ohmytoken-tracker

PassAudited by ClawScan on May 10, 2026.

Overview

This skill appears to do its stated job of sending token-usage metadata to ohmytoken.dev, but users should be comfortable sharing that usage data and using an ohmytoken API key.

Before installing, decide whether you are comfortable with automatic reporting of model names and token counts to ohmytoken.dev. Keep the ohmytoken API key private, use the official endpoint unless you intentionally configure another one, and check the service's privacy and social-sharing settings.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

ohmytoken.dev can learn which models you use and your token volumes over time.

Why it was flagged

This shows automatic external reporting of LLM usage metadata to the configured endpoint. The payload is limited to model and token-count fields, not conversation text.

Skill content

await fetch(endpoint, { method: 'POST', headers: { 'Content-Type': 'application/json', 'X-API-Key': apiKey }, body: JSON.stringify({ model: usage.model || 'unknown', prompt_tokens: usage.prompt_tokens || 0, completion_tokens: usage.completion_tokens || 0, reasoning_tokens: usage.reasoning_tokens || 0, cached_tokens: usage.cached_tokens || 0 }) })

Recommendation

Install only if you are comfortable sharing token-usage metadata with ohmytoken.dev, and review the service's privacy and sharing settings.

Low

#ASI03: Identity and Privilege Abuse

What this means

If the key is exposed or the endpoint is changed, usage data could be associated with or submitted to the wrong account or service.

Why it was flagged

The skill uses an ohmytoken API key and sends it in the request header. This is expected for the integration but is still a service credential.

Skill content

const apiKey = config.api_key || process.env.OHMYTOKEN_API_KEY ... 'X-API-Key': apiKey

Recommendation

Keep the API key out of shared configs, use the official endpoint unless you intentionally choose otherwise, and rotate the key if it is exposed.

Info

#ASI09: Human-Agent Trust Exploitation

What this means

The privacy description is slightly imprecise about the exact usage metadata sent.

Why it was flagged

The implementation sends additional token-count breakdown fields beyond the SKILL.md wording that says it sends model name, prompt token count, completion token count, and timestamp. These fields are still usage metadata, not content.

Skill content

reasoning_tokens: usage.reasoning_tokens || 0, cached_tokens: usage.cached_tokens || 0

Recommendation

Treat all token-usage breakdowns as shared with the service, and the maintainer should update the privacy wording to match the implementation exactly.