Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
token-optimizer-off
v1.0.0自动压缩会话输入token,智能管理上下文和任务记忆,将token数量从10万+压缩至8,000以内,降低成本。
⭐ 0· 91·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description describe session-token compression and the shipped scripts implement that: session detection, compression via an LLM, memory indexing, and state management. The skill reads OpenClaw configuration (~/.openclaw/config.json) and memory (~/.openclaw/memory/) which is coherent with its goal to replace full history with summaries. No unrelated services or surprising credentials are requested.
Instruction Scope
SKILL.md and samples instruct the agent to run the provided scripts, read and write files under ~/.openclaw/memory and ~/.openclaw/workspace/skills/token-optimizer, and call compress_session which uses the OpenAI client. This is within scope, but it means the skill will access potentially sensitive files (OpenClaw config may contain API keys) and will write latest-summary.md, backups, and a .session_state.json. The integration example uses subprocess.run with cwd set to a tilde path (not expanded) — a minor implementation detail to fix. Overall the instruction set is explicit and limited to the task, not open-ended.
Install Mechanism
No install spec from external/untrusted URLs is included; files are provided in the skill bundle and requirements.txt only lists the openai library. This is a low-risk install model (instruction/code bundle) with no network download/install step from arbitrary hosts.
Credentials
The skill does not declare required env vars but will read ~/.openclaw/config.json for ai/llm settings and accepts TOKEN_OPTIMIZER_* environment overrides (API key, model, URL). That is proportionate to doing LLM-based compression, but users should be aware the skill will attempt to use/read their OpenClaw config (which may contain credentials). No unrelated credentials or external tokens are requested.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It writes/updates files in the user's OpenClaw memory directory (latest-summary.md, backups, .session_state.json) which is expected behavior for a memory/optimizer skill. It does not modify other skills or global agent settings beyond the memory files it owns.
Assessment
This skill appears to do what it claims: compress conversation history using an LLM and manage per-task memory files. Before installing: (1) review ~/.openclaw/config.json because the scripts will read it and may use its apiKey to call an LLM; ensure you trust that configuration and its permissions; (2) expect the skill to read/write files under ~/.openclaw/memory and create backups and a .session_state.json — back up anything important first; (3) the skill uses the OpenAI client (openai package) and will make network calls to whatever API URL/model you configure; provide an API key only if you trust the code and provider; (4) inspect the provided scripts (they are plain Python and readable) and run them in a safe environment or sandbox before granting access to production data; (5) integration example uses subprocess.run with a path containing '~' (tilde) which may not expand — fix path expansion in your agent code. If you want greater assurance, run the unit tests locally (they mock/require a TOKEN_OPTIMIZER_API_KEY env var) and verify no unexpected network endpoints or logging of secrets occur. If you observe the skill contacting unknown remote endpoints or printing full contents of config/API keys, treat that as suspicious and stop using it.Like a lobster shell, security has layers — review code before you run it.
latestvk97da5nqa3zz53r3d2r2hzm81x835d6e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.