v3.0.0

OpenClaw Token Optimizer

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:27 AM.

Analysis

This looks like a local cost-saving helper, but it can persistently change how your agent loads context and picks models.

GuidanceInstall if you want a local token/cost optimizer, but run the scripts manually, review generated AGENTS.md or HEARTBEAT.md changes before replacing existing files, verify any referenced optional assets, and be aware that provider API-key environment variables may be checked for routing.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityLowConfidenceHighStatusNote

scripts/context_optimizer.py

**Stop there.** Don't load anything else unless needed. ... **Simple conversations → HAIKU ONLY**

The generated AGENTS.md template can direct future agents to load less context and enforce cheaper models if the user chooses to install it.

User impactIf adopted without review, future sessions may skip useful docs or memory until a trigger is detected, which could reduce answer quality or miss important workspace context.

RecommendationReview AGENTS.md.optimized before replacing your current AGENTS.md, and keep any safety, workflow, or required context files explicitly listed as always loaded.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceMediumStatusNote

.clawhubsafe

assets/config-patches.json ... assets/HEARTBEAT.template.md ... references/PROVIDERS.md

The integrity manifest references assets and reference files that are not included in the provided file manifest, while the docs also describe using those optional files.

User impactOptional setup steps that depend on those files may fail or may require checking files outside the scanned bundle.

RecommendationVerify the installed package contents and source repository before copying optional assets or applying referenced configuration patches.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

scripts/model_router.py

if os.environ.get("ANTHROPIC_API_KEY"): return "anthropic" ... elif os.environ.get("OPENROUTER_API_KEY"): return "openrouter"

The router checks for provider API-key environment variables to infer which model provider to recommend, despite no required env vars being declared.

User impactThe script can observe whether common provider credential variables exist, though the provided code does not show it printing or transmitting their values.

RecommendationRun it only in environments where checking these provider env vars is acceptable, and avoid exposing unnecessary credentials to agent sessions.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityInfoConfidenceHighStatusNote

scripts/context_optimizer.py

STATE_FILE = Path.home() / ".openclaw/workspace/memory/context-usage.json" ... state["file_access_count"]

The optimizer persists local file-usage metadata that may inform future context-loading recommendations.

User impactLocal usage metadata can accumulate over time and influence optimization decisions, but the artifacts show local storage rather than external sharing.

RecommendationPeriodically review or delete the workspace memory state files if you do not want historical file-usage metadata retained.