clawlens

The skill requires high-privilege access to the OpenClaw environment, specifically reading all historical conversation logs and extracting plaintext API keys or OAuth tokens from 'auth-profiles.json' (scripts/clawlens.py). It transmits truncated conversation transcripts to external LLM providers via litellm to perform 'facet extraction' and report generation. While these actions are documented in SKILL.md and aligned with the stated purpose of providing usage insights, the automated extraction of credentials and bulk exfiltration of private chat history to third-party APIs constitutes a significant security and privacy risk.