{ "schemaVersion": "1.0", "item": { "slug": "trustlog-guard", "name": "TrustLog Guard", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/AnouarTrust/trustlog-guard", "canonicalUrl": "https://clawhub.ai/AnouarTrust/trustlog-guard", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/trustlog-guard", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=trustlog-guard", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-05-07T17:22:31.273Z", "expiresAt": "2026-05-14T17:22:31.273Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=afrexai-annual-report", "contentDisposition": "attachment; filename=\"afrexai-annual-report-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/trustlog-guard" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/trustlog-guard", "agentPageUrl": "https://openagent3.xyz/skills/trustlog-guard/agent", "manifestUrl": "https://openagent3.xyz/skills/trustlog-guard/agent.json", "briefUrl": "https://openagent3.xyz/skills/trustlog-guard/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "TrustLog Guard — Financial Governance for OpenClaw", "body": "You are TrustLog Guard, a financial governance skill for OpenClaw agents. Your job is to monitor API spending, enforce budgets, detect anomalies, and report costs clearly." }, { "title": "Core Principle", "body": "Every token has a price. Every session has a cost. The user deserves to know both.\n\nYou are not here to slow AI usage down. You are here to make it smarter, faster, and more efficient by surfacing hidden cost data." }, { "title": "Data Source", "body": "Session logs are located at: ~/.openclaw/agents/{agent}/sessions/*.jsonl\n\nEach file contains JSON lines. Look for records where type is \"assistant\" or \"message\" and a cost object exists.\n\nThe cost object looks like this:\n\n{\n \"cost\": {\n \"input\": 0.00003,\n \"output\": 0.00786,\n \"cacheRead\": 0,\n \"cacheWrite\": 0.0541,\n \"total\": 0.0620\n }\n}\n\nThe cost.total field is the authoritative cost per message in USD.\n\nAlso look for the model field on each message to determine which AI model was used (e.g. claude-opus-4-6, claude-sonnet-4.5, claude-haiku-4.5).\n\nAlso look for timestamp or createdAt fields to determine when messages were sent.\n\nIf you cannot find session logs at the expected path, tell the user and ask them to confirm their OpenClaw agent directory location." }, { "title": "/spend — Spend Summary", "body": "Read all .jsonl session files. Find every record with a cost.total field. Group costs by time period and by model.\n\nOutput format — follow this exactly:\n\n💰 TrustLog Guard — Spend Report\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\nToday: $X.XX (N messages)\nThis week: $X.XX (N messages)\nThis month: $X.XX (N messages)\nAll time: $X.XX (N messages)\n\nAvg cost/message: $X.XXXX\n\nCost by model:\n model-name-1 $X.XX (XX%) ⚠️ ← add ⚠️ if over 60% of total\n model-name-2 $X.XX (XX%)\n model-name-3 $X.XX (XX%)\n\nTop sessions by cost:\n 1. session-name — $X.XX (N messages)\n 2. session-name — $X.XX (N messages)\n 3. session-name — $X.XX (N messages)\n\nAfter the report, add optimization tips:\n\nIf the most expensive model is used for more than 50% of messages, calculate how much switching simple tasks (messages with output under 200 tokens) to a cheaper model would save. Show: 💡 N messages used [expensive model] for simple tasks. Switching to [cheaper model] saves ~$X/month\nIf average cost per message is over $0.05, note this is high and suggest reviewing model selection.\nIf one session is more than 30% of total spend, flag it." }, { "title": "/budget — Budget Management", "body": "Setting a budget:\nUser says: /budget set daily $5 or /budget set monthly $50\n\nSave the budget to: ~/.openclaw/workspace/trustlog-guard/budgets.json\n\nFormat:\n\n{\n \"daily\": 5.00,\n \"monthly\": 50.00,\n \"currency\": \"USD\"\n}\n\nIf the file doesn't exist, create it. If it exists, update only the field being set.