ClawHub

Driftwatch

v1.1.4

Scan your OpenClaw workspace for truncation risks, compaction anchor health, workspace hygiene, and drift tracking over time. Use when the operator asks to "...

0· 132·0 current·0 all-time
byUncleD@danandbub
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and runtime requirements: the skill reads bootstrap files, computes truncation/compaction/hygiene/trends, and only needs python3 and access to a workspace directory. Reading/writing files under the user's home directory (~/.driftwatch, ~/.openclaw/workspace/) is consistent with the stated purpose.
Instruction Scope
SKILL.md's runtime instructions stay within the stated purpose (run scan, save history, generate HTML). One operator-facing instruction: 'On messaging surfaces (Telegram, Discord, Signal): send the HTML file to the user' calls for transmitting a local report to messaging channels — that is expected for delivery but is the primary place where sensitive workspace content could leave the machine depending on how the agent is configured. The code itself does not implement network calls.
Install Mechanism
No install spec; skill is instruction+source bundle. All code is local Python with no external package downloads or extract steps. This is low-risk from an install/remote code-fetch perspective.
Credentials
The skill requests no credentials or special env vars. It reads OPENCLAW_WORKSPACE (if set) and standard home-dir paths; it creates ~/.driftwatch/* for reports/history and reads ~/.driftwatch/config.json if present. Those accesses are reasonable and proportionate to workspace scanning and trend tracking.
Persistence & Privilege
The skill stores reports and history under ~/.driftwatch and reads a local config file; it does not request permanent platform-wide privileges or set always:true. It does not modify other skills' configs. This level of persistence is consistent with the stated drift-tracking function.
Scan Findings in Context
[no_regex_findings] expected: Static pre-scan reported no injection/network-related signatures. This aligns with the SKILL.md and code which claim and appear to use only Python standard library and local file IO.
Assessment
Driftwatch is internally consistent: it reads OpenClaw workspace files, computes truncation/compaction/hygiene/trends, writes local JSON/HTML reports to ~/.driftwatch, and claims no network usage. Before installing: (1) Review and, if desired, run the scanner locally on a sample workspace to confirm behavior. (2) Be aware the generated HTML report contains workspace contents (which may include sensitive instructions or memory content); only transmit that file over secure channels and only when you intend to share. (3) The skill will create ~/.driftwatch/{reports,history} and may read ~/.driftwatch/config.json — inspect that config if you rely on custom thresholds. (4) Minor non-security inconsistencies (version string and license text differ inside files) are present but do not affect runtime safety. If you expect the agent to automatically post reports to external messaging platforms, ensure those integrations/channels are trusted and authorized.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ftmcnv7d181q2v535s0y5ph83wzvn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Binspython3

Comments