Skills
skills/aaaaqwq/claude-code-skills/inference-optimizer/Gen Agent Trust Hub

inference-optimizer

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell scripts, specifically openclaw-audit.sh and purge-stale-sessions.sh, to perform system maintenance tasks such as auditing token usage and deleting old session files.
  • [COMMAND_EXECUTION]: The setup.sh script modifies local workspace configuration files (AGENTS.md and TOOLS.md) by appending command definitions and changes file permissions using chmod.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and processes untrusted data from session log files (.jsonl) during audit and optimization tasks.
  • Ingestion points: scripts/openclaw-audit.sh and optimization-agent.md access session logs located in ~/.openclaw/agents/main/sessions/.
  • Boundary markers: Absent. The agent instructions do not implement specific delimiters or 'ignore' instructions when summarizing or processing session data.
  • Capability inventory: The skill possesses the capability to execute shell commands (bash, rm, find) and rewrite primary workspace files.
  • Sanitization: Absent. Content read from session log files is processed without evidence of sanitization or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:15 PM