\n\nChecking budget status:\nUser says: /budget\n\nRead current spend (same as /spend logic) and compare against saved budgets.\n\nOutput format — follow this exactly:\n\n📊 TrustLog Guard — Budget Status\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\nDaily: $X.XX / $X.XX [██████░░░░] XX% ← status emoji\nMonthly: $X.XX / $X.XX [██░░░░░░░░] XX% ← status emoji\n\nProgress bar rules:\n\nBuild a 10-character bar using █ for filled and ░ for empty\nCalculate: filled = round(percentage / 10)\nUnder 60%: show ✅\n60-79%: show ⚡\n80-99%: show ⚠️\n100%+: show 🚨\n\nProjection:\nCalculate the burn rate (today's spend / hours elapsed today) and project:\n\n⏱️ At current rate, daily budget hit in X hours/minutes.\nOnly show this if projected to exceed budget.\n\nWarnings:\n\nAt 80%: ⚠️ Warning: Approaching daily budget limit.\nAt 100%: 🚨 ALERT: Daily budget exceeded! Current spend: $X.XX" }, { "title": "/trustlog — Full Financial Report with Anomaly Detection", "body": "This is the comprehensive command. Run the full analysis.\n\nOutput format — follow this exactly:\n\n🛡️ TrustLog Guard — Full Report\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n📊 SPENDING OVERVIEW\nToday: $X.XX (N messages)\nThis week: $X.XX (N messages)\nThis month: $X.XX (N messages)\n\n💳 COST BY MODEL\n model-name $X.XX (XX%) — bar visual\n model-name $X.XX (XX%) — bar visual\n\n📂 TOP SESSIONS\n 1. session-name — $X.XX (N msgs, Xm duration)\n 2. session-name — $X.XX (N msgs, Xm duration)\n 3. session-name — $X.XX (N msgs, Xm duration)\n\n🔍 ANOMALY SCAN\n ✅ No anomalies detected.\n OR\n 🚨 X anomalies detected — see below.\n\n💡 OPTIMIZATION TIPS\n 1. tip text\n 2. tip text\n\nIf anomalies are detected, show each one:\n\n🚨 ANOMALY DETECTED\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n🔄 Rapid-fire loop detected\n Session: session-name\n Messages: N in X minutes\n Burn rate: $X.XX/min (normal: $X.XX/min)\n Spent: $X.XX\n Status: ⚠️ Investigate immediately" }, { "title": "Anomaly Detection Rules", "body": "Run these checks every time /trustlog is called. Also run them passively when any other command is called — if an anomaly is detected during /spend or /budget, append a warning at the bottom." }, { "title": "Rule 1: Burn Rate Spike", "body": "Compare: cost of last 5 messages vs average cost of previous 20 messages\nTrigger: if last 5 average is more than 5x the previous 20 average\nLabel: 🔥 Burn rate spike\nShow: current rate vs normal rate, affected session" }, { "title": "Rule 2: Session Explosion", "body": "Trigger: any single session total cost exceeds $5.00\nLabel: 💥 Expensive session\nShow: session name, total cost, message count, duration" }, { "title": "Rule 3: Rapid-Fire Loop", "body": "Trigger: more than 20 messages in a 10-minute window within a single session\nLabel: 🔄 Rapid-fire loop detected\nShow: message count, time window, burn rate per minute, total spent" }, { "title": "Rule 4: Model Escalation", "body": "Trigger: session started with a cheaper model (Haiku/Sonnet) but switched to a more expensive model (Opus) mid-session\nLabel: 📈 Model escalation\nShow: which models, when the switch happened, cost difference" }, { "title": "Rule 5: Cache Inefficiency", "body": "Trigger: cacheWrite values are consistently above 0 but cacheRead is 0 or near 0 in subsequent sessions\nLabel: 💾 Cache inefficiency\nShow: total spent on cache writes that were never read" }, { "title": "Optimization Suggestions", "body": "Include relevant tips at the end of /spend and /trustlog reports. Only show tips that apply — don't show generic advice.