Tokenmin

Find what you're wasting in your Claude bill.

One curl line. 60 seconds. A ranked report of every dollar your Claude usage is leaving on the table — with the exact fix for each.

open-source scanner HMAC-anonymized multi-Claude (Code / Desktop / web) private preview

Install

curl --proto '=https' --tlsv1.2 -fsSL https://tokenmin.ai/install.sh | bash

No gh, no brew, no auth setup. The installer detects every Claude variant on your machine, drops a single tokenmin command on PATH, and offers to add it to your shell rc with consent.

The first 60 seconds

After install, one command. Renders inline, in your terminal:

tokenmin

~ tokenmin

▶ scanning ~/.claude ✓ found 57 sessions in last 14 days ✓ anonymized ✓ analyzed Tokenmin Claude usage audit ──────────────────────────────────────────────────────────────────────── scanned 57 sessions over 14 days est. spend (window): $6,860 model mix: Opus 99% · Sonnet 1% ──────────────────────────────────────────────────────────────────────── Headline ~$7,151/mo recoverable across 7 fix(es), ~4.8 hrs total 1. A lot of your spend is on Opus — route by tier $$$$ ▮▮▮▮▮▮▮▮▮▮ $7,055/mo 0.1 hrs · conf 55% · model routing evidence: 100% of $6,860 weekly spend on Opus across 52 sessions. → tokenmin show model_overspend 2. Long sessions without /clear — context bloat is taxing you $$ ▯▯▯▯▯▯▯▯▯▯ $25/mo 0.2 hrs · conf 70% · context discipline evidence: median session 72 user turns; 39 ran past 40 turns. → tokenmin show long_sessions_no_clear 3. No global CLAUDE.md — Claude restarts from zero each project $$ ▯▯▯▯▯▯▯▯▯▯ $33/mo 0.5 hrs · conf 95% · context discipline → tokenmin show no_global_claude_md ───────────────────────────────────── next steps: tokenmin show <id> drill into one finding tokenmin watch live dashboard while you work tokenmin help 30-second walkthrough

Real output from a real ~/.claude. Findings are ranked by recoverable spend; the per-finding bar shows relative impact; the $$$$/$$$/$$/$ pill is the severity tier.

Live dashboard

Run tokenmin watch while you work. Refreshes every 2 seconds in place. Shows the active session's spend, cache hit ratio (color-coded against Anthropic's 90% target), model + tool mix, turn counts, and a token-rate sparkline. Optional --alert $5 beeps when the active session crosses your threshold. Pure stdlib, zero deps. Ctrl-C exits.

Works with every Claude install

Source	How	Status
Claude Code	reads `~/.claude/` directly	✓ default
claude.ai (web)	Settings → Export data → `tokenmin --source export --from FILE`	✓
Claude Desktop	same flow as web — export then `--source export`	✓
Claude Desktop (live local store)	reads Electron LevelDB directly	🚧 in progress

Trust — read the scanner before you trust it

The scanner is the code that decides what (if anything) leaves your machine. Apache-2.0, hosted publicly at github.com/watsonrm/tokenmin-scanner. About 5 minutes of reading, end to end.

What gets collected

Counts — sessions, turns, tool calls, token usage, USD cost estimate
File paths from Read/Write/Edit — whole-string hashed, no filename suffix leaks
MCP server names, custom agent / skill / command names — hashed
Model names — Anthropic's product names (public info)
Timestamps — session start/end

What never gets collected

✗ Raw text from your prompts or assistant responses
✗ Tool results / outputs
✗ Anything outside ~/.claude/ (or, for chat-export mode, your export blob)
✗ Secrets — Anthropic / OpenAI / Stripe / JWT / npm / Google / AWS / GitHub / Slack tokens, PEM private keys, emails, IPs all get scrubbed before anything is written or sent

Why the hashes can't be reversed

Identifiers are HMAC-SHA256 with a 32-byte salt generated on first run (stored at ~/.tokenmin/.salt, chmod 0600). An adversary who guesses common path names like ~/.ssh/known_hosts cannot precompute its hash without your salt. Cross-snapshot correlation works within your install; cross-user correlation is broken.

Want stricter? Set TOKENMIN_STRICT_ANONYMIZE=1 for an additional per-run salt — breaks within-user cross-run correlation too, at the cost of the engine losing "same file re-read across days" findings.

Audit trail you control

Every snapshot built and every submission is logged at ~/.tokenmin/audit.log (chmod 0600) — UTC timestamp, event, SHA-256 digest of the payload. Never user content. You can reconstruct exactly what bytes you sent and when.

Transport defaults

Default tokenmin mode is local — no network calls
--submit-url refuses http:// for non-localhost (HTTPS-only)
--api-key-env VAR keeps bearer tokens out of ps and shell history
--no-anonymize requires a second confirmation flag and refuses to submit

Continuous verification

Every commit to the scanner runs a CI suite of 13 property and CLI tests plus a synthetic-input leak gate that builds a fake ~/.claude/ with planted client names and fails the build if any survive the scrubber. The private F&F bundle mirrors the public scanner files; CI fails if they drift.

Full threat model + disclosure path: SECURITY.md.

All commands

tokenmin                       scan + render inline (the magic moment)
tokenmin watch                 live dashboard while you work
tokenmin show <id>             drill into one finding
tokenmin help                  30-second walkthrough
tokenmin doctor                self-diagnose your install
tokenmin selftest              run the bundled tests
tokenmin --version             what you're running
tokenmin uninstall             clean removal
tokenmin --out FILE            write full markdown report
tokenmin --snapshot FILE       inspect anonymized payload
tokenmin --submit-url URL      send to hosted engine (HTTPS only)
tokenmin --selfcheck           dump anonymizer rules

Audit-first install

If you don't trust the network all the way to GitHub, verify the installer before executing:

curl --proto '=https' --tlsv1.2 -fsSL -o install.sh https://tokenmin.ai/install.sh
curl --proto '=https' --tlsv1.2 -fsSL -o install.sh.sha256 https://tokenmin.ai/install.sh.sha256
shasum -a 256 -c install.sh.sha256
less install.sh
bash install.sh

F&F preview install

Friends-and-family invitees: paste the unique URL you were sent. It looks like https://tokenmin.ai/i/<your-code>/install.sh. No gh, no brew, no auth setup — the URL embeds your read-only access token.

curl --proto '=https' --tlsv1.2 -fsSL https://tokenmin.ai/i/<your-code>/install.sh | bash

No invite yet? Public scanner mode still works — you can write anonymized snapshots locally and inspect them. The engine (which produces the report) is the F&F gate.

Guides

Claude Token Optimization: What Actually Moves the Number — the underlying patterns: prompt caching, model routing, context discipline, tool call design, output length, batch API. Every claim cited to primary Anthropic documentation.

Repos

watsonrm/tokenmin-scanner — public, Apache-2.0, the audit copy
SECURITY.md — threat model + defenses + disclosure
LICENSING.md — open/proprietary boundary