Back to skill
Skillv2.0.3
ClawScan security
ohmytoken · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 27, 2026, 5:09 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requested env var match its description: it only reports model name and token counts to ohmytoken.dev using a single API key and network call.
- Guidance
- This skill appears internally consistent, but note that the remote service (api.ohmytoken.dev) will see your model names, token counts, and your IP address and can attribute activity to the provided API key. If you care about linking usage to your identity, review the open-source repo at https://github.com/0x5446/ohmytoken-oss, check the service's privacy policy, and consider using a dedicated or limited-scoped API key. If you want extra assurance, audit the published source before installing or use a throwaway key.
Review Dimensions
- Purpose & Capability
- okName/description say it visualizes token usage; the skill requires a single OHMYTOKEN_API_KEY and its code posts model + token counts to api.ohmytoken.dev — this is proportionate and expected for the described feature.
- Instruction Scope
- okSKILL.md and instructions.md explicitly instruct adding OHMYTOKEN_API_KEY and claim only three fields (model, prompt_tokens, completion_tokens) are sent. The runtime code (src/index.ts) sends exactly those fields and nothing else; it does not read other files or env vars.
- Install Mechanism
- okNo install spec is present (instruction-only). There is a small code file included but nothing that downloads or executes external installers. No high-risk install URLs or archive extraction.
- Credentials
- okOnly OHMYTOKEN_API_KEY is required (declared in claw.json and SKILL.md). That single API key is appropriate for authenticating usage reports; no unrelated credentials or broad environment access are requested.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated or system-wide privileges. It uses the normal onLLMResponse hook and does not modify other skills or agent configuration.