Cut your LLM costs by 200x. Offload parallel, batch, and research work to Gemini Flash workers instead of burning your expensive primary model.
Security Analysis
high confidenceThe skill's description (instruction-only, no credentials) does not match its actual footprint: it includes runnable code, expects provider API keys (Gemini/OpenAI/Anthropic/Groq/Supabase) and writes keys/config to disk, and it suggests agent-level guidance changes — these mismatches and the presence of prompt-injection references warrant caution.
The skill advertises itself as an instruction-only cost-savings orchestrator and the registry metadata lists no required environment variables, yet the included repository and SKILL.md clearly require LLM provider API keys (GEMINI_API_KEY, OPENAI_API_KEY, ANTHROPIC_API_KEY, GROQ_API_KEY) and optionally Supabase creds. README and setup steps instruct cloning the GitHub repo and running npm install — so this is not purely docs-only. The declared minimal requirement (node only, no env) is inconsistent with the actual needs.
SKILL.md and INSTALL.md instruct the agent/user to run a local daemon, run an interactive setup that validates API keys by calling provider endpoints, save API keys to files under ~/.config/clawdbot, enable web search grounding, and optionally add guidance to AGENTS.md so agents prefer Swarm for parallel tasks. These instructions go beyond a simple helper: they require network calls, persistent local services, writing secrets to disk, and altering agent guidance — all of which expand the attack surface and could bias agent behavior.
The registry claims 'no install spec' but the package includes full runtime code and README/setup that instructs git clone + npm install. The source is on GitHub (well-known host), which lowers some risk vs an arbitrary download, but the mismatch between 'instruction-only' metadata and the presence of executable code is concerning — automatic install behavior may be different than promised.
Registry lists no required env vars or primary credential, but the code and docs repeatedly reference GEMINI_API_KEY and other provider keys, and tests/benchmarks mention SUPABASE_URL and SUPABASE_SERVICE_KEY. The setup wizard saves API keys to disk (~/.config/clawdbot/<provider>-key.txt). Requesting and persisting multiple provider and service credentials (not declared) is disproportionate to the metadata and should be explicitly disclosed before installation.
The skill runs a background daemon (http://localhost:9999), persists configuration and daily metrics under ~/.config/clawdbot, and writes provider API keys to disk with limited file permissions. While not marked always:true, the daemon is persistent and can make outbound requests to validate keys and perform searches. Persisting secrets locally and altering agent guidance (AGENTS.md) increase lasting privilege and potential exposure.
Guidance
Key points to consider before installing/using this skill: - Metadata mismatch: the registry claims no credentials and 'instruction-only', but the package includes runnable code and requires LLM provider API keys (e.g., GEMINI_API_KEY) and possibly Supabase keys. Do not assume no secrets are needed. - Secrets on disk: the setup wizard saves API keys under ~/.config/clawdbot (provider-key.txt). If you install, be aware secrets will be persisted locally; review save paths, file permissions, and consider using least-privilege keys or ephemeral/test keys. - Review source before running: because the repo contains executable JavaScript and a daemon, inspect the code (lib/, bin/) or run it in an isolated environment (container, VM) first. Pay attention to network calls (validateApiKey, web search grounding, any outbound telemetry) and any code that sends data off-host. - Network & provider scope: the skill performs provider API calls to validate keys and run worker requests (Gemini/OpenAI/Anthropic/Groq). Only provide keys scoped with minimal permissions and monitor usage/cost caps. Consider setting cost limits in config before heavy use. - AGENTS.md / prompt guidance: INSTALL.md suggests adding guidance to agent configuration so agents preferentially use Swarm. That can bias agent behavior — do not automatically apply these changes without review. - Run initial tests in sandbox: run npm run diagnose and the test suite in an isolated environment with dummy or limited credentials. Confirm what gets persisted (metrics, caches) and whether any unexpected endpoints are contacted. - Verify origin & integrity: confirm the GitHub repo (https://github.com/Chair4ce/node-scaling) is authentic and matches the published package. If you cannot confirm provenance, avoid installing runnable code into production agents. If you want, I can extract the exact files that read environment variables and list every referenced env var and file path so you can audit which secrets would be exposed or persisted.
Latest Release
v1.3.7
v1.3.5-1.3.7: Self-reflection, Skeleton-of-Thought, Structured Output, Majority Voting. Quality sprint complete.
More by @Chair4ce
Published by @Chair4ce on ClawHub
