Skillv1.0.0

ClawScan security

openclaw session viewer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 12, 2026, 12:28 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions consistently show a local-only tool that reads OpenClaw session files under ~/.openclaw and renders them as an HTML viewer; nothing requests unrelated credentials or network access.
Guidance: This skill appears coherent and local-only: it reads OpenClaw session logs under ~/.openclaw and writes an HTML viewer. Before running it, (1) review the full script (including the truncated HTML generation portion) yourself to confirm there are no network calls or subprocess executions; (2) run with --list first to confirm available sessions; (3) be aware that session logs can contain sensitive user data or secrets, so only open the generated HTML in a trusted browser and on a trusted machine; (4) because no installer is provided, place the script under the referenced ~/.openclaw/skills/session-viewer/scripts/ path or run it directly from a checked location. If you want extra caution, run the script in a restricted/sandboxed account or container. If you can provide the remainder of the script (the truncated tail), I can re-check that portion for network/subprocess activity to raise confidence further.

Review Dimensions

Purpose & Capability: okThe name/description (session viewer / HTML viewer for conversation sessions) matches the script's behavior: it reads session JSONL files under ~/.openclaw/agents/<agentId>/sessions and builds an interactive HTML report. No unrelated resources (cloud creds, external APIs, unrelated binaries) are requested.
Instruction Scope: okSKILL.md instructs running the bundled Python script and points to the same local session paths the script uses. The script only opens and parses local session files and builds an HTML string; there are no instructions to read other system files, environment variables, or to transmit data to external endpoints in the visible code.
Install Mechanism: okThere is no install spec (instruction-only skill with one included script). That minimizes installation risk. The SKILL.md references a path under ~/.openclaw/skills/... but no installer is provided — this is a usability note, not a security mismatch.
Credentials: okThe skill declares no required environment variables, credentials, or config paths beyond the local ~/.openclaw session directory that is necessary for its stated purpose. The script's imports are standard library modules (json, os, argparse, pathlib, datetime); no secret-bearing env vars or unrelated credentials are requested.
Persistence & Privilege: okThe skill is not always-enabled and uses normal model invocation defaults. It does not request system-wide persistence or modify other skills' configs in the visible code.