Session Cleanup Pro

Security checks across malware telemetry and agentic risk

Overview

This is a local OpenClaw session cleanup helper that scans first, asks for confirmation before cleanup, and shows no hidden network, credential, or automatic deletion behavior.

Install only if you want help reviewing and cleaning local OpenClaw session history. Run the scan first, inspect the reported orphan and stale sessions, and prefer archiving or backing up anything you may need before approving deletion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 97% confidence
Finding: This is a mismatch because the description says the skill performs cleanup/deletion and includes a required confirmation flow, but the provided code is read-only and only reports candidate orphan files and stale sessions. The 72-hour protection behavior is reflected in the scan logic, but the primary purpose materially differs: it audits rather than cleans. There are no hidden extra capabilities beyond the description, but the description overstates what the code actually does.

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The manifest description and main body are written in Chinese, and the output template is also Chinese-only. This imposes a specific language/locale on users without any stated opt-in or alternative, which matches the policy-violation criterion for language/locale constraints.

Tool Parameter Abuse

High

Category: Tool Misuse
Content: 在用户确认后删除孤儿文件： ```bash rm ~/.openclaw/agents/main/sessions/<orphan>.jsonl ``` ### B. 再处理过期会话（谨慎）
Confidence: 85% confidence
Finding: rm ~/.openclaw/agents/main/sessions/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal