3-Layer Token Compressor — Cut AI API Costs 40-60%
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
Before installing, make sure you are comfortable with your prompts and old conversation turns being sent to your local or configured Ollama model, and with responses/summaries held in process memory. Keep Ollama local or trusted, call reset() between conversations or users, and verify compressed output for sensitive or high-stakes tasks. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A maliciously phrased or complex prompt could be compressed inaccurately, causing the downstream paid API to see altered intent.
User-controlled text is embedded into a local model prompt, and the model output may replace the user's original text for downstream use.
Original: "${message}" ... const result = await this._queryOllama(prompt);Use this for cost reduction, not as a fidelity or security boundary; review or bypass compression for legal, financial, security, executable, or other high-stakes prompts.
If Ollama is configured to a shared or non-local endpoint, prompt and conversation-history text could leave the user's machine.
Messages and summaries are sent over HTTP to the configured Ollama endpoint; the default is local, but the destination is configurable.
this.ollamaHost = config.ollamaHost || 'localhost'; ... hostname: this.ollamaHost, port: this.ollamaPort, path: '/api/chat'
Keep Ollama bound to localhost or another trusted private endpoint, and avoid processing secrets unless that endpoint is trusted.
A reused compressor instance can retain conversation-derived data and may return cached responses or carry summary context into later calls until reset or expiry.
The skill stores cached responses and a rolling history summary in process memory, with a default one-hour cache TTL.
this.cache = new Map(); ... this.cacheTTL = config.cacheTTL || 3600000; ... this.historySummary = null;
Call reset() between conversations or users, use per-user instances in multi-user apps, and lower or disable cache settings for sensitive sessions.
Users must manually provide the runtime environment and should inspect the bundled source before wiring it into paid API workflows.
The package includes source code but has limited provenance metadata and no automated install specification.
Source: unknown; Homepage: none; Install specifications: No install spec — this is an instruction-only skill.
Install only from a trusted channel, pin or review this source version, and verify Node.js/Ollama setup manually.