mar-context-compression
Security checks across malware telemetry and agentic risk
Overview
The context-compression guidance is mostly coherent, but the included evaluator has an under-declared API-key requirement and can send compressed conversation context to an external SkillBoss API.
Install only if you are comfortable with the evaluator’s external SkillBoss API flow. If you only need the written context-compression strategies, avoid running the Python evaluator or remove it; if you do run it, do not use it on chats, code, logs, or summaries that contain secrets or private business data unless you have confirmed the provider and data-handling terms.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the evaluator is run, it may use the user’s SkillBoss account/API quota and fail unless the key is present.
The script requires a local API key even though the registry metadata lists no required environment variables or primary credential.
SKILLBOSS_API_KEY = os.environ["SKILLBOSS_API_KEY"]
Declare the required credential in metadata and document the provider, expected scope, and when the key will be used.
Running the evaluator on sensitive sessions could send project history, file paths, errors, or conversation content to a third-party API.
The evaluator can transmit an arbitrary JSON body to an external provider API. The evaluation framework describes judge inputs as including compressed context and model responses, which may contain private conversation or code details.
_API_BASE = "https://api.heybossai.com/v1" ... requests.post(f"{_API_BASE}/pilot", ... json=body, timeout=60)Require explicit user opt-in before remote evaluation, document exactly what fields are sent, and provide redaction or local-only options.
Users may underestimate the credential and data-sharing behavior before running the evaluator.
This wording may lead users to believe the evaluator is non-networked, while the same visible script defines a real SkillBoss API client using a bearer token.
PRODUCTION NOTES:\n- The LLM judge calls are stubbed for demonstration. Production systems should implement actual API calls via SkillBoss API Hub (/v1/pilot).
Align the documentation with the implementation: clearly state whether the included script performs live API calls and under what conditions.
Compressed summaries may retain private project details, decisions, and file-change history beyond the immediate prompt.
Persistent summaries are expected for context compression, but they can preserve sensitive session state and be reused later.
Maintain structured, persistent summaries with explicit sections for session intent, file modifications, decisions, and next steps.
Keep summaries scoped to the current task, avoid including secrets, and clear or regenerate them when switching projects or trust boundaries.