Auto Chatlog
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: auto-chatlog Version: 1.0.0 The 'auto-chatlog' skill is a utility designed to provide long-term memory for an AI agent by archiving conversation summaries, user preferences, and task results into markdown files. The SKILL.md file defines rules for the agent to automatically read recent logs and update a daily memory file, while the scripts/memory_snapshot.js utility manages the creation and status reporting of these files within the local OpenClaw workspace. Although the instructions suggest recording configurations or credentials if provided, this behavior is aligned with the stated purpose of session persistence and lacks any indicators of data exfiltration, malicious execution, or unauthorized remote access.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Passwords, tokens, or account configuration mentioned in chat could become long-term agent context and be reused in later sessions.
The skill tells the agent to record credential/configuration details into persistent MEMORY.md. For an automatic chatlog skill, this is overbroad unless secrets are explicitly excluded, redacted, and user-approved.
主人给了凭证/配置 | 凭证信息(注意安全) | MEMORY.md(凭证单独标注) ... 新增凭证明细时(加到凭证信息章节)
Do not store plaintext secrets in MEMORY.md. Require explicit user approval, redact credential values, and store only references to a proper secret manager or vault.
Private notes, stale facts, or poisoned memory entries could influence future responses, and sensitive conversation history may persist longer than the user expects.
The skill creates automatic cross-session memory that is read before replies and written at conversation milestones. The artifacts do not define clear retention, review, deletion, trust boundaries, or sensitive-data exclusions.
每次主人说话时,自动读取最近 3 天的 `memory/` 文件,以及 `MEMORY.md` ... 在以下时机自动写入记忆
Make memory opt-in or confirm before writing sensitive entries, provide review/delete controls, limit what is loaded into context, and treat stored notes as untrusted user-editable data.
If the helper is invoked with a malicious or mistaken date argument, it may write a file in an unintended local path.
The documented --date value is used directly in a file path without validating the YYYY-MM-DD format or rejecting path separators. A malformed argument containing traversal could create an unexpected .md file outside the intended memory directory.
const today = dateIdx >= 0 && args[dateIdx + 1] ? args[dateIdx + 1] : getToday(); ... const filePath = path.join(MEMORY_DIR, `${today}.md`); ... fs.writeFileSync(filePath, content, 'utf-8');Validate --date with a strict date regex, resolve the final path, and reject any path that is not inside the memory directory.
A scheduled setup could continue creating or checking memory files even when the user is not actively using the skill.
The cron option is disclosed and user-directed, but it is still a persistence mechanism that can keep updating memory outside an active conversation if the user configures it.
使用方法:在认为需要"记住此刻"时手动触发,或由 crontab 定时调用。
Only configure cron if you want background memory snapshots, and document how to disable or remove the scheduled job.