v1.0.5

Token Usage Optimizer

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:54 AM.

Analysis

The usage-monitoring purpose is coherent, but the skill handles and modifies Claude OAuth credentials and can run recurring/implicit Claude checks, so it needs careful review before use.

GuidanceReview the scripts before entering tokens. Install only if you trust the source and are comfortable with the skill storing OAuth tokens, reading/updating ~/.claude credentials, optionally running Claude CLI checks, and setting up a recurring cron health check.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

scripts/check-usage.sh

echo "ping" | claude --quiet >/dev/null 2>&1 || true

A normal usage check silently invokes the Claude CLI with a prompt-like input when the CLI is present, before extracting a fresh token from the local credentials file.

User impactA simple usage check may make an unexpected Claude CLI request, potentially consuming usage or changing local authentication state without a separate confirmation.

RecommendationMake Claude CLI refresh behavior opt-in and documented, avoid model/prompt invocations for token refresh, and ask before changing local token files.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

openclaw cron add --name "claude-token-refresh" --every 30m --announce --message "Запусти {baseDir}/scripts/auto-refresh-cron.sh"

The documentation recommends a recurring OpenClaw cron task that runs the token health-check script every 30 minutes.

User impactIf enabled, the skill will keep performing background credential-backed checks until the cron job is removed.

RecommendationEnable the cron job only if you want ongoing alerts, document how to remove it, and periodically review whether it is still needed.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

scripts/check-usage.sh

source "$TOKEN_FILE"

The token file is executed as shell code rather than parsed purely as data. The setup script creates this file, but unexpected shell syntax in it would execute when checks run.

User impactIf the .tokens file is tampered with or populated with non-token shell syntax, running the checker could execute unintended commands under your user account.

RecommendationUse only a skill-generated .tokens file, keep its permissions restrictive, and prefer parsing/validating token values instead of sourcing the file.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

scripts/auto-refresh-cron.sh

creds_file = os.path.expanduser('~/.claude/.credentials.json') ... creds['claudeAiOauth']['accessToken'] = "$ACCESS_TOKEN" ... creds['claudeAiOauth']['refreshToken'] = "$REFRESH_TOKEN" ... json.dump(creds, f, indent=2)

The script writes stored OAuth access and refresh tokens into the user's Claude CLI credential file, which is account-level authentication material and can affect later Claude CLI sessions.

User impactRunning the skill can modify your Claude authentication profile, not just read usage statistics. A bug, stale token, or untrusted copy of this skill could disrupt or misuse account credentials.

RecommendationOnly run this from a trusted source, back up or inspect ~/.claude/.credentials.json first, and prefer a clearly scoped/read-only token if available. The skill should explicitly declare its credential and config-file access.