Back to skill
Skillv1.0.0
ClawScan security
Session Hygiene · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 2, 2026, 9:19 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and instructions match its stated purpose (archiving and rotating OpenClaw sessions.json); it has no network calls, no extra env/credentials, and no install steps, so its footprint is coherent and proportional.
- Guidance
- This skill appears to do what it says, but take normal precautions before running it: (1) run with --dry-run first to preview actions; (2) back up sessions.json (or run the script against a copy) before writing to it; (3) ensure the cron runs as the same user that owns sessions.json so auto-detection succeeds and there are no permission issues; (4) if your sessions.json is located outside the auto-detected paths, provide --sessions-path explicitly; (5) be aware the script loads sessions.json into memory (very large files could use significant RAM); and (6) inspect the archive files and test on a non-production instance if possible. These are operational cautions, not indicators of malicious behavior.
Review Dimensions
- Purpose & Capability
- okName/description match the contents: the SKILL.md explains cron setup and the included Python script archives stale sessions and rotates old archives. There are no unrelated requirements (no external credentials, no unrelated binaries).
- Instruction Scope
- okRuntime instructions are scoped to locating sessions.json, writing per-day JSONL archives into sessions-archive, deleting old archives, and updating sessions.json. The SKILL.md does not ask the agent to read or transmit unrelated files or secrets. It instructs running the included script via a cron payload or manually; that's consistent.
- Install Mechanism
- okNo install spec or external downloads. The skill is instruction-only plus a small local Python script; nothing is fetched from remote URLs and no archives are extracted.
- Credentials
- okNo environment variables, credentials, or config paths are requested. The script auto-detects common sessions.json locations under the user's home directory (or accepts an explicit --sessions-path). This access is proportional to the stated task.
- Persistence & Privilege
- okDoes not request always:true, does not modify other skills or system-wide agent settings. It writes only to the sessions directory (sessions.json and sessions-archive) which is the minimal required privilege for its function.