Token Optimizer
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears purpose-aligned and local, but it processes OpenClaw session data, writes reusable compressed context, and includes an explicit gateway-restart cleanup command users should run deliberately.
Install only if you are comfortable with a local tool reading OpenClaw session metadata/transcripts and writing token-usage artifacts in your workspace. Prefer plan-only cleanup first, review compressed context files before reuse, and confirm the installed CLI entrypoint matches the documented scripts.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Compressed context files could carry private or outdated session information into later work if reused without review.
The skill intentionally creates persistent, reusable context derived from prior sessions. This is aligned with token compression, but those files may contain sensitive or stale conversation context.
`--compress` does not mutate the live session transcript. It creates an external compressed context file that can be reused in new sessions.
Review compressed files before reusing or sharing them, and delete old token-usage artifacts when they are no longer needed.
The skill can see local OpenClaw session metadata and account/cost information available to the logged-in CLI user.
The skill uses the user's existing OpenClaw CLI context to enumerate sessions and usage-cost data. This is expected for token optimization, but it relies on the user's local OpenClaw privileges.
data = self._run_json(["openclaw", "sessions", "--json"]) ... data = self._run_json(["openclaw", "gateway", "usage-cost", "--days", str(days), "--json"])
Run it only in the OpenClaw workspace/account you intend to analyze.
If applied at the wrong time, cleanup may interrupt active OpenClaw gateway activity.
The apply mode can execute a local OpenClaw control action. It is disclosed and not the default cleanup behavior, but restarting the gateway can affect active work.
`--cleanup --apply` currently performs only one automated action: - `openclaw gateway restart` if stuck sessions are detected.
Use `--cleanup` plan mode first, then run `--cleanup --apply` only when a gateway restart is acceptable.
The documented command may fail or depend on an entrypoint not present in the provided artifact set.
The package points to `scripts/token-optimize`, while the provided manifest lists `scripts/token_optimize.py` but not that wrapper path. The install script also tries to chmod the missing wrapper, so the packaged entrypoint is ambiguous.
"bin": {
"token-optimize": "scripts/token-optimize"
}Verify the installed package contains the expected `scripts/token-optimize` wrapper before relying on the CLI.