Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Context Window Optimizer
v1.0.0Optimize context window usage by summarizing old conversation segments, extracting key facts and decisions to permanent memory, and keeping current context l...
⭐ 0· 70·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the included scripts: analyze_context.py, extract_decisions.py, and summarize_session.py perform analysis, extraction, and summarization of session transcripts. Accessing session transcripts and producing summary/memory files is coherent with the stated purpose. However, the skill does not declare the implicit config path it uses (~/.openclaw/agents/main/sessions/) or the fact that it will write persistent memory files in the user's home directory, which should have been surfaced in the metadata.
Instruction Scope
SKILL.md plus the scripts instruct the agent to read full session transcripts, extract decisions/key facts, and write/archive them to persistent files (e.g., MEMORY.md, ~/self-improving/memory.md, memory/YYYY-MM-DD.md). There is no built-in redaction or secret-filtering: extract_decisions.py explicitly includes tool call arguments and slices content, which can capture commands, tokens, stack traces, or other sensitive data. The instructions encourage moving conversation content into permanent memory — that centralization is a sensitive operation and is not scoped to exclude secrets or PII.
Install Mechanism
No install spec (instruction-only) and included Python scripts run locally. This is low-risk from an installation origin perspective: nothing is downloaded from remote URLs and no package install is automated.
Credentials
The skill requests no environment variables and declares no config paths, yet the scripts directly read ~/.openclaw/agents/main/sessions/*.jsonl and may write to user home paths. That filesystem access is disproportionate to what the metadata advertises (no required config paths). The scripts also parse tool outputs and command arguments (partial command text captured), which increases the chance of harvesting credentials or secrets from session history.
Persistence & Privilege
always:false and the skill does not modify other skills or system settings. However, it is explicitly designed to create and archive persistent memory files (MEMORY.md, memory/YYYY-MM-DD.md, ~/self-improving/memory.md). Persistent storage of extracted content is expected for this use case but raises privacy risk because archived content could include sensitive data and may be accessible to other skills or processes.
What to consider before installing
This skill appears to implement context summarization as advertised, but it reads your OpenClaw session transcripts and writes persistent memory files without redaction. Before installing or enabling it: (1) inspect the scripts locally (they are included) and confirm you are comfortable with reading ~/.openclaw/agents/main/sessions/*.jsonl; (2) run it first in a controlled/test account or sandbox with non-sensitive sessions; (3) add or request secret/PII redaction (credentials, tokens, long stack traces) before archiving; (4) restrict where memory files are written and ensure the directory has appropriate permissions and encryption if needed; (5) consider running commands with --no-llm / dry-run to preview extracts; (6) require the author to add explicit metadata declaring the config paths accessed and an explanation of retention/cleanup policy. If you deal with sensitive data, do not enable automatic or autonomous invocation of this skill until these mitigations are in place.Like a lobster shell, security has layers — review code before you run it.
latestvk9730fy294msa6mms813zk7a5n83jhbb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.