Swarm Janitor
ReviewAudited by ClawScan on May 10, 2026.
Overview
Swarm Janitor’s cleanup purpose is coherent, but it asks users to run a missing cleanup script that can delete OpenClaw sessions and archive transcripts.
Review or obtain the missing swarm_janitor.py implementation before running this skill. Start with dry-run only, avoid --force and --no-archive until you have backups, and do not install the cron job or enable SuperMemory/S3 archival unless you are comfortable with automatic cleanup and transcript storage.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may trust safety claims for a cleanup program whose actual implementation is missing or would have to come from somewhere else.
SKILL.md instructs users to run scripts/swarm_janitor.py for cleanup and archival, but that script is not included in the supplied package. The high-impact behavior cannot be reviewed from the provided artifacts.
No code files present — this is an instruction-only skill.
Do not run the cleanup commands until the referenced script is included in the package or independently reviewed from a trusted source.
If the cleanup logic is wrong or run too aggressively, session transcripts or unfinished agent work could be deleted.
The documented workflow includes deletion without archival, and other examples include --clean, --force, and cron execution. This is destructive local mutation of OpenClaw session state.
python3 scripts/swarm_janitor.py --clean --no-archive
Use dry-run first, keep a separate backup, avoid --force and --no-archive unless necessary, and verify exactly which sessions will be deleted.
A scheduled job could continue archiving and deleting sessions daily even after the original task is forgotten.
The skill documents a persistent cron job that would continue running cleanup automatically after setup. It is disclosed and user-directed, but it persists beyond a single manual invocation.
0 3 * * * python3 ~/.openclaw/workspace/skills/swarm-janitor/scripts/swarm_janitor.py --archive --clean --retention-days 3
Only install the cron job intentionally, log its output somewhere you monitor, and remove the cron entry when no longer needed.
Sensitive session content could be stored in long-lived memory or an external archive.
Archiving transcripts to a memory service is central to the stated purpose, but those transcripts may contain private prompts, work product, credentials, or instructions that persist and may be reused later.
Save transcripts to SuperMemory before deletion
Confirm the archive destination, retention policy, and data handling expectations before enabling SuperMemory or any external archive.
The skill may use a SuperMemory credential if external archival is enabled.
The optional SuperMemory integration requires an API key. This is expected for the integration, but the registry metadata does not declare required credentials because the setting is optional.
# SuperMemory API key (if destination = supermemory) # Set via SUPERMEMORY_API_KEY environment variable
Use a least-privilege API key, avoid sharing it in logs or prompts, and prefer local archival if external storage is not required.