Session Janitor
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is mostly aligned with session cleanup, but it persistently edits active OpenClaw sessions and can store or push transcript-derived memories in ways users may not expect.
Before installing, back up your OpenClaw session directories and review config.json carefully. Disable LLM extraction, memCli, sceneFilesPath, watchdog, cron, or watcher features you do not want. Only use this if you are comfortable with a background process that can edit all discovered OpenClaw sessions and handle gateway tokens.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your active OpenClaw sessions could silently lose model override settings, changing how future agent turns run.
The janitor edits active sessions.json entries and removes modelOverride for active sessions regardless of transcript size. That can change a user's selected model or agent behavior, and it is not clearly described as part of transcript trimming.
# ACTIVE session — always clear modelOverride + compactionCheckpoints regardless of size ... if 'modelOverride' in v: del v['modelOverride']
Make modelOverride removal opt-in, document it prominently, and back up sessions.json before running the janitor.
An oversized active conversation may lose continuity after the janitor runs, and that behavior can apply across all discovered gateways.
After a successful trim, the script renames the active transcript and removes the session entry, effectively resetting the active session. The user-facing description emphasizes keeping recent exchanges and a summary, not forcing a clean slate.
mv "$jsonl" "${jsonl}.reset.${reset_ts}" ... del sessions[k] ... log "$name: session $sid reset after trim (clean slate for next message)"Disable or change the reset-after-trim behavior unless you explicitly want clean-slate sessions; keep backups and test on noncritical sessions first.
Private conversation facts, decisions, or tasks may be added to a persistent memory store automatically.
Setup automatically enables mem CLI storage when a mem executable is found. That means LLM-extracted memories from trimmed transcripts may be persisted without a separate per-run review step.
"memCli": { "enabled": bool(mem_path), "path": mem_path }Review config.json after setup and set memCli.enabled and llmExtraction.enabled to false unless you want automatic memory storage.
Summaries of private conversations could be committed and pushed to a remote repository if scene-file memory is configured.
If a scene files path is configured, extracted memories can be appended to files and automatically pushed to the configured git remote. This is a sensitive transcript-derived data flow that is not clearly surfaced in the main setup/config documentation.
def git_commit_scene_files(scene_dir): """Commit and push scene file updates to git repo.""" ... subprocess.run(["git", "-C", repo_dir, "push"], timeout=30, check=True)
Do not configure sceneFilesPath unless you understand the git remote; add an explicit no-push option or require manual approval before git push.
The generated config.json may contain gateway tokens that can control or reload sessions.
The skill reads local OpenClaw gateway auth tokens so it can call the gateway API. This is purpose-aligned, but it gives the janitor delegated access to gateway sessions.
Each discovered gateway gets its own entry in config.json with: - Port ... - Auth token (from gateway.auth.token) - Sessions directory path
Protect config.json permissions and install only if you trust the scripts with OpenClaw gateway access.
The janitor can continue modifying session state after installation until the cron job/service is disabled.
The skill is designed to keep running in the background through cron and a watcher service. This is disclosed and purpose-aligned, but it is persistent automation over session files.
Setup auto-discovers all gateway installations (`~/.openclaw/`, `~/.openclaw-*/`), generates `config.json`, installs a cron job, and installs the watcher service
Know how to disable the cron entry and watcher service before installing, and monitor the configured log files after setup.