Token Guard
PassAudited by ClawScan on May 1, 2026.
Overview
Token Guard appears to be a local, purpose-aligned quota helper with no credential or network behavior, though its documentation overstates some implemented protections.
This looks safe to install as a local quota-checking helper, but do not assume it provides all advertised protections such as response caching, duplicate blocking, or 429 parsing unless those features are implemented and reviewed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may over-trust the skill to prevent duplicate requests, cache responses, or parse 429 errors when the included code does not appear to provide those safeguards.
The documentation advertises protective features that are not implemented in the provided token_guard.py source, which only shows quota checks, fallback suggestions, and local usage tracking.
| **Duplicate Detection** | Blocks identical requests within 60s window (3+ = runaway) |\n| **Response Caching** | Caches successful responses for duplicate requests |\n| **429 Error Parser** | Extracts exact retry delay from Google/Anthropic error responses |
Treat this as a token/quota estimation helper unless the missing features are added and reviewed.
The skill can affect request timing and suggested model selection, which is expected for its purpose but should be understood before use.
The skill is intentionally positioned as a request-gating component that can influence whether an LLM API call proceeds, waits, blocks, or falls back to another model.
The agent can invoke TokenGuard before any LLM API call to prevent quota exhaustion.
Use it where local quota gating is desired, and keep final approval for important model switches or blocked requests under user or application control.
The skill leaves a small local state file containing usage counters that may affect later quota decisions.
The code persists local quota state by default in the skill directory; this is not hidden and is proportionate to quota tracking.
self.state_file = os.path.join(base_dir, "state.json")
If you need stateless behavior, configure or clear the state file; otherwise this persistence is consistent with the stated purpose.