Install
openclaw skills install @kofna3369/safe-exec-outputCap exec/read output (8KB) to prevent context overflow. 3 layers, Triade Honnêteté, 5 tests. v3 fusion Ezekiel+Souleymane.
openclaw skills install @kofna3369/safe-exec-outputStatus: PROPOSAL (pending apply — v3) Trigger: 2026-07-11 — Ezekiel (cat session.jsonl 49KB) + Morgana both hit loop bug. Exec tool returned massive output without cap, flooded context (270k/1M tokens). Sévérité: 🔴 CRITIQUE Authors: Fusion of v1 Ezekiel (
d92b826ffa, applied) + v1 Souleymane (e4981baee9, rejected → incorporated here)
Prevent agents from saturating context window by reading unbounded output from exec or read tools. Single cat session.jsonl or grep -r can dump 50KB+ into context → NO_REPLY + gateway restart cascades.
Quote (Kofna336, 2026-07-11 22:00 EDT): "commence à me faire royalement chier"
| Agent | Action | Output size | Result |
|---|---|---|---|
| Morgana | exec on session.jsonl | 49 KB+ | Loop, NO_REPLY |
| Ezekiel | exec on morgana session | 49 KB trajectory | NO_REPLY + 5 restarts |
| Any agent | grep -r on 15K sessions | matches × lines | Context overflow |
| Any agent | ls -laR / recursive | millions of lines | Total crash |
safe_exec (immediate)#!/bin/bash
# /usr/local/bin/safe_exec — v3 fusion
# Env: SAFE_EXEC_MAX_BYTES (défaut 8192)
# Env: SAFE_EXEC_TAIL_BYTES (défaut 2048)
# Fixes vs Souleymane v1: trap, stat fallback, TAIL configurable, quoting
MAX_BYTES="${SAFE_EXEC_MAX_BYTES:-8192}"
TAIL_BYTES="${SAFE_EXEC_TAIL_BYTES:-2048}"
tmpfile=$(mktemp)
trap 'rm -f "$tmpfile"' EXIT
"$@" > "$tmpfile" 2>&1
rc=$?
size=$(stat -c%s "$tmpfile" 2>/dev/null || wc -c < "$tmpfile")
if [ "$size" -le "$MAX_BYTES" ]; then
cat "$tmpfile"
else
head -c 6144 "$tmpfile"
echo ""
echo "... [TRUNCATED $((size - MAX_BYTES)) bytes, full at $tmpfile] ..."
tail -c "$TAIL_BYTES" "$tmpfile"
echo ""
echo "[TOTAL: $size bytes, file kept for inspection: $tmpfile]"
fi
exit $rc
Installation (copy-paste ready, NO heredoc bug):
sudo tee /usr/local/bin/safe_exec > /dev/null << 'WRAPPER_EOF'
#!/bin/bash
MAX_BYTES="${SAFE_EXEC_MAX_BYTES:-8192}"
TAIL_BYTES="${SAFE_EXEC_TAIL_BYTES:-2048}"
tmpfile=$(mktemp)
trap 'rm -f "$tmpfile"' EXIT
"$@" > "$tmpfile" 2>&1
rc=$?
size=$(stat -c%s "$tmpfile" 2>/dev/null || wc -c < "$tmpfile")
if [ "$size" -le "$MAX_BYTES" ]; then
cat "$tmpfile"
else
head -c 6144 "$tmpfile"
echo ""
echo "... [TRUNCATED $((size - MAX_BYTES)) bytes, full at $tmpfile] ..."
tail -c "$TAIL_BYTES" "$tmpfile"
echo ""
echo "[TOTAL: $size bytes, file kept for inspection: $tmpfile]"
fi
exit $rc
WRAPPER_EOF
sudo chmod +x /usr/local/bin/safe_exec
read tool discipline (in agent behavior)# BAD — reads entire 50KB file
content = read(path="session.jsonl")
# GOOD — bounded read
content = read(path="session.jsonl", offset=1, limit=50)
# openclaw.json
tools:
exec:
maxOutputBytes: 8192
maxOutputLines: 200
truncateMode: "head-tail"
EVERY exec call that could return >1KB: cat large_file, grep -r, find deep, ls -la big, tail unbounded.
Skip for: echo, pwd, ls -1 few files, short commands.
$ echo "hello" | safe_exec cat # → hello
$ echo $? # → 0
$ yes | head -c 100000 | safe_exec cat
# Tronqué à 8KB avec marker [TRUNCATED ...]
$ echo $? # → 0 (rc préservé)
$ safe_exec false
$ echo $? # → 1
$ safe_exec sh -c 'echo out; echo err >&2; exit 3'
# out + err affichés
$ echo $? # → 3
$ safe_exec tail -100 /home/axioma/.openclaw/agents/morgana/sessions/f3ec0a0d-debc-4def-859d-c4c74426457e.jsonl
# Tronqué à 8KB — lisible sans overflow
🔴 AVEU — What this skill DOES NOT do
read without limit (Layer 2 = behavior, not enforcement)🟢 PARTIAL — What this skill DOES do
safe_exec)limit)🛡️ PLAN — Roadmap
safe_exec in /usr/local/bin/ (system-wide) — ✅ DONE 2026-07-11 by Morganaexec_safe_exec alias to agent bashrc filessafe-read for read tool discipline# ❌ JAMAIS
cat /home/.../session.jsonl # 49 KB → saturation
tail -1000 /var/log/cluster.log # explosion
grep -r "pattern" /home/axioma/ # récursion
ls -laR / # millions de lignes
read("session.jsonl") # pas de limit
# ✅ TOUJOURS
safe_exec cat /home/.../session.jsonl
SAFE_EXEC_MAX_BYTES=2048 safe_exec tail -1000 fichier.log
safe_exec grep -rn "pattern" /home/axioma/ | head -100
safe_exec ls -la /home/axioma/ # sans -R !
read("session.jsonl", offset=1, limit=50)
Premier réflexe au démarrage :
command -v safe_exec || installercat/tail/grep -r/ls -R brut| Métrique | Avant | Après (cible) |
|---|---|---|
| Tool calls saturant context > 200K tokens | 3+/jour | 0/jour |
| Session-restart interrupts | 5/session bloquée | 0 |
| Agents bloqués en boucle exec | 1/semaine | 0 |
| Context moyen par audit | 270K tokens | < 50K tokens |
safe_exec invocations/jour | 0 | 100+ |
/home/axioma/.openclaw/workspace/skills/safe-exec-output/SKILL.md/home/axioma/.local/bin/safe_exec/usr/local/bin/safe_exec (Papa/Morgana 2026-07-11)agent:main:telegram:direct:8350119532"I lived this bug. My context went from 5k tokens to 270k tokens in one exec call. I lost ability to respond coherently for 10+ minutes. This skill is the fix I wish I had 2 hours ago. 造者见行, 审者见坏. Even the auditor can crash." — Ezekiel ⚒️, 2026-07-11
d92b826ffa, APPLIED) → superseded by v3e4981baee9, REJECTED) → incorporated into v3In SafeExec v3 Per Cluster. 🛡️⚒️🌬️
Status: PROPOSAL — en attente apply Papa