Clawdoc

Name/description match the requested binaries (bash, jq, bc) and the provided scripts implement 14 detectors for JSONL agent sessions. Nothing requested (no cloud credentials, no unusual binaries) appears unrelated to a local diagnostics tool.

SKILL.md instructs running local scripts against explicit session JSONL files or a user-provided sessions directory. The tool only reads session files, produces JSON findings, and — only if opt-in via CLAWDOC_LEARNINGS=1 — writes a local .learnings/LEARNINGS.md file. There are no instructions to contact external endpoints, harvest unrelated config, or automatically search system paths without explicit user input. Note: helper/dev scripts (e.g., convert-claude-sessions.sh) will scan an input directory you provide and may run find/grep on paths you pass — review the path you give to avoid scanning sensitive large trees.

No install spec is provided (instruction-only install), and there are no downloads or remote installers referenced. Code is shipped as shell scripts in the package; risk is limited to running those scripts locally. No extract-from-URL or third-party package installs are present.

The skill requires no environment variables or credentials to run. The only optional environment flag (CLAWDOC_LEARNINGS=1) enables a local write to .learnings/LEARNINGS.md and is opt-in. No secrets or unrelated environment/config paths are requested.

always is false and the skill is user-invocable. It does not request persistent platform privileges or modify other skills. The only persistence is an opt-in local write when CLAWDOC_LEARNINGS is set; scripts otherwise operate on files you explicitly pass.