v1.0.0

Inception Token Optimizer

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:48 AM.

Analysis

This skill is a coherent token-optimization guide with small local helper scripts and no evidence of hidden installs, credential use, network calls, or destructive behavior.

GuidanceThis appears safe for its stated purpose. Before using it with confidential prompts, make sure any cache remains local and session-bound, and clear it when you do not want prompts or responses reused.

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Identical prompts → reuse previous response. Do not re-call. Hash the prompt; if seen recently (within session), return cached reply.

The skill intentionally encourages prompt/response caching. This is aligned with token reduction and is described as session-scoped, but it can temporarily retain or reuse sensitive prompt content.

User impactSensitive prompts or responses could remain available in the session cache and may be reused if the same prompt appears again.

RecommendationKeep caching session-scoped, clear the cache for confidential work, and avoid sharing cached prompt/response data across users or unrelated tasks.