ClawHub

Chat Vitals

v1.1.0

Chat Vitals - Monitor chat conversation health with real-time insights. Tracks conversation quality metrics: first-try success rate, promise fulfillment, tok...

0· 50·0 current·0 all-time
by珈乐不困@carolava
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill claims auto-collection and a simple CLI ('vitals start ...') and provides hook functions (on_user_message, on_assistant_message, on_session_end) for OpenClaw to call — the implementation (auto_collector.py / collector.py / dashboard.py / reporter.py) matches the stated monitoring/dashboard purpose. Minor incoherences: documentation and examples use inconsistent CLI/module names (vitals, monitor, llmchat_vitals, llm_monitor) and there's no obvious top-level executable named 'vitals' in the repo. These are likely sloppy packaging/documentation issues rather than malicious behavior.
Instruction Scope
SKILL.md and the scripts operate only on local data under ~/.openclaw/skills/chat-vitals (creating session JSON files, reading config.json). Runtime instructions reference local CLI commands and local config paths declared in the README/SKILL.md, and the code's behavior (collecting turns, analyzing sessions, rendering dashboard) stays within that scope. There are no instructions to read unrelated system files, environment variables, or to transmit data to external endpoints.
Install Mechanism
No install spec is provided (instruction-only), and the code is pure Python using the standard library. There are no remote downloads or obscure install URLs. The repo includes scripts that will be written to disk as part of the skill installation — standard for OpenClaw skills — but no package manager or external fetch is used.
Credentials
The skill declares only python3 as a required binary and does not request environment variables, credentials, or unrelated configuration paths. The code reads and writes only to its own skill directory (~/.openclaw/skills/chat-vitals). Optional webhook dependencies are only noted in comments and no network libraries are used in the shipped code.
Persistence & Privilege
The skill stores session and report files under its own skill directory and does not request always:true or modify other skills' configs. It uses regular file I/O within its directory and does not attempt to persist system-wide configuration or escalate privileges.
Assessment
This package appears to do what it says: local collection, per-session JSON files in ~/.openclaw/skills/chat-vitals/data, analysis, dashboard, and report generation. Before installing: 1) Review the mismatched CLI/module names (the README/SKILL.md refer to 'vitals', 'monitor', and different Python package names) — the skill may require you to run the scripts directly (python3 scripts/*.py) rather than a 'vitals' command. 2) Confirm OpenClaw will call the provided hook functions (on_user_message, on_assistant_message, on_session_end) if you expect automatic collection; otherwise auto-collection may not work. 3) Note that all collected data is stored unencrypted under ~/.openclaw/skills/chat-vitals — if your conversations are sensitive, restrict file permissions or disable auto-collection. 4) The code uses subprocess to invoke analyzer.py in reporter.py (local invocation only); if you add webhook/networking later, re-review network code. If you want extra assurance, run the test suite and inspect the scripts in a sandbox before enabling auto-collection.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d6yhh0xhzhrn3jkcha86h6584f257

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📊 Clawdis
Binspython3

Comments