{"id":"decolua-9router","name":"9router","homepage":"https://9router.com","repo_url":"https://github.com/decolua/9router","category":"devtools","subcategories":[],"tags":["ai-ml","api-gateway","routing","oauth","quota-management","cost-optimization","devtools","openai-compatible","proxy","dashboard"],"what_it_does":"9Router is a local/hosted “AI code router” that exposes an OpenAI-compatible endpoint (default http://localhost:20128/v1) and automatically routes requests across multiple AI providers/models with a tiered fallback (subscription → cheap → free), including quota tracking and OAuth token refresh via a dashboard UI.","use_cases":["Route an AI coding CLI to multiple providers automatically to reduce cost and avoid provider/rate-limit failures","Maintain access to free/cheap model providers with automatic fallback during quota exhaustion","Balance load across multiple accounts per provider (round-robin/priority)","Use OpenAI-compatible endpoints from tools (Claude Code/Cursor/Cline/etc.) while leveraging non-OpenAI provider formats through translation"],"not_for":["Security-sensitive environments that cannot tolerate a local proxy handling API requests/tokens","Use cases requiring strict, deterministic routing rules without provider-to-provider format translation","Production deployments where an unverified/undocumented security posture for OAuth + request logging is unacceptable without further audit"],"best_when":"You want a drop-in OpenAI-compatible endpoint for multiple AI coding tools and are willing to rely on a proxy/router layer for quota-aware fallback and cost optimization.","avoid_when":"You need strong guarantees around data handling, logging controls, and error transparency, or you cannot run/secure a local web proxy (on localhost/VPS) that mediates third-party requests.","alternatives":["Use a single provider with adequate quota/rate limit policies","Use provider-specific fallbacks in your tooling (if supported)","Deploy a generic OpenAI-compatible proxy/gateway you control (self-hosted) with explicit routing rules"],"af_score":48.0,"security_score":33.2,"reliability_score":27.5,"package_type":"skill","discovery_source":["openclaw"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:23:33.683735+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["OAuth via dashboard for supported providers","API key usage for the local/router endpoint"],"oauth":true,"scopes":false,"notes":"README indicates a dashboard-based OAuth login to connect providers, and an API key used by CLI tools against the router endpoint. No explicit scope model or scope granularity is documented in the provided content."},"pricing":{"model":null,"free_tier_exists":true,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"The README frames 9Router as free to use and states it does not charge you; you pay upstream providers directly. Specific pricing tiers for 9Router itself are not included in the provided excerpt."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":48.0,"security_score":33.2,"reliability_score":27.5,"mcp_server_quality":0.0,"documentation_accuracy":45.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":20.0,"tls_enforcement":20.0,"auth_strength":60.0,"scope_granularity":10.0,"dependency_hygiene":35.0,"secret_handling":35.0,"security_notes":"Security posture is not fully verifiable from the provided README excerpt. The router mediates requests to multiple providers and requires an API key plus provider OAuth via a dashboard. README mentions debug/request logging and encrypted cloud sync storage, but does not specify whether sensitive data (tokens/headers) is redacted from logs, how CSRF/session security is handled in the dashboard, or what TLS guarantees exist for localhost/VPS deployments.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":20.0,"error_recovery":45.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["No explicit API contract (OpenAPI spec) provided; agent must rely on OpenAI-compatible behavior inferred from usage examples.","Request/response logging and debug mode are mentioned, but the reliability of error semantics and whether logs include sensitive headers/payloads is not specified.","Routing behavior depends on quota tracking and provider-specific failure modes; without clear error codes/retry guidance, automated clients may need conservative retry/timeout strategies."]}}