Skillv1.1.0

ClawScan security

OpenClaw Model Usage (Linux) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 15, 2026, 2:33 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it only reads OpenClaw session JSONL files in your home directory, computes per-model/token costs, and stores local snapshot/offset files — no network access or unrelated credentials are requested.
Guidance: This skill appears to do what it claims: parse your OpenClaw session files and report token/cost breakdowns locally. Before installing or running it, review the bundled scripts/usage.py yourself (it is included) and confirm you are comfortable with it reading files under ~/.openclaw/agents/main/sessions and writing snapshot/offset files under ~/.openclaw/workspace/skills/model-usage-linux. If those session files contain sensitive user messages you do not want processed, do not run the script or first move/inspect the session files. Because the skill runs locally and has no network code or credential requests, the main risks are local privacy (reading message content) and accidental writes to the workspace files — both expected for this utility.

Review Dimensions

Purpose & Capability: okName/description say it will parse OpenClaw session JSONL files to report token usage and cost per model; the included script explicitly reads ~/.openclaw/agents/main/sessions and builds per-channel and per-model statistics, which matches the stated purpose.
Instruction Scope: noteSKILL.md tells the agent to run the included Python script and references sessions at ~/.openclaw/agents/main/sessions/*.jsonl, which is accurate. The script additionally reads sessions.json and will scan message content to detect channel labels; it also writes/reads snapshot and offset files under ~/.openclaw/workspace/skills/model-usage-linux (this write behavior is not mentioned in SKILL.md). The script processes message text and may therefore read user messages contained in those session files (expected for this purpose).
Install Mechanism: okInstruction-only skill with no install spec and no external downloads; the code is bundled with the skill. No package managers or remote resources are pulled during install.
Credentials: okThe skill requests no environment variables or credentials. It only accesses files under the user's home (~/.openclaw/*), which is appropriate for a local usage/cost analyzer.
Persistence & Privilege: notealways:false and normal invocation are used. The script stores persistent state (reset_offsets.json and last_snapshot.json) under ~/.openclaw/workspace/skills/model-usage-linux to track offsets across runs — this is reasonable for its function but is persistent state the user should be aware of.