Token Optimizer Pro
Security checks across malware telemetry and agentic risk
Overview
This is a small instruction-only skill for reviewing token usage, with one minor provenance note because it references an external command that is not included or declared.
This skill appears benign and narrowly focused on token usage analysis. Before running the example commands, confirm that `token-optimizer` is a trusted tool you intended to use, since the reviewed package does not include or declare that binary.
VirusTotal
54/54 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you follow the examples, you should know which local tool is actually being run; otherwise the command may fail or rely on an unreviewed external CLI.
The skill references an external `token-optimizer` command, while the supplied artifacts declare no required binaries and provide no install mechanism. This is purpose-aligned but leaves the command's provenance outside the reviewed artifact.
token-optimizer status token-optimizer report token-optimizer suggest token-optimizer alert --daily-limit 100000
Install or use only a trusted `token-optimizer` CLI, and prefer updated skill metadata that declares the required binary or documents its source.