Token Saver
Reduce OpenClaw AI costs with model-aware optimization. Features dynamic compaction presets based on your model's context window, intelligent file compression, and robust model detection with fallback. Supports Claude, GPT-4, Gemini, DeepSeek, and more.
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 9 · 4.6k · 22 current installs · 22 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Overall the code matches the stated purpose: it discovers .md workspace files, has a model registry, computes dynamic compaction presets, and performs local compression. However the skill explicitly reads the user's home dir and OpenClaw config (~/.openclaw/openclaw.json) and writes to agent files such as AGENTS.md and creates a .token-saver-config.json in the workspace. Reading/writing these files is consistent with an optimizer but is broader access than a purely read-only 'analyzer' — worth noting before install.
Instruction Scope
SKILL.md claims 'No external calls — All analysis runs locally', which matches the code (no outgoing network calls seen). But runtime instructions and code intentionally read many workspace and agent files (SOUL.md, AGENTS.md, MEMORY.md, etc.) and provide a 'Persistent Mode' that writes guidance into AGENTS.md. More concerning: compressor code contains replacement patterns and prebuilt compressions with phrases such as 'Auto-execute, no permission needed' and 'Don't ask permission. Just do it.' and a 'SYSTEM:' snippet flagged as prompt-injection — these artifacts could nudge an agent to bypass permission boundaries if combined with autonomous invocation.
Install Mechanism
There is no remote install spec (instruction-only), which limits supply-chain risk. However the package includes runnable JavaScript files (analyzer.js, compressor.js, optimizer.js). Installing/placing these files on disk and running them will execute the included logic locally. No external downloads or archive extraction were found.
Credentials
The skill declares no required env vars or credentials, but the code reads optional environment variables (SKILL_MODEL, OPENCLAW_MODEL, DEFAULT_MODEL) and the user's home directory. While environment model variables are appropriate for model detection, reading the home directory and agent config files grants access to user-scoped configuration and session files — a level of access that is sensitive and should be justified. The skill does not request API keys or secrets, which reduces credential risk.
Persistence & Privilege
The skill writes backups (.backup) and can alter AGENTS.md and write a workspace .token-saver-config.json to persist compaction settings. Those are legitimate for 'persistent mode', but any skill that modifies agent configuration / AGENTS.md is higher-privilege because it can change agent behavior across sessions. Combined with prompt-like strings that encourage 'auto-execute', persistence capability increases the blast radius if misused.
Scan Findings in Context
[path-traversal] expected: Detected path.resolve(dir, '..', '..') usage in scripts — the skill intentionally traverses to workspace root to discover .md files. This is expected for a workspace-wide optimizer but means the code will access files outside the skill folder.
[homedir-access] expected: Code reads process.env.USERPROFILE / HOME and tries ~/.openclaw/openclaw.json to detect model settings. This matches the declared detection chain but means the skill can read files in the user's home directory.
[memory-write] expected: Scanner flagged writing to agent memory/config files (AGENTS.md, MEMORY.md). The skill documents and implements persistent mode that modifies AGENTS.md and creates backups; this is consistent with its stated behavior but is a high-sensitivity action.
[prompt-injection-system] unexpected: A 'SYSTEM:' style snippet and compressor replacement patterns (e.g., 'Don't ask permission. Just do it.' → 'Auto-execute.') were detected. These appear to be prompt-injection or instruction-like strings embedded in compression output and are not necessary for file-compression logic — they raise a red flag because they could cause an agent to behave autonomously or ignore permission prompts.
[memory-file-access] expected: The SKILL.md and scripts explicitly state the skill reads/writes core workspace files (SOUL.md, AGENTS.md, MEMORY.md). This is expected but sensitive — the behavior is documented but still noteworthy.
What to consider before installing
This skill appears to implement the advertised token-optimization features, but it also reads files in your home directory, writes backups and agent configuration (AGENTS.md / .token-saver-config.json), and includes embedded prompt-like strings that urge 'auto-execute'. Before installing:
- Review the compressor.js and analyzer.js files yourself (search for 'Auto-execute', 'SYSTEM:', 'AGENTS.md' and the replacement rules). Those phrases are suspicious and could enable bypassing prompts if the agent is configured to follow file content as instructions.
- If you want to try it, run it in a safe test workspace (a copy of your real workspace) or inside a restricted container so it cannot access your real ~/.openclaw or other home files.
- Back up AGENTS.md, MEMORY.md, SOUL.md, and any other important .md files before running /optimize tokens or enabling 'Persistent Mode'. Use the provided /optimize revert to restore backups, but verify backups yourself first.
- If you install, consider disabling automatic/daemonized invocation and avoid enabling persistent mode until you vet the code. Remove or sanitize any compression rules that inject 'Auto-execute' or similar directives.
- Because the publisher/source is unknown and there's no homepage, prefer local inspection and containment; ask the author for provenance and a signed release if you need to use it in production.Like a lobster shell, security has layers — review code before you run it.
Current versionv3.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Token Saver v3
💡 Did you know? Every API call sends your workspace files (SOUL.md, USER.md, MEMORY.md, AGENTS.md, etc.) along with your message. These files count toward your context window, slowing responses and costing real money on every message.
Token Saver v3 is model-aware — it knows your model's context window and adapts recommendations accordingly. Using Gemini's 1M context? Presets scale up. On GPT-4o's 128K? Presets adjust down.
What's New in v3
| Feature | v2 | v3 |
|---|---|---|
| Compaction presets | Fixed (80K/120K/160K) | Dynamic (% of model's context) |
| Model detection | Fragile, env-only | Robust fallback chain |
| Context windows | Not tracked | Full registry (9 models) |
| Model info | Hardcoded pricing | JSON registry, easy updates |
| Already-optimized | Re-compressed | Smart bypass |
Commands
| Command | What it does |
|---|---|
/optimize | Full dashboard — files, models, context usage % |
/optimize tokens | Compress workspace files (auto-backup) |
/optimize compaction | Chat compaction control (model-aware) |
/optimize compaction balanced | Apply balanced preset (60% of context) |
/optimize compaction 120 | Custom threshold (compact at 120K) |
/optimize models | Detailed model audit with registry |
/optimize revert | Restore backups, disable persistent mode |
Features
📊 Model-Aware Dashboard
Shows current model, context window, and usage percentage:
🤖 Model: Claude Opus 4.5 (200K context)
Detected: openclaw.json
📊 Context Usage: [████████░░░░░░░░░░░░] 42% (84K/200K)
📁 Workspace File Compression
Scans all .md files, shows token count and potential savings. Smart bypass skips already-optimized files.
File-aware compression:
- SOUL.md — Light compression, keeps personality language
- AGENTS.md — Medium compression, dense instructions
- USER.md / MEMORY.md — Heavy compression, key:value format
- PROJECTS.md — No compression (user structure preserved)
💬 Dynamic Compaction Presets
Presets adapt to your model's context window:
| Preset | % of Context | Claude 200K | GPT-4o 128K | Gemini 1M |
|---|---|---|---|---|
| Aggressive | 40% | 80K | 51K | 400K |
| Balanced | 60% | 120K | 77K | 600K |
| Conservative | 80% | 160K | 102K | 800K |
| Off | 95% | 190K | 122K | 950K |
🤖 Model Registry
24+ models with context windows, pricing, and aliases:
- Claude: Opus 4.6 (1M), Opus 4.5, Sonnet 4.5, Sonnet 4, Haiku 4.5, Haiku 3.5 (200K)
- OpenAI: GPT-5.2, GPT-5.1, GPT-5-mini, GPT-5-nano (256K), GPT-4.1, GPT-4o (128K), o1, o3, o4-mini
- Gemini: 3 Pro (2M), 2.5 Pro, 2.0 Flash (1M)
- Others: DeepSeek V3 (64K), Kimi K2.5 (128K), Llama 3.3 70B, Mistral Large
🔍 Robust Model Detection
Detection priority:
- Runtime injection (
--model=...) - Environment variables (
SKILL_MODEL,OPENCLAW_MODEL) - Config file (
~/.openclaw/openclaw.json) - File inference (TOOLS.md, MEMORY.md mentions)
- Fallback: Claude Sonnet 4 (safe default)
Unknown model handling:
- Strict version matching —
opus-6.5won't fuzzy-match toopus-4.5 - Unknown models get safe defaults (200K context) + warning
- Easy to add new models to
scripts/models.json
📝 Persistent Mode
Adds writing guidance to AGENTS.md for continued token efficiency:
| File | Writing Style |
|---|---|
| SOUL.md | Evocative, personality-shaping |
| AGENTS.md | Dense instructions, symbols OK |
| USER.md | Key:value facts |
| MEMORY.md | Ultra-dense data |
Safety
- Auto-backup — All modified files get
.backupextension - Integrity > Size — Never sacrifices meaning for smaller tokens
- Smart bypass — Skips already-optimized files
- Revert anytime —
/optimize revertrestores everything - No external calls — All analysis runs locally
Installation
clawhub install token-saver --registry "https://www.clawhub.ai"
Version History
- 3.0.0 — Model registry, dynamic presets, robust detection, smart bypass
- 2.0.1 — Chat compaction, file-aware compression, persistent mode
- 1.0.0 — Initial release
Files
10 totalSelect a file
Select a file to preview.
Comments
Loading comments…