Exec Truncate
v1.0.1AI agent tool for compressing/executing shell commands with domain-aware output truncation. Use when exec tool output needs to be compressed, when running gi...
⭐ 0· 53·0 current·0 all-time
byaustrian_guy@ether-btc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description match the code: truncation functions for git diff/log, grep, ls, and build output and a FilteredExecutor to wrap exec calls. Minor inconsistencies: examples show Deno.Command usage in SKILL.md while core code uses Node-style globals (process.cwd(), process.env.HOME), and README claims plugin wiring into OpenClaw hooks although the SKILL.md explicitly states this distribution is standalone. These are likely implementation/platform variations but worth confirming for your runtime environment.
Instruction Scope
SKILL.md limits runtime behavior to string-processing of command output and to wrapping exec functions; it does not instruct reading unrelated files, contacting external endpoints, or accessing unrelated credentials. The documented fail-safe returns raw output on errors. It does reference optional wrapper scripts and a hook integration, which are consistent with the skill's goal.
Install Mechanism
No install spec is declared (instruction-only), so nothing will be pulled or executed at install time by the registry. The package includes source files but no automated download/install steps in the metadata. This is low install risk; if you later install as an OpenClaw plugin, the plugin install path (not provided here) should be reviewed.
Credentials
The skill declares no required env vars or credentials. The code reads environment/system info (process.cwd(), process.env.HOME) to strip path prefixes, which is proportionate to the stated purpose but does mean the code accesses your working directory and home path at runtime. Also note: truncation runs on whatever exec output it is given, and that output may contain sensitive data (tokens, file contents) if commands produce them.
Persistence & Privilege
Skill metadata does not request always:true and is user-invocable only. The provided code is a library-style utility that does not modify other skills or system-wide settings. If installed as a plugin into OpenClaw, it may be wired to a tool_result_persist hook (per README) and thus will see all exec outputs that the platform routes to that hook — this is expected for the stated purpose but increases the visibility of command outputs.
Assessment
This skill appears to do what it claims: condense/trim large exec outputs. Before installing or enabling it as a plugin, (1) confirm which runtime you use (Node vs Deno) because examples and code use mixed globals and may need slight adjustments; (2) review the full mod.ts (the provided snippet was truncated) to ensure there are no hidden network calls or file writes; (3) remember that if you wire this into OpenClaw's exec hook it will receive the raw output of commands — avoid running commands that emit secrets (tokens, private files) or review policies about which outputs are routed to plugins; (4) if you plan to install the plugin, inspect the plugin manifest (openclaw.plugin.json) and any install scripts that would be executed on install/restart.Like a lobster shell, security has layers — review code before you run it.
latestvk977bxbmnfc5vhsn226ne7y9bs84ewwv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.