Zero Token
PassAudited by ClawScan on May 4, 2026.
Overview
No malicious behavior is evident, but this skill sets up a third-party LLM gateway that uses API keys, routes prompts to free providers, and runs a local background service.
This skill appears coherent and not malicious from the provided artifacts. Before installing, review the pinned Free-Way gateway, use only disposable/free-tier API keys, check each provider's data-retention terms, and remember that the local gateway will keep running until you stop it.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Provider API keys added to the gateway could be abused if the gateway or local machine is compromised.
The skill expects the user to enter API keys for external LLM providers. This is necessary for the stated gateway purpose and the script warns against production keys, but the credentials are still sensitive.
Add free API keys ... ⚠️ Use free-tier keys. Do NOT use production API keys.
Use disposable or free-tier keys only, avoid production or billing-enabled keys, and rotate keys if you uninstall or stop trusting the gateway.
Prompts, files, or user data sent to the fallback model may be processed by whichever free provider is selected.
The skill routes model traffic through a gateway to multiple third-party LLM providers, and the documentation correctly notes provider-specific privacy and retention policies.
Free-Way gateway aggregates 13+ free LLM providers behind a single `/v1` endpoint... Every provider has its own privacy policy and data retention. Review each provider's terms before routing sensitive data.
Do not route sensitive data until you have reviewed and accepted the privacy terms for each configured provider.
Installing the skill can execute third-party gateway code and npm packages on the local machine after the user runs the setup script.
The setup script downloads a third-party repository and installs npm dependencies. The Free-Way commit is pinned, which reduces risk, but the downloaded code and dependencies are not part of the supplied artifacts.
git clone --depth 1 "$FREE_WAY_REPO" "$FREE_WAY_DIR" ... git checkout FETCH_HEAD ... npm install --omit=dev 2>/dev/null || npm install
Review the pinned Free-Way commit and its dependency lockfile before running setup, and avoid changing the pinned commit without review.
The local gateway may keep running after setup until the user stops it.
The script starts the gateway as a background process. This is disclosed and includes stop/uninstall commands, so it is not hidden persistence.
nohup npm start > "$FREE_WAY_DIR/free-way.log" 2>&1 & ... To STOP the gateway: pkill -f 'node.*free-way'
Stop the service when it is not needed and remove `$HOME/free-way` if you uninstall the skill.
Using the skill may change how the agent responds, not just how it routes model calls.
The skill instructs the agent to apply a separate SOUL behavior profile, which can affect the agent's identity, tone, memory behavior, and upgrade suggestions.
T:apply_soul|from:SOUL.md ... T:apply_genes|all
Review SOUL.md before enabling the skill and remove or modify behavior genes that do not match your desired agent behavior.
End users may assume they are still using the primary model unless the application clearly discloses fallback provider behavior.
The marketing emphasizes seamless or invisible failover while also claiming transparency. This appears to mean service continuity, but users should not confuse seamless fallback with unchanged privacy or provider handling.
Your users won't even notice the switch... Zero Token never hides the switch.
Disclose fallback routing in your own product or agent policy, especially when prompts may go to free-tier providers.