Claude Usage Release
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: openclaw-claude-usage Version: 1.0.1 The skill is classified as suspicious due to its reliance on direct shell command execution via `expect -c '...'` in `SKILL.md` to interact with the `claude` CLI. While the stated purpose of checking Claude usage is benign, executing arbitrary shell commands, even hardcoded ones, introduces a significant attack surface and potential for privilege escalation or RCE if the `claude` CLI itself is compromised or if the `expect` script were to be modified or accept untrusted input. Additionally, it accesses a local file `~/.claude/stats-cache.json` for fallback, which could contain sensitive data. There is no clear evidence of intentional malicious behavior like data exfiltration to external endpoints or backdoor installation, but the high-risk capabilities warrant a 'suspicious' classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may launch Claude Code on your machine and interact with it to retrieve plan usage.
The skill instructs the agent to automate an interactive local CLI session. This is disclosed and directly tied to checking usage, but it is still local tool automation.
expect -c '\n spawn claude\n expect "Welcome"\n send "/usage\r"
Use only if you are comfortable with the agent running this bounded `/usage` workflow through your local Claude Code CLI.
The skill can access usage information for the Claude account currently authenticated in Claude Code.
The skill depends on an already-authenticated Claude account session to retrieve subscription usage.
**Claude Code CLI** must be installed and authenticated
Confirm the authenticated Claude Code account is the one you intend to check, and avoid using the skill on shared machines or accounts if usage data is sensitive.
If the main interactive flow is unavailable, the agent may read local Claude usage cache data and summarize it back to you.
The documented fallback reads a persistent local Claude cache containing usage/token-count information.
`~/.claude/stats-cache.json` - shows local session token counts (limited data)
Treat returned usage/token-count information as private account activity data, and ensure local cache access is acceptable before using the fallback.