usage-costs

This skill appears to do what it claims (compute token usage/costs from OpenClaw data), but there are concrete operational risks you should consider before installing or enabling it: - Inspect the .context file (/opt/ocana/openclaw/workspace/skills/usage-costs/.context) before allowing the skill to run. Because the skill sources that file, any shell code in it would be executed — ensure it contains only simple key=value lines and no commands. - Confirm the OpenClaw CLI and the directories referenced (/opt/ocana/openclaw/cron/runs, /opt/ocana/openclaw/agents/main/sessions, /opt/ocana/openclaw/workspace/data) are accessible only to trusted users; the skill reads potentially sensitive session and run logs. - Be aware the skill appends to token-history.jsonl. If you want read-only reporting, avoid or sandbox the write step (or require manual approval before writes). - Prefer safer alternatives: instead of sourcing a shell file, the skill could parse a JSON config or accept explicit declared env vars. If you maintain this environment, consider replacing 'source' with a non-executing parser. - Run the skill with least privilege (non-root agent user) and, if possible, test in a staging environment first. Why 'suspicious' rather than 'benign': there is no evidence of misdirection or external exfiltration, but the use of 'source' on a file and implicit reading/writing of shared system files increases risk and constitutes a mismatch with the declared metadata (no env vars declared). If you can confirm the .context contents are benign and you accept the on-disk writes, the remaining footprint is reasonable for the stated purpose. If you want higher confidence, provide the contents of the .context file (or confirm it's purely key=value), and confirm file permissions/owners for the referenced paths — that information would allow raising confidence to high or downgrading the concern.