ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Scribe

v1.0.1

Autonomous session scribe — reads today's OpenClaw session logs, extracts decisions, preferences, framework sentences, and project updates, then writes a str...

1· 348·0 current·0 all-time
bychenchen@billc8128

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for billc8128/openclaw-scribe.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Scribe" (billc8128/openclaw-scribe) from ClawHub.
Skill page: https://clawhub.ai/billc8128/openclaw-scribe
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install billc8128/openclaw-scribe

ClawHub CLI

Package manager switcher

npx clawhub@latest install openclaw-scribe
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match what the files do: scripts scan ~/.openclaw/agents/main/sessions, filter user messages, call an LLM (OpenRouter) and write structured memory files to the workspace. The optional env vars and gateway interactions are coherent with the advertised cron registration and LLM usage.
Instruction Scope
SKILL.md and README instruct only to copy the skill, run setup-cron (optional) or run scribe.py manually. Runtime instructions reference session JSONL files, the OpenClaw config for API keys, and writing memory files — all within the stated scope. There are no instructions to read unrelated system paths or exfiltrate data to unexpected endpoints.
Install Mechanism
No install spec or external downloads; the skill is instruction-only with included Python scripts. No archives or remote code pulls—low install risk.
Credentials
The scripts read an OpenRouter API key and (for cron setup) an OpenClaw gateway token from ~/.openclaw/openclaw.json or environment variables. These credentials are appropriate for the tasks (calling OpenRouter and registering a cron job) but are sensitive: the skill will send conversation text to openrouter.ai and will use the gateway token to register jobs. The number and type of credentials requested are proportional, but users should be aware these are required for full automation.
Persistence & Privilege
The skill is not 'always' enabled. The optional setup-cron registers a nightly job via the OpenClaw gateway API which grants automated periodic runs—this matches the skill's purpose. Granting the gateway token to this script enables it to create/modify cron jobs; ensure you trust the code before running setup-cron.
Assessment
What to check before installing: - Review the two included Python scripts (scripts/scribe.py and scripts/setup-cron.py) yourself — they are the code that will run. - If you enable automation, setup-cron will use your OpenClaw gateway token to register a nightly job that runs the scribe script; only run setup-cron if you trust the repository and the gateway token's scope. - The scribe script sends extracted conversation text to https://openrouter.ai (OpenRouter) using an API key read from env or ~/.openclaw/openclaw.json. If you have privacy concerns, run scribe.py manually first and/or set SCRIBE_MODEL/OPENROUTER_API_KEY to a provider you trust or leave it unset to avoid network calls. - Run the script manually (python3 scripts/scribe.py) on a small sample day to verify outputs and ensure it only reads the intended session directory and writes to a dedicated memory folder. - If you do not want automatic scheduling, skip setup-cron and instead use a system cron or manual runs that you control. - Backup or inspect memory/ and MEMORY.md after first runs to confirm no sensitive tokens or unexpected content are being written.

Like a lobster shell, security has layers — review code before you run it.

latestvk972ypfbw39cbwmtbdwnsn1xwh827xk6
348downloads
1stars
2versions
Updated 54m ago
v1.0.1
MIT-0
chenchen@billc8128
latest
Download

Scribe

An autonomous "stenographer" agent that watches your OpenClaw session history and extracts what matters into persistent, structured memory files — so your agent remembers across sessions without relying on context window compaction.

Install & Setup

1. Copy the skill to your workspace:

cp -r skills/public/scribe ~/.openclaw/workspace/skills/public/scribe

2. Register the nightly cron job (one command):

python3 skills/public/scribe/scripts/setup-cron.py

That's it. Scribe will run every night at 23:30 and write memory/YYYY-MM-DD.md to your workspace.

3. Run manually anytime:

python3 skills/public/scribe/scripts/scribe.py

How It Works

  1. Scans today's session JSONL files from ~/.openclaw/agents/main/sessions/
  2. Filters out heartbeats, system messages, and noise
  3. Sends user messages to an LLM (via OpenRouter, reads your existing OpenClaw API key)
  4. Extracts: decisions, preferences, framework sentences, project updates, todos
  5. Writes structured output to {workspace}/memory/YYYY-MM-DD.md

Output Format

# YYYY-MM-DD Memory (Scribe)

## 🔑 Decisions Made
## 💡 Preferences & Rules
## 🗣️ Framework Sentences
## 📦 Project Updates
## ✅ Todos / Follow-ups

Configuration

Environment variables (all optional — defaults work out of the box):

VariableDefaultDescription
SCRIBE_SESSION_DIR~/.openclaw/agents/main/sessionsSession JSONL location
SCRIBE_WORKSPACE~/.openclaw/workspaceWhere memory files are written
SCRIBE_DAYS1Days back to scan
SCRIBE_MODELanthropic/claude-haiku-4-5LLM model (OpenRouter ID)
SCRIBE_APPEND_LONGTERMfalseAlso append to MEMORY.md
OPENROUTER_API_KEY(from OpenClaw config)Override API key

References

  • Cron setup details: references/cron-setup.md — manual config, launchd, timezone changes
  • Signal classification: references/signal-guide.md — how the LLM decides what's worth extracting

Comments

Loading comments...