ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Optimizer by Drakon Systems

v0.8.1

CLI tool that audits OpenClaw config files for misconfigurations, token waste, security issues, and stale auth. Reads local JSON config files only. No data l...

0· 29·0 current·0 all-time
by@jarvis-drakon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description (OpenClaw config audit, token/security checks, optional fleet audit) aligns with the declared requirements: node>=20 and a global npm install of @drakon-systems/agent-optimizer. Requested config paths (openclaw JSON files, workspace skills/hooks/extensions) are appropriate for this purpose.
Instruction Scope
SKILL.md instructs the tool to read local config files and scan workspace code and mentions a fleet mode that runs 'cat ~/.openclaw/openclaw.json' via SSH using the user's ~/.ssh/config/keys. This is consistent with an audit tool, but scanning workspace/skills/hooks may access other sensitive files (tokens, credentials) — the skill claims not to transmit data, which is plausible but relies on the external npm package behaving as documented.
Install Mechanism
No local code included; install is 'npm install -g @drakon-systems/agent-optimizer' from the npm registry. This is a typical delivery for a CLI but does mean arbitrary third-party code will be installed at runtime — moderate-risk compared to instruction-only skills. The package and homepage URLs are declared; verify they match the publisher before installing.
Credentials
The skill requests no environment variables or credentials. It legitimately reads ~/.ssh/config and uses existing SSH keys for fleet audits and scans local config paths that may contain tokens. Access to those files is proportionate to an audit tool, but they are sensitive — the user should confirm the package will not exfiltrate data (the SKILL.md states a one-time license activation and npm update check only).
Persistence & Privilege
always:false (default) and no special persistence or system-wide configuration changes are requested. License and snapshots are stored under ~/.agent-optimizer; auto-invocation privileges are normal for skills and not elevated here.
Assessment
This skill appears internally consistent, but it installs a third-party npm CLI and performs local scans (including optional SSH-based fleet reads). Before installing: 1) verify the npm package and GitHub/homepage URLs and publisher identity; 2) review the package code or its crate on a test VM if you cannot fully trust it; 3) be aware fleet mode will use your ~/.ssh keys to read remote OpenClaw files (ensure you intend that); 4) run in dry-run/audit mode first and inspect the generated snapshots and the locally stored license (~/.agent-optimizer/) to confirm behavior. If you need higher assurance, request the package source code or a signed release and audit it before running it against production configurations.

Like a lobster shell, security has layers — review code before you run it.

latestvk9789sk1c6eja6j67w1g5rj90x84wjge

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments