开源AI工作流

Prerequisites

• OpenClaw installed and running
• ClawHub CLI: npm i -g clawhub
• The revenium CLI — installed via Homebrew (works on both macOS and Linux):

  brew install revenium/tap/revenium
  

The skill is gated on this binary and won't load without it. (post-install.sh also installs it automatically via Homebrew if it's missing — see step 2.) - Revenium API key, Team ID, Tenant ID, and Owner ID

Installation

1. Install the skill from ClawHub

clawhub install --force --dir ~/.openclaw/skills revenium

About the VirusTotal warning: ClawHub may display a warning that this skill is "flagged as suspicious by VirusTotal Code Insight." This is a false positive — the skill calls the Revenium API via the revenium CLI and handles API keys during setup, which triggers VirusTotal's heuristic detection for "external APIs" and "crypto keys." The skill is open source and safe to install. The --force flag bypasses this warning.

Installing for local development or testing from this Git repo instead of ClawHub? See Installing from the GitHub repo below.

2. Run post-install setup

ClawHub does not run post-install scripts, so run the setup script first — it installs any missing prerequisites (including the revenium CLI itself, which the next step needs) and configures OpenClaw sandbox access:

bash ~/.openclaw/skills/revenium/scripts/post-install.sh

This will:

1. Check for and install the revenium CLI and jq via Homebrew (if missing), and verify python3 is available 2. Mark the skill's scripts as executable 3. Configure the Docker sandbox under agents.defaults.sandbox.docker in ~/.openclaw/openclaw.json: - Bind-mounts ~/.openclaw (rw — skills, sessions, logs, guardrail-status.json) and the Homebrew bin/lib directories containing revenium and jq (ro) - Sets PATH, HOME, LD_LIBRARY_PATH, and SSL_CERT_FILE in the container environment - Injects REVENIUM_API_KEY / REVENIUM_API_URL / REVENIUM_TEAM_ID / REVENIUM_TENANT_ID / REVENIUM_OWNER_ID from your host config (so the CLI inside the sandbox is authenticated without mounting ~/.config) - Sets dangerouslyAllowExternalBindSources: true — required so the gateway accepts the ~/.openclaw and Homebrew binds, which live outside the sandbox's default ~/.openclaw/workspace root. It does not mount any credential path; those remain hard-blocked by OpenClaw regardless of this flag. 4. Enable autoAllowSkills in ~/.openclaw/exec-approvals.json so skill-declared binaries are auto-approved 5. Seed an initial guardrail-status.json so the agent doesn't error before the cron's first run 6. Seed an initial config.json (prompts interactively for autonomousMode) so operators can set the halt-vs-warn behavior up front 7. Inject a mandatory guardrail check into AGENTS.md so enforcement is always in context 8. Deploy BUDGET-GUARD.md into the workspace so enforcement is injected into isolated/cron sessions too 9. Verify the installation

On this first run your Revenium credentials aren't set yet, so post-install will warn that it couldn't inject them into the sandbox — that's expected. You'll set them and re-run post-install in step 3.

Already have prerequisites installed? Pass --skip-prereqs to skip Homebrew installs and fail immediately if anything is missing.

3. Set Revenium credentials on the host, then re-run post-install

Now that the revenium CLI is installed (step 2), set your credentials on the host and re-run post-install so they get injected into the sandbox:

revenium config set key <API_KEY>
revenium config set team-id <TEAM_ID>
revenium config set tenant-id <TENANT_ID>
revenium config set owner-id <OWNER_ID>
revenium config show          # confirm the values are set

bash ~/.openclaw/skills/revenium/scripts/post-install.sh   # re-run to snapshot creds into the sandbox

The revenium CLI stores these at ~/.config/revenium/config.yaml.

Credentials reach the sandbox as a snapshot, not live. OpenClaw's sandbox hard-blocks mounting credential paths (anything under ~/.config), so the skill cannot bind-mount your revenium config into the container. Instead, post-install reads your host credentials and injects them as REVENIUM_* environment variables into the sandbox. This means any time you set or rotate credentials, you must re-run post-install and restart the gateway (steps 3–4) to refresh them. Setting revenium config set from inside an agent session has no effect on the sandbox.

First-time setup (automatic)

The metering cron and guardrail rules are configured the first time you interact with the agent after installing the skill. The agent walks you through configuring your budget and creates the guardrail rules — no manual script execution needed.

