扫描报告
5 /100
anthropic-cost-optimizer
Audits and rewrites OpenClaw config to minimize Anthropic API token costs using five cost levers (prompt caching, model routing, thinking scope, 1M context, fast mode)
A legitimate OpenClaw config optimizer that reads config files and rewrites them with user confirmation — no security concerns found.
可以安装
This skill is safe to use. No action needed.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ,WRITE | READ,WRITE | ✓ 一致 | SKILL.md lines 29-50: reads config from ./ ~/.openclaw/ ~/ paths; SKILL.md Step … |
| 网络访问 | NONE | NONE | — | No network requests found; references/pricing.md is a local reference file only |
| 命令执行 | NONE | NONE | — | No subprocess, Bash, or shell commands anywhere in the skill |
| 环境变量 | NONE | NONE | — | Skill does not read or iterate environment variables |
| 剪贴板 | NONE | NONE | — | No clipboard access mentioned or observed |
| 浏览器 | NONE | NONE | — | No browser or web fetch usage |
| 数据库 | NONE | NONE | — | No database access |
目录结构
2 文件 · 8.9 KB · 280 行 Markdown 2f · 280L
├─
▾
references
│ └─
pricing.md
Markdown
└─
SKILL.md
Markdown
安全亮点
✓ SKILL.md accurately describes all capabilities and behavior with no hidden functionality
✓ All file writes require explicit user confirmation via 'Apply these changes?' prompt before any config is modified
✓ Only reads/writes OpenClaw config files — no access to sensitive paths like ~/.ssh, ~/.aws, or .env
✓ No shell commands, subprocess, or any form of code execution
✓ No network requests — pricing data is read from a local static reference file only
✓ No credential harvesting, credential storage, or environment variable access
✓ No obfuscation, base64 payloads, or suspicious encoded content
✓ Config writing is scoped to the user's config file path only, not arbitrary filesystem locations
✓ Skill is purely a configuration audit/rewrite utility — the scope is narrow and benign