Chronicler
v1.0.0Turn your session history into publish-ready stories. An embedded AI journalist reviews your conversations and writes narrative dispatches about what you've...
⭐ 0· 73·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (turn session history into publish-ready stories) aligns with the runtime instructions: the SKILL.md explicitly reads chat-memory output files under memory/sessions/, composes dispatches, appends them to CHRONICLE.md, and updates reporter-state.json. It also declares chat-memory as a prerequisite. No unrelated binaries, credentials, or install steps are requested.
Instruction Scope
Instructions explicitly tell the agent to list and read transcript files (memory/sessions/session-YYYY-MM-DD-*.md), read/write reporter-state.json, and append dispatches to CHRONICLE.md. The skill includes strong anonymization rules (NO real names, emails, API keys, etc.), which is appropriate, but because it processes raw transcripts there is an inherent risk of accidental disclosure if the model fails to redact or the transcripts contain sensitive structured secrets (API keys, credentials, PII). The instructions do not direct data off-device or to external endpoints, which reduces remote exfiltration risk.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes supply-chain and remote-code risks (nothing is downloaded or written by the skill itself).
Credentials
The skill requires no environment variables, credentials, or config paths beyond local files produced by chat-memory. That is proportional: it needs access only to the session transcripts and a local reporter-state.json/CHRONICLE.md.
Persistence & Privilege
always is false and there is no install creating persistent services. The SKILL.md mentions running as a cron job, but that depends on the user's environment and chat-memory setup. The skill can be invoked autonomously by the agent (disable-model-invocation is false by default), which is typical for skills; if you want to prevent unattended processing of transcripts, consider disabling autonomous invocation or restricting when it runs.
Assessment
This skill is coherent with its stated purpose, but it processes your conversation transcripts — which may include sensitive data — so take these precautions before enabling it:
- Audit the transcripts: inspect a few memory/sessions/*.md files to confirm they don't contain secrets, full names, emails, API keys, or financial data you don't want processed.
- Test on sanitized data: run the skill against dummy or redacted transcripts first to verify anonymization works as expected.
- Require review before publishing: keep CHRONICLE.md output private and review every dispatch before posting publicly.
- Limit automation: if you don't want unattended processing, disable autonomous invocation for the skill (or do not add cron jobs); run it manually instead.
- Add automated redaction: consider inserting a pre-processing step that strips known secret patterns (API keys, emails, tokens) from transcripts before the skill reads them.
- File permissions: restrict access to memory/sessions, reporter-state.json, and CHRONICLE.md to only the user/agent account that should have them.
If you want stronger assurances, ask the skill author for a deterministic redaction checklist or a post-process verifier that searches outputs for emails, URLs, API keys, and other identifiers before the dispatch is finalized.Like a lobster shell, security has layers — review code before you run it.
latestvk97060jwp1pg46m7hw6t7wxpn583m92e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.