ClawHub
Back to skill

Security audit

MMX Cost Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cost and token usage helper with no executable installer, network behavior, credential access, or unrelated actions found.

This appears safe to install for cost tracking and token budget guidance. Before using it in important projects, confirm that your OpenClaw runtime limits the referenced hook and project-config APIs to this skill's own cost/session data and review any retained usage metrics if session privacy matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal