Skip to main content
For OpenClaw 🦞

Agent Optimizer

Stop burning money on misconfigured AI agents

Your OpenClaw 🦞 agents are leaking tokens, running stale configs, and loading skills that phone home to billing APIs. You just don't know it yet. Agent Optimizer finds every issue in one command — and fixes most of them automatically.

🦞 Install FreeSee pricing
agent-optimizer

Features

What it does.

Cost Estimator

See your estimated monthly spend in £/$ based on your model, context window, and heartbeat. Recognises subscription models (Claude CLI, Codex), self-hosted models (LM Studio, Ollama), and flags expensive fallback models that could spike costs.

Config Audit

Catches invalid thinkingDefault values, legacy model aliases (gpt-5.4-codex), thinking mode incompatibilities (xhigh on unsupported models), duplicate fallbacks, and unknown config keys that crash the gateway.

Cache Efficiency

Detects heartbeats in the Anthropic 5-minute cache dead zone, missing cacheRetention settings, frequent heartbeats without lightContext, and expensive compaction models burning tokens on summarization.

Security Scanner

Per-skill risk scoring (clean/suspicious/dangerous). Detects hidden billing, eval(), obfuscated code, risky npm dependencies, suspicious URLs, and unexpected executable files. Checks provenance — ClawHub vs local.

Bootstrap File Analysis

Checks every workspace file (SOUL.md, TOOLS.md, MEMORY.md, IDENTITY.md) against the 20K per-file and 150K total budget. Catches files that will be silently truncated or dropped from context entirely.

Channel Security

Audits DM and group policies across Telegram, WhatsApp, Discord, Slack, and more. Flags open DM policies, empty allowlists, mutable ID risks, and missing default security policies.

Token Efficiency

Flags context windows burning 5x more tokens than needed, heartbeats firing 24 times a day for no reason, and subagent concurrency eating your API budget.

Legacy Override Detection

Finds Codex transport overrides that shadow your OAuth path, hardcoded API keys in models.json, stale model API entries, allowPrivateNetwork misuse, and placeholder gateway credentials that crash v2026.4.12+.

Fleet Audit via SSH

Audit every OpenClaw instance in your fleet with one command. SSH into your agents wherever they live. Per-host status, config drift detection, gateway health.

Auto-Fix with Profiles

Three optimization profiles — minimal, balanced, aggressive — that automatically apply token-saving changes with a config backup. One command to go from bleeding money to running lean.

Memory Search Audit

Validates your embedding provider config, hybrid search weights, embedding cache settings, sqlite-vec acceleration, Dreaming schedule, Active Memory plugin, and QMD backend limits.

Local Model Tuning

Running LM Studio or Ollama? Recommends localModelLean mode, catches context windows larger than your model supports, detects compaction reserve overflow, and warns on aggressive heartbeats and subagent concurrency.

Security Advisories

Auto-detects your OpenClaw version and checks against 14 known security issues — config.patch bypass, approval prompt secret leaks, symlink traversal, SSRF gaps, timing attacks, and more. Tells you exactly which version to upgrade to.

How it works

4 simple steps.

1

Install (free)

npm install -g @drakon-systems/agent-optimizer — works on macOS, Linux, and Windows. Node 20+ required. No account, no sign-up.

2

Audit (free)

Run agent-optimizer audit — full config scan, token analysis, security check, legacy override detection. See every issue with specific fix instructions. Completely free, no license needed.

3

See what you'd save (free)

Run agent-optimizer optimize --dry-run to preview exactly what would change and how much you'd save. No changes applied, no license required.

4

Activate & fix

Buy a license, run agent-optimizer activate, then agent-optimizer audit --fix to auto-apply everything. Fleet license unlocks multi-host SSH auditing.

🦞

Install in 10 seconds

macOS, Linux, and Windows. Node.js 20+. No account needed.

npm install -g @drakon-systems/agent-optimizer
agent-optimizer audit
agent-optimizer scan
agent-optimizer optimize --dry-run

All three commands are free — no license needed

Full command reference+
# FREE
agent-optimizer audit             # Full 70+ check audit
agent-optimizer audit --json      # Machine-readable
agent-optimizer scan              # Malware + billing scan
agent-optimizer optimize --dry-run # Preview changes
agent-optimizer drift --name golden # Config drift

# LICENSED (Solo £29+)
agent-optimizer audit --fix       # Auto-fix
agent-optimizer optimize          # Apply optimizations
agent-optimizer optimize --only heartbeat
agent-optimizer optimize --skip context

# FLEET (£79+)
agent-optimizer fleet --hosts a,b,c # SSH fleet audit

# UTILITY
agent-optimizer snapshot save --name golden
agent-optimizer rollback
agent-optimizer update
agent-optimizer activate <key>
agent-optimizer license
View on npmView on GitHub
🦞

Purpose-built for OpenClaw

Agent Optimizer isn't a generic config linter. Every check, every scanner, every optimization profile is built specifically for OpenClaw's config format, auth system, plugin architecture, and ClawHub skill ecosystem.

