ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Overkill Token Optimizer

v1.0.3

Optimize and manage session tokens for workspace memory with commands to check usage, reset, index, search, and compress tokens.

0· 367·0 current·0 all-time
by@broedkrummen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the behavior: the code and docs operate on local workspace session files (~/.openclaw/workspace-memory-builder) and call an external oktk CLI to compress CLI output and index/search sessions. _meta.json and SKILL.md both reference npm/oktk which is consistent with the stated purpose.
Instruction Scope
SKILL.md instructs only local operations (indexing, searching, compressing, resetting sessions) and to install the oktk CLI. The code reads session files and writes an index under the stated storage path, which is expected. However FRAMEWORK.md (bundled in the package) also suggests running an external curl install (curl -sSL https://get.oktk.io | sh) — that is not in the main SKILL.md but is included and raises risk because it instructs running a remote install script. The CLI will run user-supplied commands (via the compress command) through oktk, which is expected functionality but means you should be cautious about what commands are passed or allowed to run automatically.
!
Install Mechanism
There is no formal install spec for the skill (instruction-only), but both SKILL.md and FRAMEWORK.md tell the user to install oktk. FRAMEWORK.md recommends running a curl-get script (get.oktk.io) which is higher-risk than installing from a known vetted release; the SKILL.md suggests npm install -g oktk (safer if package is legitimate). Because the skill relies on a third-party CLI that would be installed from the network, you should review the oktk project and any install scripts before running them.
Credentials
The skill does not request secrets or credentials; the only configurable environment variable is OKTK_BIN (path to the oktk binary). That is proportionate to a tool that wraps a local CLI. _meta.json lists required_binaries including npm and oktk which aligns with the need to install oktk.
Persistence & Privilege
The skill is not marked always:true and does not request system-wide config changes. It reads/writes only to its own workspace directory under the user's home (~/.openclaw/...), which is expected for a token optimizer. The default ability for the model to invoke the skill autonomously is present but not combined with other high-risk privileges in this package.
What to consider before installing
This skill appears to do what it says (operate on local session files and call a compression/indexing CLI), but there are several red flags you should consider before installing or running it: - Do NOT run curl -sSL https://get.oktk.io | sh or any unattended install script without inspecting its contents first. The package includes a FRAMEWORK.md that suggests that script — treat it as untrusted until you review it. - Review the oktk project's source (the repo referenced in SKILL.md) and its npm package to ensure it's legitimate and that you trust running it on your machine. - The CLI will read your session files under ~/.openclaw/workspace-memory-builder/memory/*.md and will write an index under ~/.openclaw/workspace-memory-builder/.session_index/. If these files contain sensitive data, be aware the tool accesses them (this is expected for a token optimizer). - The included Python CLI has several issues/typos (a malformed import block, duplicated constants, and user-facing typos like "oktl" and a wrong npm install message) which suggest the code hasn't been well-tested. Expect runtime errors; inspect/execute the code in a safe environment (container/VM) first. - Because compress/index operations invoke external binaries and may run arbitrary commands (via oktk), avoid giving the agent automatic/autonomous permission to call these commands, or restrict usage until you've verified behavior. If you want to proceed: inspect the code locally, audit the oktk installer and package, run the tool in an isolated environment first, and back up any session data before running reset/confirm operations.

Like a lobster shell, security has layers — review code before you run it.

clivk973v7r1pxbdqehttv0smab7pd81v0gdlatestvk973v7r1pxbdqehttv0smab7pd81v0gdoktkvk97241gewvjt8nvzhz7anbtyjn81ty88optimizationvk973v7r1pxbdqehttv0smab7pd81v0gdtokenvk973v7r1pxbdqehttv0smab7pd81v0gd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments