Token Reduction Engine
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a local LLM-response caching tool, but it stores answers persistently and its code does not appear to implement some advertised safety protections.
Install only if you want a local answer cache and are comfortable with cached responses being stored on disk. Do not treat this as a complete agent safety layer or tamper-proof knowledge base based on the current artifacts; review or clear the cache for sensitive work and verify any Company Brain integration before enabling it.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or incorrect cached answers could persist and be returned later as if they were reliable.
Cached LLM answers are written to a local JSON file and reloaded automatically. This is purpose-aligned for caching, but it means sensitive, stale, or locally modified answers can be reused in future sessions, and the included code does not show integrity/source checks before trusting loaded entries.
CACHE_PERSISTENCE_FILE = os.path.join(CACHE_DATA_DIR, "answer_cache.json") ... _save_cache_to_disk() ... # Auto-load persisted cache on module import ... _load_cache_from_disk()
Treat the cache as persistent local data: avoid caching sensitive answers, inspect or delete the cache when needed, restrict local file access, and add actual integrity/source validation before using it as a trusted knowledge store.
A user may rely on TRE as an agent safety gate or tamper-proof cache when those protections are not actually present in the reviewed code.
These user-facing safety claims are stronger than the provided implementation supports. The source uses SHA-256 as a query key and implements answer caching, but it does not show command/intent enforcement or tamper rejection for cache entries.
Forbidden command list — "brain.delete_brain", "brain.purge" are blocked before execution ... SHA-256 write verification — any tampered cache entry is rejected on read
Do not rely on this skill to block dangerous tool commands or provide tamper-proof facts unless those controls are implemented and tested; the documentation should be narrowed or the missing protections should be added.
If this helper is used, cached content may be persisted outside TRE in a local Brain service.
The included Brain API helper can send query snippets and answers to a local facts service. This is consistent with the advertised Company Brain integration and is not called by the main cache path shown, but users should notice that it can copy cached content into another local knowledge store.
requests.post('http://127.0.0.1:8000/facts', json={ 'key': query[:100], 'type': 'string', 'value': answer[:5000], 'source': 'tre_answer_cache' }, timeout=1)Use the Brain integration only with a trusted local service, and avoid sending sensitive answers unless you understand the receiving service’s storage and access controls.