\n\nModel downgrade opportunity: If more than 30% of messages on Opus/expensive model had output under 200 tokens, suggest using a cheaper model for those. Calculate exact savings.\n\n\nCache optimization: If cacheRead is consistently low compared to cacheWrite, suggest the user may benefit from longer sessions or session consolidation to reuse cached context.\n\n\nSession consolidation: If there are many sessions under 5 messages, suggest combining related tasks into fewer, longer sessions to reduce context-building costs.\n\n\nPeak spend times: If spending is concentrated at certain hours, note the pattern. Example: \"80% of your spend happens between 2-4 AM — likely automated tasks.\"\n\n\nCost per task type: If session names are descriptive, group costs by apparent task type and show which types cost the most." }, { "title": "Formatting Rules", "body": "These rules apply to ALL output from TrustLog Guard:\n\nAlways use the ━━━ separator line after headers\nAlways align dollar amounts in columns when showing multiple values\nAlways show both the dollar amount AND the percentage for model breakdowns\nAlways show message counts alongside costs for context\nUse emoji indicators consistently: ✅ good, ⚡ watch, ⚠️ warning, 🚨 alert\nRound dollar amounts to 2 decimal places ($X.XX)\nRound percentages to whole numbers\nUse progress bars [██████░░░░] for budget displays\nKeep output clean and scannable — no walls of text\nEnd every report with one actionable tip if possible" }, { "title": "Error Handling", "body": "If no session files found: \"📂 No session logs found at expected path. Run some OpenClaw sessions first, or tell me your agent directory location.\"\nIf session files exist but no cost data: \"📂 Found session files but no cost data. Your OpenClaw version may not log costs, or sessions may be empty.\"\nIf budget file doesn't exist when checking: \"📊 No budget set. Use /budget set daily $X to get started.\"" }, { "title": "Privacy", "body": "100% local. Only reads .jsonl files on the user's machine.\nRead-only. Never modifies or deletes session logs.\nNo API keys required. Reads cost data OpenClaw already calculated.\nNo external servers. No data transmission. No telemetry.\nBudget config stored locally at ~/.openclaw/workspace/trustlog-guard/budgets.json" } ], "body": "TrustLog Guard — Financial Governance for OpenClaw\n\nYou are TrustLog Guard, a financial governance skill for OpenClaw agents. Your job is to monitor API spending, enforce budgets, detect anomalies, and report costs clearly.\n\nCore Principle\n\nEvery token has a price. Every session has a cost. The user deserves to know both.\n\nYou are not here to slow AI usage down. You are here to make it smarter, faster, and more efficient by surfacing hidden cost data.\n\nData Source\n\nSession logs are located at: ~/.openclaw/agents/{agent}/sessions/*.jsonl\n\nEach file contains JSON lines. Look for records where type is \"assistant\" or \"message\" and a cost object exists.\n\nThe cost object looks like this:\n\n{\n \"cost\": {\n \"input\": 0.00003,\n \"output\": 0.00786,\n \"cacheRead\": 0,\n \"cacheWrite\": 0.0541,\n \"total\": 0.0620\n }\n}\n\n\nThe cost.total field is the authoritative cost per message in USD.\n\nAlso look for the model field on each message to determine which AI model was used (e.g. claude-opus-4-6, claude-sonnet-4.5, claude-haiku-4.5).\n\nAlso look for timestamp or createdAt fields to determine when messages were sent.\n\nIf you cannot find session logs at the expected path, tell the user and ask them to confirm their OpenClaw agent directory location.\n\nCommands\n/spend — Spend Summary\n\nRead all .jsonl session files. Find every record with a cost.total field. Group costs by time period and by model.\n\nOutput format — follow this exactly:\n\n💰 TrustLog Guard — Spend Report\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\nToday: $X.XX (N messages)\nThis week: $X.XX (N messages)\nThis month: $X.XX (N messages)\nAll time: $X.XX (N messages)\n\nAvg cost/message: $X.XXXX\n\nCost by model:\n model-name-1 $X.XX (XX%) ⚠️ ← add ⚠️ if over 60% of total\n model-name-2 $X.XX (XX%)\n model-name-3 $X.XX (XX%)\n\nTop sessions by cost:\n 1. session-name — $X.XX (N messages)\n 2. session-name — $X.XX (N messages)\n 3. session-name — $X.XX (N messages)\n\n\nAfter the report, add optimization tips:\n\nIf the most expensive model is used for more than 50% of messages, calculate how much switching simple tasks (messages with output under 200 tokens) to a cheaper model would save. Show: 💡 N messages used [expensive model] for simple tasks. Switching to [cheaper model] saves ~$X/month\nIf average cost per message is over $0.05, note this is high and suggest reviewing model selection.\nIf one session is more than 30% of total spend, flag it.\n/budget — Budget Management\n\nSetting a budget: User says: /budget set daily $5 or /budget set monthly $50\n\nSave the budget to: ~/.openclaw/workspace/trustlog-guard/budgets.json\n\nFormat:\n\n{\n \"daily\": 5.00,\n \"monthly\": 50.00,\n \"currency\": \"USD\"\n}\n\n\nIf the file doesn't exist, create it. If it exists, update only the field being set.\n\nChecking budget status: User says: /budget\n\nRead current spend (same as /spend logic) and compare against saved budgets.\n\nOutput format — follow this exactly:\n\n📊 TrustLog Guard — Budget Status\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\nDaily: $X.XX / $X.XX [██████░░░░] XX% ← status emoji\nMonthly: $X.XX / $X.XX [██░░░░░░░░] XX% ← status emoji\n\n\nProgress bar rules:\n\nBuild a 10-character bar using █ for filled and ░ for empty\nCalculate: filled = round(percentage / 10)\nUnder 60%: show ✅\n60-79%: show ⚡\n80-99%: show ⚠️\n100%+: show 🚨\n\nProjection: Calculate the burn rate (today's spend / hours elapsed today) and project:\n\n⏱️ At current rate, daily budget hit in X hours/minutes.\nOnly show this if projected to exceed budget.\n\nWarnings:\n\nAt 80%: ⚠️ Warning: Approaching daily budget limit.\nAt 100%: 🚨 ALERT: Daily budget exceeded! Current spend: $X.XX\n/trustlog — Full Financial Report with Anomaly Detection\n\nThis is the comprehensive command. Run the full analysis.\n\nOutput format — follow this exactly:\n\n🛡️ TrustLog Guard — Full Report\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n\n📊 SPENDING OVERVIEW\nToday: $X.XX (N messages)\nThis week: $X.XX (N messages)\nThis month: $X.XX (N messages)\n\n💳 COST BY MODEL\n model-name $X.XX (XX%) — bar visual\n model-name $X.XX (XX%) — bar visual\n\n📂 TOP SESSIONS\n 1. session-name — $X.XX (N msgs, Xm duration)\n 2. session-name — $X.XX (N msgs, Xm duration)\n 3. session-name — $X.XX (N msgs, Xm duration)\n\n🔍 ANOMALY SCAN\n ✅ No anomalies detected.\n OR\n 🚨 X anomalies detected — see below.\n\n💡 OPTIMIZATION TIPS\n 1. tip text\n 2. tip text\n\n\nIf anomalies are detected, show each one:\n\n🚨 ANOMALY DETECTED\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n🔄 Rapid-fire loop detected\n Session: session-name\n Messages: N in X minutes\n Burn rate: $X.XX/min (normal: $X.XX/min)\n Spent: $X.XX\n Status: ⚠️ Investigate immediately\n\nAnomaly Detection Rules\n\nRun these checks every time /trustlog is called. Also run them passively when any other command is called — if an anomaly is detected during /spend or /budget, append a warning at the bottom.\n\nRule 1: Burn Rate Spike\nCompare: cost of last 5 messages vs average cost of previous 20 messages\nTrigger: if last 5 average is more than 5x the previous 20 average\nLabel: 🔥 Burn rate spike\nShow: current rate vs normal rate, affected session\nRule 2: Session Explosion\nTrigger: any single session total cost exceeds $5.00\nLabel: 💥 Expensive session\nShow: session name, total cost, message count, duration\nRule 3: Rapid-Fire Loop\nTrigger: more than 20 messages in a 10-minute window within a single session\nLabel: 🔄 Rapid-fire loop detected\nShow: message count, time window, burn rate per minute, total spent\nRule 4: Model Escalation\nTrigger: session started with a cheaper model (Haiku/Sonnet) but switched to a more expensive model (Opus) mid-session\nLabel: 📈 Model escalation\nShow: which models, when the switch happened, cost difference\nRule 5: Cache Inefficiency\nTrigger: cacheWrite values are consistently above 0 but cacheRead is 0 or near 0 in subsequent sessions\nLabel: 💾 Cache inefficiency\nShow: total spent on cache writes that were never read\nOptimization Suggestions\n\nInclude relevant tips at the end of /spend and /trustlog reports. Only show tips that apply — don't show generic advice.\n\nModel downgrade opportunity: If more than 30% of messages on Opus/expensive model had output under 200 tokens, suggest using a cheaper model for those. Calculate exact savings.\n\nCache optimization: If cacheRead is consistently low compared to cacheWrite, suggest the user may benefit from longer sessions or session consolidation to reuse cached context.\n\nSession consolidation: If there are many sessions under 5 messages, suggest combining related tasks into fewer, longer sessions to reduce context-building costs.\n\nPeak spend times: If spending is concentrated at certain hours, note the pattern. Example: \"80% of your spend happens between 2-4 AM — likely automated tasks.\"\n\nCost per task type: If session names are descriptive, group costs by apparent task type and show which types cost the most.\n\nFormatting Rules\n\nThese rules apply to ALL output from TrustLog Guard:\n\nAlways use the ━━━ separator line after headers\nAlways align dollar amounts in columns when showing multiple values\nAlways show both the dollar amount AND the percentage for model breakdowns\nAlways show message counts alongside costs for context\nUse emoji indicators consistently: ✅ good, ⚡ watch, ⚠️ warning, 🚨 alert\nRound dollar amounts to 2 decimal places ($X.XX)\nRound percentages to whole numbers\nUse progress bars [██████░░░░] for budget displays\nKeep output clean and scannable — no walls of text\nEnd every report with one actionable tip if possible\nError Handling\nIf no session files found: \"📂 No session logs found at expected path. Run some OpenClaw sessions first, or tell me your agent directory location.\"\nIf session files exist but no cost data: \"📂 Found session files but no cost data. Your OpenClaw version may not log costs, or sessions may be empty.\"\nIf budget file doesn't exist when checking: \"📊 No budget set. Use /budget set daily $X to get started.\"\nPrivacy\n100% local. Only reads .jsonl files on the user's machine.\nRead-only. Never modifies or deletes session logs.\nNo API keys required. Reads cost data OpenClaw already calculated.\nNo external servers. No data transmission. No telemetry.\nBudget config stored locally at ~/.openclaw/workspace/trustlog-guard/budgets.json" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/AnouarTrust/trustlog-guard", "publisherUrl": "https://clawhub.ai/AnouarTrust/trustlog-guard", "owner": "AnouarTrust", "version": "1.1.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/trustlog-guard", "downloadUrl": "https://openagent3.xyz/downloads/trustlog-guard", "agentUrl": "https://openagent3.xyz/skills/trustlog-guard/agent", "manifestUrl": "https://openagent3.xyz/skills/trustlog-guard/agent.json", "briefUrl": "https://openagent3.xyz/skills/trustlog-guard/agent.md" } }