API Failover — 智能 API 备用切换

Name: API Failover — 智能 API 备用切换
Author: Qihong

Qihong

API Failover — 智能 API 备用切换

v1.0.1

检测 AI API/提供商/模型故障，并将请求路由到健康的备用提供商或降级模型。用于创建或维护自动故障转移机制，确保 API 请求的高可用性。

0· 57·0 当前·0 累计

by @zqh2333 (Qihong)·MIT-0

API工具自动化容器与虚拟化安全

下载技能包

License

MIT-0

最后更新

2026/4/2

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

可疑

medium confidence

该技能的目的（API 备用切换）与包含的脚本相符，但存在无法解释的环境/配置访问和操作假设（根路径、systemctl 重启、未声明的 API 环境变量），这些与发布的要求不符。

评估建议

该技能似乎实现了一个 AI 备用代理，并包含可运行的脚本 — 使用是合理的，但有一些问题需要您在运行前检查： - 在执行前审查包含的 Python 脚本（它们小且易读）。它们读取 `/root/.openclaw/openclaw.json` 和 `~/.config/api-failover.env`，并将使用环境变量如 `PRIMARY_API_KEY`、`ANTHROPIC_API_KEY`、`OPENROUTER_API_KEY` 和 `OLLAMA_DUMMY_KEY`（如果存在）。 - 注册元数据不列出这些环境变量或配置路径；将其视为红旗。如果您计划使用此技能，请仅提供您打算启用的提供商密钥，并将其存储在安全的环境文件中。 - `activate_secondary.py` 和 `bootstrap_failover.py` 调用 `systemctl --user` 以（重新）启动 `api-failover.service`。除非您理解/同意在主机上重新启动用户服务，否则不要运行这些脚本。首先在容器或隔离测试用户中运行代理。 - 如果您有敏感的 `/root/.open...

详细分析 ▾

⚠ 用途与能力

The name/description (AI API failover) aligns with the code and instructions, but the registry metadata declares no required env vars or config paths while the bundled scripts clearly expect provider API keys (PRIMARY_API_KEY, ANTHROPIC_API_KEY, OPENROUTER_API_KEY, OLLAMA_DUMMY_KEY), read /root/.openclaw/openclaw.json, and reference ~/.config/api-failover.env and other root-scoped paths. Required binaries are listed as none, yet the scripts assume system utilities (systemctl) and python3; these environment & path assumptions are not declared in the manifest and may not be appropriate for all users.

⚠ 指令范围

SKILL.md directs the agent/operator to run included scripts that inspect environment, read local config files, start/stop a user systemd service, spawn a local HTTP proxy, and perform upstream API calls. Those instructions go beyond passive guidance: they read system files, restart services, and run network calls. While these actions are coherent for deploying a failover proxy, they are intrusive and should be clearly declared; the instructions also rely on control fields in request bodies and remove them before forwarding (expected for proxy behavior). No hidden remote exfil endpoints were found, but the instructions give the skill broad discretion to read local credentials and config.

ℹ 安装机制

No install spec is provided (instruction-only), which minimizes installer risk. However, the skill bundles multiple executable Python scripts that will be run directly. The absence of an install step means files are simply present in the workspace — verify their contents before executing. No external downloads or archive extraction are used.

⚠ 凭证需求

The manifest lists no required environment variables or primary credential, but the code expects multiple API keys and may inherit credentials from /root/.openclaw/openclaw.json. That mismatch is notable: the skill needs provider credentials (reasonable for failover) but fails to declare them, and it will read config from root-scoped locations. Environment access requests are therefore under-declared and could lead to accidental exposure of unrelated secrets if run in a privileged environment.

⚠ 持久化与权限

The skill will restart a user systemd service (systemctl --user restart api-failover.service), create/read files under /tmp and hard-coded /root paths, and can start long-running local proxy processes. 'always' is false (good), but the scripts assume permission to control user services and to read root-scoped config. This level of operational privilege is significant and should be explicitly documented and approved before running.

⚠ references/config-example.yaml:22