AllToken — Slash Commands
AdvisoryAudited by Static analysis on May 13, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
AllToken API calls made through this skill may use the user's account quota or billing and should be treated as actions performed with the user's API key.
The skill uses a bearer API key to access the user's AllToken account. This is expected for the integration, but it is still credentialed account access.
`ALLTOKEN_API_KEY` exported in the environment the agent shells out to ... headers={"Authorization": f"Bearer {os.environ['ALLTOKEN_API_KEY']}"Only provide an AllToken API key you intend to use for these commands, keep it out of chat transcripts, and revoke or rotate it if it is exposed.
When invoked, the agent may create a temporary script and run Python locally to contact the AllToken API.
The skill instructs the agent to write and execute local Python recipes. The visible code is purpose-aligned and stdlib-only, but users should notice that installing the skill enables local command execution for these commands.
Recipe — save as `/tmp/at_chat.py`, run with `python3 /tmp/at_chat.py <model> <prompt...>`
Invoke the skill only for intended AllToken requests, and ensure the agent passes user prompts as safe arguments rather than interpolating them into an unsafe shell command.
Ambiguous mentions of AllToken could cause the agent to make an external API call if not handled carefully.
The invocation scope is broader than strict slash commands, so a message containing an AllToken phrase could trigger an API call if the agent interprets it as a request.
Match these patterns **case-insensitively** anywhere in the user's message (a leading `/` is canonical but not required)
Ask for confirmation before making billable or sensitive AllToken calls when the user's intent is ambiguous.