fleet-auditor
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseFleet Auditor: Cross-Platform Agent Token Waste Auditor
Fleet Auditor:跨平台Agent Token浪费审计工具
Detects installed agent systems, collects token usage data, identifies waste patterns, and recommends fixes with dollar savings estimates. Everyone tracks. Nobody coaches. Until now.
Use when: Running multiple agent systems, spending $2-5/day on agents, suspecting idle heartbeats are burning tokens, or want a cross-system cost audit.
检测已安装的Agent系统,收集token使用数据,识别浪费模式,并提供包含资金节省估算的修复建议。此前人人都在追踪数据,但无人提供优化指导。现在,Fleet Auditor来了。
适用场景:运行多个Agent系统,每日在Agent上花费2-5美元,怀疑闲置心跳消耗token,或需要进行跨系统成本审计。
Phase 0: Initialize
阶段0:初始化
- Resolve fleet.py path (works for both skill and plugin installs):
bash
FLEET_PY=""
for f in "$HOME/.claude/skills/fleet-auditor/scripts/fleet.py" \
"$HOME/.claude/plugins/cache"/*/token-optimizer/*/skills/fleet-auditor/scripts/fleet.py; do
[ -f "$f" ] && FLEET_PY="$f" && break
done
[ -z "$FLEET_PY" ] && { echo "[Error] fleet.py not found. Is Fleet Auditor installed?"; exit 1; }
echo "Using: $FLEET_PY"Use for all subsequent fleet.py calls.
$FLEET_PY- Detect systems:
bash
python3 $FLEET_PY detect --jsonParse the JSON output. Report what was found.
If nothing detected, explain: "No agent systems found. Fleet Auditor supports: Claude Code, OpenClaw, NanoClaw, Hermes, OpenCode, IronClaw."
- 确定fleet.py路径(支持skill和plugin两种安装方式):
bash
FLEET_PY=""
for f in "$HOME/.claude/skills/fleet-auditor/scripts/fleet.py" \
"$HOME/.claude/plugins/cache"/*/token-optimizer/*/skills/fleet-auditor/scripts/fleet.py; do
[ -f "$f" ] && FLEET_PY="$f" && break
done
[ -z "$FLEET_PY" ] && { echo "[Error] fleet.py not found. Is Fleet Auditor installed?"; exit 1; }
echo "Using: $FLEET_PY"后续所有调用fleet.py时均使用。
$FLEET_PY- 检测系统:
bash
python3 $FLEET_PY detect --json解析JSON输出,报告检测结果。
若未检测到任何系统,请说明:"未找到Agent系统。Fleet Auditor支持以下系统:Claude Code、OpenClaw、NanoClaw、Hermes、OpenCode、IronClaw。"
Phase 1: Scan
阶段1:扫描
Collect token usage data from detected systems:
bash
python3 $FLEET_PY scan --days 30Report how many runs were collected per system. If this is the first scan, it may take a moment to parse all session files.
从检测到的系统中收集token使用数据:
bash
python3 $FLEET_PY scan --days 30报告每个系统收集到的运行次数。如果是首次扫描,解析所有会话文件可能需要一些时间。
Phase 2: Audit
阶段2:审计
Run waste pattern detection:
bash
python3 $FLEET_PY audit --jsonParse the JSON output. Present findings ordered by severity and monthly savings.
If no waste found: "Your fleet looks clean. No significant waste patterns detected."
OpenClaw Security + Cost Check (March 2026):
- If OpenClaw is detected and version < 2026.3.12: flag as HIGH severity. 31 CVEs including ClawJacked (full agent takeover). Compromised instances run rogue agents that burn tokens undetected. Recommend immediate upgrade.
- Check for ClawHub skills matching ClawHavoc campaign patterns (1,184+ malicious skills). These skills exfiltrate data via extra API calls, inflating token spend.
- Flag if gateway rate limiting is disabled (CVE-2026-25253). Without it, brute-force attacks can spawn unlimited agent sessions. Recommend:
openclaw config set security.rateLimit.enabled true
运行浪费模式检测:
bash
python3 $FLEET_PY audit --json解析JSON输出,按严重程度和月度节省金额排序展示发现的问题。
若未发现浪费:"你的Agent集群运行良好,未检测到明显的浪费模式。"
OpenClaw安全+成本检查(2026年3月):
- 若检测到OpenClaw且版本低于2026.3.12:标记为高严重级别。存在31个CVE漏洞,包括ClawJacked(完全Agent接管)。被入侵的实例会运行恶意Agent,在未被察觉的情况下消耗token。建议立即升级。
- 检查ClawHub中的skill是否匹配ClawHavoc攻击活动模式(超过1184个恶意skill)。这些skill会通过额外API调用泄露数据,导致token支出增加。
- 若网关速率限制已禁用(CVE-2026-25253),标记为问题。若无速率限制,暴力攻击可生成无限Agent会话。建议执行:
openclaw config set security.rateLimit.enabled true
Phase 3: Present Findings
阶段3:展示审计结果
[Fleet Auditor Results]
SYSTEMS DETECTED
- Claude Code: X runs ($Y.YY)
- OpenClaw: X runs ($Y.YY)
WASTE PATTERNS FOUND
1. [SEVERITY] Description
Est. savings: $X.XX/month
Fix: recommendation
2. [SEVERITY] Description
...
TOTAL POTENTIAL SAVINGS: $X.XX/month
Ready to act? I can:
1. Show detailed fix snippets for each finding
2. Generate the fleet dashboard for visual analysis
3. Run /token-optimizer for deeper Claude Code optimization[Fleet Auditor 审计结果]
检测到的系统
- Claude Code:X次运行($Y.YY)
- OpenClaw:X次运行($Y.YY)
发现的浪费模式
1. [严重级别] 描述
预估节省:每月$X.XX
修复建议:具体方案
2. [严重级别] 描述
...
总潜在节省金额:每月$X.XX
是否需要进一步操作?我可以:
1. 展示每个问题的详细修复代码片段
2. 生成集群仪表盘用于可视化分析
3. 运行/token-optimizer进行更深入的Claude Code优化Phase 4: Dashboard (optional)
阶段4:仪表盘(可选)
If user wants visual analysis:
bash
python3 $FLEET_PY dashboardThis generates and opens it in the browser.
~/.claude/_backups/token-optimizer/fleet-dashboard.html若用户需要可视化分析:
bash
python3 $FLEET_PY dashboard此命令会生成并在浏览器中打开。
~/.claude/_backups/token-optimizer/fleet-dashboard.htmlPhase 5: Deep Dive (optional)
阶段5:深度分析(可选)
For Claude Code specifically, offer for full audit (CLAUDE.md, skills, MCP, hooks, etc.).
/token-optimizerFor other systems, show the fix snippets from the audit and guide the user through implementing them.
针对Claude Code,可提供/token-optimizer进行全面审计(涵盖CLAUDE.md、skill、MCP、hooks等)。
针对其他系统,展示审计结果中的修复代码片段,并指导用户完成修复操作。
Reference Files
参考文件
| Phase | Read |
|---|---|
| Adapter development | |
| Detector development | |
| 阶段 | 参考文档 |
|---|---|
| 适配器开发 | |
| 检测器开发 | |
Error Handling
错误处理
- No systems detected: Report cleanly, list supported systems
- Empty scan results: System detected but no session data in window. Suggest increasing
--days - Permission errors: Report which files couldn't be read, continue with available data
- Corrupted data: Skip bad files, report count of skipped files
- fleet.py not found: Check both skill and plugin install paths
- 未检测到系统:清晰报告,列出支持的系统
- 扫描结果为空:检测到系统但指定时间范围内无会话数据。建议增加参数的值
--days - 权限错误:报告无法读取的文件,使用可用数据继续执行
- 数据损坏:跳过损坏的文件,报告跳过的文件数量
- 未找到fleet.py:检查skill和plugin两种安装路径
Core Rules
核心规则
- Quantify everything in dollars AND tokens
- Never read or expose message content (privacy-first)
- Report confidence levels alongside findings
- Suppress findings below 0.4 confidence threshold
- Always show fix snippets with recommendations
- Frame savings as monthly recurring, not one-time
- 所有指标均以美元和token两种单位量化
- 绝不读取或泄露消息内容(隐私优先)
- 报告结果时附带置信度
- 隐藏置信度低于0.4的结果
- 始终提供修复代码片段和建议
- 将节省金额表述为月度经常性节省,而非一次性节省