Skillv1.3.6

ClawScan security

Agent Cost Strategy · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 6, 2026, 3:37 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only skill is internally consistent with its stated purpose (model-tiering and cost optimization) but makes recommendations (long-lived sessions and broad prompt caching) that carry privacy/data-retention trade-offs you should understand before using it widely.
Guidance: This skill is coherent and useful for reducing API spend, but pay attention to the privacy and operational trade-offs it recommends: keeping sessions long and caching large system prompts, workspace files, and memory will reduce cost but increases data retention and the chance that sensitive data could be stored and reused. Before enabling broadly: 1) Verify your provider's cache TTLs and how cached data is stored/isolated by tenant; 2) Ensure organizational policies prohibit caching secrets or PII (or implement filters to strip them); 3) Test the sub-agent spawn rule in a non-production environment to confirm model selection is enforced (so defaults don't leak expensive models); 4) Monitor cache hit rates, costs, and any unexpected retention of sensitive context; 5) If you have compliance or privacy constraints, consult those teams before adopting the 'keep sessions alive' recommendations. If you want, I can extract the exact actionable rules from the SKILL.md into a checklist or a gating policy for safe rollout.

Purpose & Capability: okThe skill's name and description (tiered model selection, sub-agent model rules, cron/heartbeat guidance) match the SKILL.md content. It asks for no binaries, no env vars, and contains only policy-style instructions appropriate for cost optimization.
Instruction Scope: noteInstructions stay focused on cost strategies (tier routing, cache patterns, batch API, explicit model selection for sub-agents). However, several recommendations increase data retention/caching (keep sessions alive, cache workspace files and memory, put static content in system prompts). The skill does warn to avoid caching secrets, but those caching/long-session recommendations materially affect privacy and attack surface and should be considered before application in sensitive contexts.
Install Mechanism: okInstruction-only skill with no install spec or code files — lowest install risk. Nothing will be written to disk or downloaded by the skill itself.
Credentials: okNo environment variables, credentials, or config paths are requested. The lack of requested secrets is proportionate to an instructions-only cost-optimization guide.
Persistence & Privilege: okThe skill does not request permanent presence (always: false) and contains no mechanism to alter other skills or system settings. Note: autonomous invocation is allowed by platform default (not flagged here) — combine with caching guidance this increases operational impact and should be monitored.