daily/weekly summaries and top expensive sessions, and run budget checks (exit code on breach). Use to monitor spend, enforce budgets via cron/alerts, and apply a token-saving playbook to reduce output/tool-call cost.

2,196Downloads

2Installs

3Stars

1Versions

API Integration4,971 Workflow Automation3,323 Monitoring & Logging1,579 Finance & Accounting1,347

Security Analysis

high confidence

Clean

The skill is internally consistent: it only reads local OpenClaw/Clawdbot session JSONL logs, summarizes cost/token usage, optionally estimates costs from PRICE_* env vars, and provides budget exit codes — nothing in the files requests unrelated credentials, network exfiltration, or elevated persistence.

Feb 11, 20263 files

Purpose & Capabilityok

Name/description (cost guard, budgets, token-saving playbook) align with the provided files. The script reads session JSONL files under ~/.openclaw and ~/.clawdbot, extracts usage/cost, aggregates by day/session, and implements budget checks and JSON/text output — exactly what the skill claims.

Instruction Scopeok

SKILL.md instructs the agent to read the specified session log paths and run the included Python script with various flags; the instructions do not ask the agent to read unrelated paths, harvest environment secrets, or post data to external endpoints. The doc suggests wiring alerts to a channel (e.g., Telegram) but explicitly warns not to embed secrets and leaves implementation to the user.

Install Mechanismok

No install spec and only a single Python script are included. There are no downloads or third-party installs, and the script is plain Python (no hidden binaries or archives). This is low-risk and proportionate for the described functionality.

Credentialsok

No required env vars or credentials are declared. Optional PRICE_* env vars are reasonable and explicitly documented for cost estimation fallback. The script does not request unrelated secrets or cloud credentials.

Persistence & Privilegeok

The skill is not always-enabled and makes no changes to agent/system configuration. It runs as a user-level script reading files under the user's home directory and returns nonzero exit codes for budget breaches as documented.

Guidance

This skill appears to do what it says: read OpenClaw/Clawdbot session logs and report costs. Before installing/running: confirm the session log paths (~/.openclaw and ~/.clawdbot) are where you expect logs to live, review file permissions (these logs can contain chat content), and run the included script locally to inspect output. If you wire budget alerts to external services (Telegram, email, etc.), avoid embedding API tokens in the script or cron job; store credentials securely and limit recipients. If you want extra assurance, review the included scripts yourself or run them in a restricted user account.

Latest Release

v0.1.0

Initial release: accurate JSONL cost extraction (OpenClaw + Clawdbot), top expensive sessions, budget check (exit 2 on breach) for cron alerts, and a token-saving playbook to reduce spend.

More by @DasWeltall

OpenClaw Auto‑Updater (Safe + Scheduled + Summary)

11 stars

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Find Skills

@JimLiuxinghai · 529 stars

Proactive Agent

@halthelobster · 426 stars

Published by @DasWeltall on ClawHub