Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Token Usage Optimizer
v1.0.5Maximize your Claude Code subscription value with smart usage monitoring and burn rate optimization. Track 5-hour session and 7-day weekly quotas, get one-ti...
⭐ 0· 780·2 current·2 all-time
byRuslan Popesku@rusel95
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description align with the code and instructions: it polls Anthropic's usage endpoint, computes burn rate, caches results, and reports. Required binaries (curl, date, grep) match the shell-script implementation and are proportional to the stated goal.
Instruction Scope
SKILL.md and scripts instruct the agent/user to locate and extract OAuth tokens from local Claude CLI files or browser DevTools. Scripts read local token files and config (~/.claude/.credentials.json, various auth.json locations) and will attempt to sync/update that credentials JSON silently — a scope expansion beyond simply reading an API to measure usage. The token-extraction guidance (searching LocalStorage/secret-tool) is sensitive and could expose credentials if followed carelessly.
Install Mechanism
No remote install or download is performed; the skill is instruction- and script-based with no installer. That keeps install risk low because nothing is fetched and executed from an untrusted URL.
Credentials
The skill declares no environment variables or external credentials but legitimately requires the user's Claude access and refresh tokens. Asking for those tokens is necessary for the stated purpose, but the skill also reads/writes other local credential files (claude CLI credentials) which increases the sensitivity of the requested secrets.
Persistence & Privilege
Scripts write to/modify an external application's credentials file (~/.claude/.credentials.json) to 'sync' tokens and also create state/cache files under /tmp and a .tokens file inside the skill directory. Modifying another tool's credential file is higher privilege than simply storing its own state and should be highlighted to users.
What to consider before installing
This skill appears to implement the advertised usage-monitoring functionality, but it asks you to provide your Claude access/refresh tokens and its scripts will read local credential files and may update your ~/.claude/.credentials.json automatically. Before installing or running it:
- Only install from a source you trust (the registry shows unknown/unnamed origin here). Verify the repository and author.
- Inspect the included scripts yourself (they're all present) and confirm you are comfortable with them reading/writing ~/.claude/.credentials.json and creating a local .tokens file. The scripts set .tokens permissions to 600, which is good, but ensure the file is stored in a safe location.
- Consider running the tool in an isolated environment (container or dedicated user account) if you do not want it touching your main ~/.claude credentials.
- If you proceed, keep tokens short-lived and rotate them after testing; avoid pasting long-lived credentials unless necessary.
- If you want lower privilege: modify the scripts to disable the code that writes to ~/.claude/.credentials.json and require explicit user action to sync tokens.
I rated this as suspicious (not malicious) because the behavior can be explained by legitimate integration needs, but the automatic modification of another app's credential file and the token-extraction guidance materially increase risk and deserve explicit user consent and review.Like a lobster shell, security has layers — review code before you run it.
latestvk977hvactkze344tkpxspp6tw581nsgj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📊 Clawdis
OSmacOS · Linux
Binscurl, date, grep