To verify the cron is running after setup:

tail -f ~/.openclaw/skills/revenium/revenium-metering.log

To manually manage the cron:

```bash

Reinstall

bash ~/.openclaw/skills/revenium/scripts/install-cron.sh

Uninstall

bash ~/.openclaw/skills/revenium/scripts/uninstall-cron.sh ```

Installing from the GitHub repo (local development)

Use this when you want to run or test unreleased changes (e.g. a feature branch) instead of the ClawHub release. The key constraints, both enforced by OpenClaw's sandbox:

• The skill must be a real directory inside ~/.openclaw/skills/ — do not symlink a clone from elsewhere. OpenClaw rejects skills whose path resolves outside the skills root (reason=symlink-escape).
• Credentials are injected into the sandbox as a snapshot at post-install time. Because post-install is also what installs the revenium CLI, the order is: run post-install once (installs the CLI) → revenium config set … → re-run post-install to snapshot the creds. Re-run post-install after any later credential change too.

2. Run post-install, set credentials, re-run post-install, restart

```bash

Run post-install FIRST — it installs the `revenium` CLI (and jq) if missing.

...and re-run post-install to snapshot them into the sandbox, then restart.

bash ~/.openclaw/skills/revenium/scripts/post-install.sh openclaw gateway restart ```

Re-run post-install ONLY if the sandbox config, credentials, or AGENTS.md

Setup

Setup happens automatically the first time the agent tries to perform an operation (or run /revenium to start it manually). The agent will:

1. Confirm your Revenium API key, Team ID, Tenant ID, and Owner ID are visible in the sandbox (set on the host, per step 3)
2. Ask for a budget threshold (e.g., 5.00)
3. Ask for a budget period (DAILY, WEEKLY, MONTHLY, or QUARTERLY)
4. Optionally enable shadow mode (record breaches without enforcing) and autonomous mode (halt-on-exceed with notifications to Slack, Discord, Telegram, etc.)
5. Create the Revenium guardrail rules and save their ruleIds to ~/.openclaw/skills/revenium/config.json
6. Install the background metering cron (runs every minute by default; configurable)

Setup is atomic — if rule creation fails, no partial ruleIds are written.

Setup is idempotent. Re-running setup (or installing on a fresh VM pointed at the same Revenium tenant) checks for an existing same-scope budget rule before creating a new one. If a match is found, setup adopts the existing rule rather than creating a duplicate. If multiple same-scope rules are detected (e.g., from earlier redundant runs), setup warns and prints the exact revenium guardrails budget-rules delete <id> --yes command for each — it does not auto-delete, since a shared tenant may host rules belonging to other hosts.

Rule names include a deployment label suffix (e.g., OpenClaw Monthly Budget — my-host). Override the label via the REVENIUM_BUDGET_LABEL env var before invoking setup-guardrails.sh to produce human-distinguishable names when multiple hosts share the same Revenium tenant. Default: short hostname from hostname -s.

Per-deployment budget scoping (independent filter-scoped budget rules per deployment, rather than a single shared tenant budget) is a separate future capability and is currently out of scope.

Or persist it in config.json so future re-installs pick it up:

Uninstalling

bash ~/.openclaw/skills/revenium/scripts/uninstall-cron.sh
rm -rf ~/.openclaw/skills/revenium

Optionally clean up your Revenium guardrail rules:

revenium guardrails budget-rules list
revenium guardrails budget-rules delete <rule-id> --yes

Configuration

The skill stores its config at ~/.openclaw/skills/revenium/config.json:

{
  "ruleIds": ["d5jng5"],
  "organizationName": "my-org",
  "autonomousMode": false,
  "notifyChannel": "slack",
  "notifyTarget": "#ops",
  "cronIntervalMinutes": 1
}

• ruleIds — the Revenium guardrail rule IDs (created during setup; their presence is the signal that setup is complete)
• organizationName — optional, used for attribution in Revenium reporting
• autonomousMode — when true, budget exceedance halts all operations and sends notifications; when false (default), the agent warns and asks for permission
• notifyChannel / notifyTarget — notification destination for autonomous-mode halt alerts
• cronIntervalMinutes — optional, how often the metering/guardrail cron runs (default 1); see Cron interval

Your API key, Team ID, Tenant ID, and Owner ID are stored separately by the revenium CLI (at ~/.config/revenium/config.yaml) and injected into the sandbox as REVENIUM_* environment variables by post-install.

Now that the CLI exists, set Revenium credentials on the host...

revenium config set key <API_KEY> revenium config set team-id <TEAM_ID> revenium config set tenant-id <TENANT_ID> revenium config set owner-id <OWNER_ID>

Troubleshooting