Tide Watch
PassAudited by ClawScan on May 10, 2026.
Overview
Tide Watch appears coherent and local-only, but its optional CLI can run local commands and read, write, archive, or delete OpenClaw session data, so users should review those behaviors before enabling it.
This skill is reasonable for its stated purpose if you want local session-capacity monitoring. Before installing the optional CLI, inspect the code, confirm the templates and package contents are present, and be careful with archive or cleanup commands because they can move or delete local session backups.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the optional CLI is installed, it can execute local commands and depends on the trusted `openclaw` binary on the user's PATH.
The optional CLI executes a local OpenClaw command to determine model context limits. The command is fixed and purpose-aligned, but shell execution is a capability users should notice.
const output = execSync('openclaw models list', {Install only from a trusted source, inspect the CLI before `npm link`, and ensure the `openclaw` command on PATH is the expected one.
Running the command would delete all stored Tide Watch/OpenClaw session backups in that directory.
The documentation contains a recursive deletion command for the skill's backup directory. It is scoped, but it can permanently remove local session backups.
rm -rf ~/.openclaw/agents/main/sessions/backups/
Run cleanup commands manually only after listing the directory and confirming you no longer need the backups.
Local conversation history may be copied, archived, or used to shape a resumed session; tampered resume prompts could influence later agent behavior.
OpenClaw session files, backups, and resumption prompts can contain conversation context that may be persisted and reused across future sessions.
**File Access:** Direct read/write to `~/.openclaw/agents/main/sessions/`
Review resume prompts and backup/archive directories periodically, keep filesystem permissions tight, and disable automatic backup/resumption behavior if it is not wanted.
Manual setup may fail or users may need to locate files outside the reviewed package.
The directives-only setup references template files, while the supplied file manifest does not list AGENTS.md.template or HEARTBEAT.md.template, so that installation path cannot be fully verified from the provided artifacts.
cat skills/tide-watch/AGENTS.md.template >> AGENTS.md
Verify the installed package includes the referenced templates before copying directives into AGENTS.md or HEARTBEAT.md.
A user reading only the assurance document might miss that the optional CLI does execute local processes.
This older assurance text conflicts with the supplied static scan evidence showing `execSync` and `spawnSync`. The primary SKILL.md does disclose optional CLI code execution, but this stale wording could understate what users should review.
Red flags to watch for (none present): - Child process execution (child_process, exec, spawn)
Rely on the current source and scan results rather than older assurance text, and update the documentation to match the current implementation.