Skills
skills/openclaw/skills/context-optimizer/Gen Agent Trust Hub

context-optimizer

Warn

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (MEDIUM): High susceptibility to Indirect Prompt Injection (Category 8). 1. Ingestion points: Conversation messages via processMessages. 2. Boundary markers: Absent in documentation. 3. Capability inventory: Context modification and file-writing (archivePath). 4. Sanitization: None documented. Summarizing or archiving untrusted user messages can preserve malicious instructions, which may be re-injected into the active context via the 'logToChat' or 'Archive Retrieval' features.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill downloads machine learning models at runtime. Evidence: INSTALL.md states @xenova/transformers downloads an 80MB embedding model from HuggingFace.
  • [COMMAND_EXECUTION] (LOW): Standard installation steps. Evidence: README.md and INSTALL.md provide npm install and directory creation commands.
  • [DATA_EXPOSURE] (INFO): Local conversation storage. Evidence: The archive feature writes conversation data to ./context-archive, which requires filesystem protection.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 14, 2026, 02:13 PM