ClawHub

Ctxkeeper

v2.0.0

Manage conversation context with saving, loading, and pruning tools. Use when preserving context, loading sessions, pruning old history.

0· 92·0 current·0 all-time
by@bytesagain3
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (manage conversation context, saving/loading/pruning) matches the included script's behavior: timestamped category logs, search, stats, export, recent. No unrelated credentials, binaries, or services are requested.
Instruction Scope
SKILL.md and scripts confine activity to the user's data directory (~/.local/share/ctxkeeper) and only read/write the log files there. They do not reference other system config, network endpoints, or unrelated env vars. Note: the SKILL.md presents a CLI named 'ctxkeeper' but the repo contains scripts/script.sh without an explicit install step or wrapper; this is a mild inconsistency (the script exists but there is no automated install to PATH).
Install Mechanism
No install spec (instruction-only) — lowest install risk. However, a shell script is included in the package; there are no instructions to install it to PATH. That is not dangerous per se, but you may need to run or install the script manually.
Credentials
The skill requests no environment variables, credentials, or external config. The script only uses HOME to determine the data directory and standard shell utilities; this is proportionate to a local logging tool.
Persistence & Privilege
always is false and model invocation is not disabled (normal). The skill does not request permanent elevated privileges or modify other skills or system-wide settings. It creates and uses its own data directory only.
Assessment
Ctxkeeper appears to do what it says: a local CLI-style logger that keeps timestamped logs under ~/.local/share/ctxkeeper and can search/export them. There are no network calls or credential requests. Before installing or using it: (1) review or run the included scripts/script.sh yourself — the package doesn't provide an automatic installer, so you may need to place the script on your PATH if you want the 'ctxkeeper' command; (2) avoid recording secrets or sensitive tokens in the logs (they are stored in plain text and exported to files in your home directory); (3) be aware of minor bugs/quirks in the exporter (e.g., JSON output handling and literal "\n" in the script) — these are implementation issues, not malicious behavior; (4) if you want stronger guarantees, run it in an isolated account or container until you are comfortable with the behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk9794tsh8f80vsbxfdadd3kaxn8379aj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments