ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Subagent Session Cleanup

v1.0.1

Clean up accumulated subagent and cron:run child sessions in OpenClaw to fix slow subagent startup. Use when: subagents are slow to start, sessions.json is t...

0· 44·0 current·0 all-time
by@lrddrl·duplicate of @lrddrl/openclaw-session-cleanup-ruodon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description = session cleanup. SKILL.md indeed describes removing child session entries from sessions.json and preserving main/channel sessions — that aligns with the stated purpose. However, the instructions call 'openclaw' CLI commands and a local PowerShell script (cleanup.ps1) even though the skill metadata declares no required binaries and includes no script. The skill should declare 'openclaw' and PowerShell or include the cleanup script; their absence is an inconsistency.
!
Instruction Scope
Instructions are narrowly scoped to stopping the gateway, running cleanup.ps1, and restarting the gateway. The scope is appropriate for session cleanup, but the runtime step hinges on a local cleanup.ps1 that is not included or described. The instructions also permit deletion of .jsonl conversation history with -CleanJsonl (explicitly labeled 'dangerous'); that is a destructive operation and requires explicit user confirmation and visibility into what the script actually does.
Install Mechanism
No install spec (instruction-only skill) — nothing is downloaded or written by the skill itself. This is lower risk than an install that fetches remote code. However, because the instructions expect running a local script, the skill is incomplete without providing or linking that script.
Credentials
The skill requests no environment variables or credentials (appropriate). But it implicitly requires filesystem access and the 'openclaw' CLI and PowerShell execution; these required tools are not declared in metadata. The absence of declared required binaries is a mismatch that reduces transparency about what will be run.
Persistence & Privilege
always is false and there are no install-side persistence mechanisms. The skill does not request persistent presence or elevated platform privileges. The main risk is the destructive file operations (deleting .jsonl) which are transient but impactful to data, not to persistent entitlement.
What to consider before installing
This skill appears to do what it says (clean session entries), but it is incomplete and potentially risky because it references a cleanup.ps1 script that is not included and calls the 'openclaw' CLI even though no binaries are declared. Before running anything: 1) Do NOT run -CleanJsonl until you have a verified backup; that flag deletes conversation history. 2) Ask the skill author (or request the script contents) for cleanup.ps1 so you can inspect it — verify it only edits sessions.json and does not exfiltrate data or run unexpected commands. 3) Make backups of sessions.json and any .jsonl files; test the script on copies first. 4) Use the -DryRun option first to preview changes. 5) Ensure the 'openclaw' CLI and PowerShell are the correct versions and come from trusted sources. 6) If you cannot get the script contents, prefer to perform these cleanup steps manually (open sessions.json in an editor or write a small vetted script) rather than running an unverified PowerShell script. These steps reduce risk and will help determine whether the skill is safe to use.

Like a lobster shell, security has layers — review code before you run it.

latestvk9704j3wtn38r8t9ft6gdfbb3184hana

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments