Overkill Token Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed token-optimization helper, but users should be careful because it relies on an external CLI and can index local OpenClaw session memory.

Install oktk only from a source you trust; prefer npm or verified releases over piping a remote script into a shell. Use token-optimizer compress only with commands you intend to run, and index/search only session memory you are comfortable making locally searchable. Delete ~/.openclaw/workspace-memory-builder/.session_index if you no longer want the local index retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The framework instructs users to install software via `curl ... | sh`, which downloads and immediately executes remote code without verification, review, or integrity checking. If the remote host, DNS, TLS trust chain, or install script is compromised, users could execute arbitrary shell commands on their system.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal