Clawdoc
Security checks across malware telemetry and agentic risk
Overview
Clawdoc appears to be a coherent local diagnostic tool, but it analyzes agent session history and can optionally save findings for future use.
Clawdoc looks appropriate for diagnosing OpenClaw sessions. Before installing or invoking it, remember that session logs may include private prompts, tool outputs, paths, and cost data; run it on the narrowest useful session path and review any output or .learnings content before sharing.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may scan local OpenClaw session history and generate summaries about failures, token usage, costs, and tool behavior.
The skill tells the agent to run bundled local shell scripts over OpenClaw session logs. This is expected for the diagnostic purpose, but it is still local command execution over user data.
Run: `bash {baseDir}/scripts/headline.sh ~/.openclaw/agents/main/sessions`Run it only on session files or directories you intend to analyze, and prefer a specific session path when you want a narrow review.
Diagnostic output may reveal private details from prior agent sessions if copied or shared.
Session JSONL files can contain prior user messages, assistant outputs, tool results, local paths, and cost metadata. The skill processes that retrieved context for diagnostics.
Session JSONL files are the ground truth for all diagnostics
Review reports before sharing them, and avoid running cross-session analysis on logs that contain sensitive conversations unless needed.
If enabled, session-derived findings or potentially sensitive diagnostic context may persist and influence later agent behavior.
The skill documents an opt-in persistent write of diagnostic findings into a learnings file that future agents may reuse.
To enable writing findings to `.learnings/LEARNINGS.md`, set `CLAWDOC_LEARNINGS=1` before running prescribe
Enable CLAWDOC_LEARNINGS only intentionally, and periodically review or clear .learnings/LEARNINGS.md.
It may be harder to independently confirm that this package matches an upstream project or trusted release.
The registry metadata does not provide a source or homepage for provenance verification, even though the package contains executable scripts.
Source: unknown Homepage: none
Install from a trusted registry/source and compare with an upstream repository if provenance matters to your workflow.