Archive Project
v1.2.5Organize completed projects into searchable archives with session transcript backup.
⭐ 0· 113·1 current·1 all-time
byKaigeGao@kaigegao1110
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The SKILL.md declares a required config path (~/.openclaw/agents/main/sessions/) and runtime use of session transcripts, which is consistent with the archive purpose — but the registry metadata lists 'Required config paths: none'. This mismatch between declared metadata and runtime instructions is an incoherence that should be resolved (the skill does need access to session files).
Instruction Scope
Runtime instructions explicitly read session transcripts, copy them into workspace/projects/<project-name>/, run the local sanitization script, git-commit the workspace, and optionally delete original session files only with user approval. Reading and processing session transcripts is expected for this skill. The instructions reference an environment variable (SESSION_TRANSCRIPT_PATH) and recommend grep/verification steps — those references are reasonable but grant the skill access to potentially sensitive local transcripts, so users should confirm they are comfortable with that scope.
Install Mechanism
No install spec / no remote downloads — instruction-only with a local sanitization script. This is low-risk from an install perspective (nothing written to disk by an installer beyond what the user does when cloning).
Credentials
Registry metadata lists no required environment variables, but SKILL.md and README use SESSION_TRANSCRIPT_PATH to locate transcripts. The skill will read files from the user's session directory by default. Asking for broad credentials is not present, which is good, but the undeclared env var/config-path usage is an inconsistency that should be documented in the manifest.
Persistence & Privilege
always:false and normal autonomous invocation; the skill performs workspace file writes and git commits (expected for archiving). It does not request permanent platform-wide privileges or modify other skills' configurations. Deletion of original session files is gated by explicit user approval in the instructions.
Assessment
This skill is coherent with its purpose: it reads your session transcripts, runs a local sanitization script, writes an archive into your workspace, and can (with your permission) remove originals. Before installing: (1) Confirm you are comfortable the skill will read files under ~/.openclaw/agents/main/sessions/ (or any path you set via SESSION_TRANSCRIPT_PATH). (2) Note the registry metadata doesn't declare that config path or the SESSION_TRANSCRIPT_PATH env var — ask the publisher to correct the manifest so access requirements are explicit. (3) Review scripts/sanitize_transcript.py to ensure its redaction rules meet your needs and test it on sample transcripts (the skill provides a --test mode). (4) Be aware it will run git commit in your workspace and copy transcripts into workspace/projects/, so verify where that workspace is stored and that commits are acceptable. (5) Only approve deletions when you have confirmed sanitized backups exist. If you need stronger guarantees, run the sanitize script yourself on a copy of transcripts before giving the skill any file-access or invoking it.Like a lobster shell, security has layers — review code before you run it.
agentvk97363q8ymywg00rdnwn20qbgd83pn98aivk97363q8ymywg00rdnwn20qbgd83pn98archivalvk974gc6adyhb9nby1a5t79k6qd83qk76latestvk97errps93eyg8r8c8bw2jbv9s83r7tpproductivityvk974gc6adyhb9nby1a5t79k6qd83qk76project-managementvk974gc6adyhb9nby1a5t79k6qd83qk76workflowvk974gc6adyhb9nby1a5t79k6qd83qk76
License
MIT-0
Free to use, modify, and redistribute. No attribution required.