ClawHub

TokenLens Token Value Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a local token-usage helper with some misleading wording around estimates and apply mode, but the artifacts do not show hidden network access, credential use, destructive behavior, or broad system changes.

Before installing, be comfortable with the skill creating and updating files in ~/.openclaw/workspace/memory/tokenlens/. Treat token usage, cost, and savings values as estimates unless connected to a verified data source, and review any printed OpenClaw config commands before running them yourself.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The function presents estimated or mock values as 'current token usage', which can mislead users into making cost, budgeting, or operational decisions based on fabricated data. In a tooling context, deceptive telemetry is a security-relevant integrity issue because downstream automation or users may trust false measurements and act on them as if they were authoritative.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The method claims to apply optimizations when '--apply' is used, but it only prints commands and updates a timestamp indicating optimizations were applied. This creates a false state that can cause users or other components to believe protections or cost-saving settings are active when no changes were actually made.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill tells users to run optimize commands immediately, but does not clearly warn that these actions may change local configuration, tracked data, or optimization state. That can lead users to execute modifying commands under the assumption they are read-only, causing unintended local changes or corrupted workflow settings.

Missing User Warnings

Low
Confidence
80% confidence
Finding
Recommending heartbeat or cron scheduling without warning about recurring report generation or repeated optimization actions can cause users to enable unattended execution they do not fully understand. In context this is local-only and appears non-networked, which limits severity, but automated repeated changes or data growth could still affect local configuration and system hygiene.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal