Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
cli output compression for token savings with rtk
v1.0.0RTK (Rust Token Kit) - CLI proxy that reduces LLM token consumption by 60-90% on common dev commands. Use rtk to wrap commands like git, ls, cat, grep, test...
⭐ 0· 91·0 current·0 all-time
byMark Jones@radicalgeek
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the instructions: this is a CLI wrapper that compresses command output. However, the skill is instruction-only and assumes an external Rust binary is installed; no install or provenance is provided (homepage/source unknown). The documentation also lists analytics, tracking, and env-filter features that are not strictly necessary for output compression and increase the attack surface.
Instruction Scope
SKILL.md explicitly tells users/agents to read tee logs (e.g., ~/.local/share/rtk/tee/...), to run commands that show env vars (rtk env -f AWS), and to use tracking/analytics commands (rtk gain, rtk proxy). Those instructions direct the agent to access potentially sensitive files and environment variables that are unrelated to simply summarizing visible CLI output, and they could cause secrets to be read and forwarded into LLM context.
Install Mechanism
No install spec is included (instruction-only), which minimizes immediate disk-write risk from the skill bundle itself. But the skill repeatedly assumes a single Rust binary is present and recommends installing or verifying it; because provenance is unknown (no official homepage/source provided in the package), obtaining that binary from an external source could be risky.
Credentials
The skill declares no required environment variables, but the docs advertise commands that read/filter environment variables (e.g., 'rtk env -f AWS') and reference config files and a tracking database. Reading AWS env vars or arbitrary env values is not justified by the core compression feature and could expose credentials; tracking/database paths could store sensitive command outputs.
Persistence & Privilege
always:false and no install change in this bundle are good. However the docs mention optional auto-rewrite hooks (which, if installed elsewhere, would persistently rewrite commands) and tracking that writes tee logs and a DB under user home/config. Those are optional features but would increase persistence and data collection if enabled by the external binary or by a separate hook installer.
What to consider before installing
This skill's core function (compressing CLI output) is reasonable, but exercise caution before relying on it: 1) The bundle contains no binary or install provenance — do not download or run an unknown 'rtk' binary without verifying its source (official repo, checksums, signatures). 2) Avoid running features that read environment variables or tee logs (e.g., 'rtk env -f AWS', reading ~/.local/share/rtk/tee/*) until you confirm the binary is trustworthy; these can leak credentials. 3) If you install rtk, review and disable tracking/analytics and the tee/DB paths in its config, or point them to a safe location. 4) Don’t enable any auto-rewrite shell hooks system-wide unless you’ve audited their installer and code. 5) Prefer running commands without rtk or with 'rtk proxy' in a controlled test environment first to observe what the binary does. If you want to proceed safely, obtain the binary from an authoritative source, verify signatures/checksums, and audit its behavior in an isolated container.Like a lobster shell, security has layers — review code before you run it.
latestvk9715yksw18v0dfb2sgsdypgps838zva
License
MIT-0
Free to use, modify, and redistribute. No attribution required.