扫描报告
0 /100
proxy-token-optimizer
Optimize LLM token usage and API costs for openclaw-manager proxy platform
Legitimate token optimization skill with clean code, clear documentation, and no malicious behavior. All scripts perform their stated functions without hidden functionality.
可以安装
This skill is safe for deployment. All behaviors are accurately documented and the code matches the stated purpose.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | WRITE | ✓ 一致 | context_optimizer.py:117 writes AGENTS.md.optimized (documented in SKILL.md) |
| 网络访问 | NONE | NONE | — | No network calls in any script |
| 命令执行 | NONE | NONE | — | No subprocess/shell execution in any script |
| 数据库 | READ | READ | ✓ 一致 | usage_report.py and quota_advisor.py query PostgreSQL (documented in SKILL.md) |
| 环境变量 | NONE | NONE | — | No os.environ iteration |
| 技能调用 | NONE | NONE | — | No cross-skill invocation |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser access |
目录结构
8 文件 · 38.0 KB · 1178 行 Python 6f · 1012L
Markdown 1f · 161L
JSON 1f · 5L
├─
▾
scripts
│ ├─
cli.py
Python
│ ├─
context_optimizer.py
Python
│ ├─
heartbeat_config.py
Python
│ ├─
model_router.py
Python
│ ├─
quota_advisor.py
Python
│ └─
usage_report.py
Python
├─
_meta.json
JSON
└─
SKILL.md
Markdown
安全亮点
✓ No network requests - all instance-side scripts are purely local
✓ No shell execution or subprocess calls
✓ SQL injection protection via parameterized queries (sqlalchemy text() with bound params)
✓ Clear separation between instance-side (local) and platform-side (DB) scripts
✓ Documentation accurately reflects code behavior - no doc-to-code mismatch
✓ No credential harvesting or sensitive path access
✓ File writes are limited to generating AGENTS.md.optimized (documented behavior)
✓ No obfuscation techniques (no base64, eval, or encoded strings)
✓ Clean imports - only standard library and required dependencies (sqlalchemy, pathlib)