Conversation Flow Monitor
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly a local reliability monitor, but it also describes persistent memory/workspace changes and includes a heartbeat cleanup that can delete shared log files without clear scoping.
Before installing, decide whether you want a skill that can run heartbeat maintenance, write troubleshooting information into persistent learning files, and potentially update agent guidance files. If you use it, disable or restrict heartbeat cleanup, require confirmation before any auto-fix or memory update, and periodically review `.learnings`, `SOUL.md`, `TOOLS.md`, and the hidden log directory.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may modify files or change how tools are called in ways the user did not explicitly approve.
The skill goes beyond passive monitoring into broad tool wrapping and automatic filesystem or skill-file mutation, but the artifact does not define approval prompts, exact target scope, rollback, or safeguards.
Safe Tool Execution Wrapper: Wraps all tool calls with timeout protection and error recovery ... Skill Registration ... Auto-fix missing fields ... File Not Found ... Create missing directories/files
Require explicit user confirmation and show a diff before any auto-fix or file creation; scope wrappers and mutations to user-selected operations only.
Future agent behavior could be changed by logged errors or recovery notes, and sensitive troubleshooting context may persist across sessions.
The skill describes writing observations and behavioral changes into persistent agent memory and guidance files, which can influence future tasks and may preserve sensitive context or bad recovery patterns.
Logs conversation flow issues to `.learnings/ERRORS.md` ... Promotes successful recovery patterns to permanent memory ... Updates SOUL.md with behavioral improvements ... Enhances TOOLS.md with tool-specific reliability notes
Make memory updates opt-in, redact sensitive details, require human review before updating persistent guidance files, and provide a clear way to disable or remove stored entries.
Installing or enabling the heartbeat may remove unrelated diagnostic logs that other tools or skills rely on.
The heartbeat cleanup deletes all old `.log` files in the shared hidden log directory, not only files created by this skill.
for log_file in log_dir.glob("*.log"):
if log_file.stat().st_mtime < cutoff_date.timestamp():
log_file.unlink()Restrict cleanup to this skill’s own log filenames or subdirectory, and document the exact files that may be deleted.
The skill may keep running maintenance checks after installation if the heartbeat integration is enabled.
The periodic heartbeat is disclosed and purpose-aligned, but it is autonomous behavior that continues outside a single user-invoked action.
The skill automatically integrates with OpenClaw's heartbeat system: - Runs periodic health checks every 30 minutes
Confirm whether heartbeat hooks are enabled in your environment and disable them if you only want manual monitoring.
Users may place too much trust in bundled approval claims instead of reviewing the actual behavior.
The package includes strong self-review and approval-style claims, which should not be treated as independent security assurance.
Status: ✅ PRODUCTION READY ... Publishing Recommendation: PROCEED IMMEDIATELY
Treat bundled review summaries as author-provided documentation only and rely on independent review of the code and requested behavior.