Skills
skills/aaaaqwq/agi-super-team/inference-optimizer/Gen Agent Trust Hub

inference-optimizer

Warn

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the agent to execute multiple local bash scripts, including openclaw-audit.sh and purge-stale-sessions.sh, to perform its primary functions.
  • [COMMAND_EXECUTION]: The purge-stale-sessions.sh script performs destructive file deletions using find -delete and rm -f on session and memory directories.
  • [COMMAND_EXECUTION]: A setup script (setup.sh) is used to automatically modify the agent's core workspace files, specifically AGENTS.md and TOOLS.md, to append new executable commands.
  • [COMMAND_EXECUTION]: In optimization-agent.md, the agent is instructed to generate and execute deployment scripts that manage system services, such as restarting the OpenClaw gateway.
  • [PROMPT_INJECTION]: The skill includes a 'Task 2' where the agent rewrites its own system instructions (e.g., SOUL.md, AGENTS.md). This creates a significant surface for indirect prompt injection if untrusted data has been stored in memory or other files the agent reads during the rewrite process.
  • [DATA_EXFILTRATION]: The audit script calculates and displays token counts and character sizes of internal agent logic files, potentially exposing details about the bot's internal configuration and operational structure to the user chat.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 13, 2026, 06:59 AM