🦞 What we audit

  • openclaw.json — model config, memory search, compaction, heartbeat, local model tuning
  • auth-profiles.json — token expiry, duplicates, provider coverage, placeholder credentials
  • models.json — legacy overrides, model aliases, hardcoded keys, allowPrivateNetwork
  • ClawHub skills — billing integrations, malware, eval() calls
  • OpenClaw version — 14 known security advisories from v2026.4.12–4.15
  • Plugin allowlist — stale installs, bundled plugin recognition, orphaned entries

🦞 What we've caught

  • ClawHub skill charging 0.001 USDT per call via hidden SkillPay.me
  • thinkingDefault: "auto" crashing gateways on startup
  • 1M context tokens burning £150/month when 200K would do
  • Legacy Codex transport overrides shadowing OAuth paths
  • Stale API keys from credential exposures still in auth profiles
  • Heartbeats firing 24x/day burning tokens on idle agents

Built from production fleet management

Every check in Agent Optimizer exists because we hit that problem ourselves — running 5 AI agents across 4 servers, managing auth profiles, rotating keys, catching skills with hidden billing, and fixing config drift after every update.

Real fleet. Real problems.

Jarvis, Edith, TARS, CASE, Friday — each running OpenClaw on different hardware with different models, different auth, and different failure modes. Every auditor catches something we actually broke.

Security-first scanning

We found a ClawHub skill charging 0.001 USDT per API call through a hidden SkillPay.me integration. That's why the scanner exists. Your agents deserve better than trust-by-default.

CLI-native. No dashboard tax.

No web UI to maintain. No SaaS subscription. No account. Install, activate, run. Results in your terminal in under 2 seconds. Because operators live in terminals.

70+

Audit Checks

15

Auditor Modules

130

Tests Passing

0

Phone-Home Calls

Pricing

Simple, transparent pricing.

Free

£0

See every issue. First 3 fix instructions free.

  • Full 70+ check audit — every issue detected
  • First 3 fix instructions shown (rest require license)
  • Security scanner for skills, plugins, and hooks
  • Optimize --dry-run (preview changes)
  • Health score and savings estimate
  • Unlimited runs, forever
Install Free

Solo

£29

Unlock all fix instructions + auto-apply. One machine.

  • All fix instructions unlocked (not just first 3)
  • audit --fix (auto-apply safe fixes)
  • optimize (apply token-saving profiles)
  • Config backup before every change
  • Offline license (RSA-signed, no phone-home)
Buy Solo — £29
Recommended

Fleet

£79

Audit and fix your entire agent fleet from one terminal.

  • Everything in Solo
  • Fleet audit via SSH (unlimited hosts)
  • Per-host config comparison
  • Config drift detection across agents
  • Gateway status monitoring
🦞 Buy Fleet — £79

Lifetime

£149

One payment. Never pay again. Everything we build, forever.

  • Everything in Fleet
  • 12 months of updates included
  • Priority email support
  • Early access to new auditors
  • Future fleet dashboard (when released)
Buy Lifetime — £149

Frequently Asked Questions

What is Agent Optimizer?+
A CLI tool that audits your OpenClaw configuration, finds token waste, catches security issues in installed skills/plugins, detects legacy overrides, and applies optimizations automatically. Built by the team that runs a fleet of 5 AI agents in production.
How much can I actually save?+
Typical savings are 3-5x on token costs. The most common win is reducing contextTokens from 1M to 200K — most conversations don't need a million tokens of context, but OpenClaw defaults to it. A single agent burning 1M tokens per turn at $15/MTok costs roughly £150/month. At 200K, that drops to £30.
Does it phone home or require an account?+
No. The license is an RSA-signed token verified entirely offline. No telemetry, no analytics, no account creation. The only network call is the one-time activation when you first enter your key.
What does the security scanner catch?+
Hidden billing integrations (like SkillPay.me charging per API call), eval() usage, shell command injection patterns, suspicious HTTP calls to non-standard endpoints, and payment/cryptocurrency references. We built this after finding a ClawHub skill that was silently charging 0.001 USDT per call.
Can I use this on a server I don't have local access to?+
Yes. The Fleet license includes SSH-based auditing. Point it at any host in your SSH config and it reads the remote OpenClaw config over SSH. No installation needed on the remote machine.
What OpenClaw versions are supported?+
Agent Optimizer works with OpenClaw 2026.2.x through 2026.4.12+. It reads openclaw.json, auth-profiles.json, and models.json — including v2026.4.12 features like LM Studio, bundled Codex provider, Active Memory, Dreaming, and allowPrivateNetwork.
What if I lose my license key?+
Go to the license retrieval page and enter the email you used to purchase. Your activation key will be shown instantly. You can also run agent-optimizer license to check your current status, or email support@drakonsystems.com.
Is there a free version?+
Yes. Install it and run agent-optimizer audit — you get the full audit, every check, every result, with specific fix instructions. The security scanner (agent-optimizer scan) and optimize preview (agent-optimizer optimize --dry-run) are also free. You only need a license to auto-apply fixes and run fleet-wide SSH audits.
How do I install and activate it?+
Three steps: (1) Install: npm install -g @drakon-systems/agent-optimizer — works on macOS, Linux, and Windows with Node.js 20+. (2) Run the free audit: agent-optimizer audit — no license needed. (3) If you buy a license, you'll get an activation key (like AO-FLEE-A1B2C3D4-E5F6G7H8) on screen and by email. Activate it with: agent-optimizer activate YOUR-KEY. That's it — one command, stored locally, no account needed.

🦞 Your agents are bleeding tokens. Find out where.

One install, one command, one report. Every misconfiguration, every security issue, every wasted token — found and fixed.

🦞 Get Agent Optimizer