Claw Trace
v1.1.1Track and visualize the OpenClaw agent's work process. Record tool call inputs, outputs, duration, and status, and present them in an easy-to-read format. **...
⭐ 0· 275·1 current·1 all-time
by@jdchi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name, description, and runtime instructions align: the skill records and presents tool-call traces and only needs its own config.json. There are no unexplained credentials, binaries, or installs.
Instruction Scope
The SKILL.md instructs the agent to record inputs/outputs, durations, and statuses and — when enable=true — to automatically include trace output after every tool call without waiting for user request. This is consistent with a tracer, but it significantly broadens what the agent will display (including potentially sensitive tool inputs/outputs). The document requires redaction of some patterns but does not provide an enforceable, comprehensive redaction implementation. The skill also instructs writing updates to config.json, which is within scope.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing will be written to disk by an installer. Lower risk from installation perspective.
Credentials
No environment variables, credentials, or external config paths are requested. The config.json is the skill's own file and is appropriately scoped. No unrelated secrets are requested.
Persistence & Privilege
always is false and the skill is user-invocable. The skill can be invoked autonomously by the agent (platform default), which increases blast radius if traces include secrets — this is normal for skills but relevant given the automatic-trace mandate. The skill does write to its own config.json per its instructions, which is expected.
Assessment
This skill appears to be what it says, but be cautious: if you enable tracing, the agent will automatically show trace output after every tool call (potentially exposing sensitive inputs/outputs) unless redaction works perfectly. Before enabling: (1) test in a safe environment with non-sensitive data; (2) keep detailedLog/saveToFile disabled and use simple mode; (3) review a sample of traces to confirm redaction covers your secrets and conventions (headers, query strings, file contents, tokens in JSON, etc.); (4) avoid enabling in production or when handling private credentials. If you need stronger guarantees, request an implementation that enforces deterministic redaction rules or that never records certain categories (e.g., Authorization headers, entire request bodies for particular tools).Like a lobster shell, security has layers — review code before you run it.
latestvk9711169s6qmn0z5fz7qxe64tx82r2gc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.