Neckr0ik Session Healer
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill mostly matches its stated purpose, but its visible code can remove OpenClaw session locks without reliably proving the session is inactive, which could damage active sessions.
Use this only when you are confident a session lock is stale. Run check or a dry run first, avoid --force and unlock on sessions that may still be active, and back up ~/.openclaw before using recover. No network exfiltration or credential use is visible in the provided artifacts, but the lock-deletion safety behavior needs review.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
No VirusTotal findings for this skill version.
- Malicious
- 0
- Suspicious
- 0
- Harmless
- 0
- Undetected
- 65
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An active OpenClaw session could lose its lock, allowing concurrent writes and possible session corruption or lost context.
If a lock file has no parseable PID, the code marks it as not alive, and the heal/unlock flows remove lock files with unlink(). That can clear a lock without positively confirming the owning process is gone.
is_alive=False, # Assume stale if we can't find PID ... lock.lock_path.unlink()
Default to dry-run/check first, require explicit confirmation for deletion, add an age threshold, and do not delete locks when the process owner cannot be verified unless the user explicitly forces it.
A user may run the tool believing active sessions are always protected, when some code paths can still remove locks without a reliable live-process check.
The safety claim is stronger than the visible implementation: unlock removes a matching lock directly, and PID-less locks are assumed stale. This could cause users to over-trust the safety of mutating commands.
- Never clears locks for processes that are still alive (unless --force)
Update the documentation to describe the exact behavior and risks, and make the code enforce the documented safety guarantee for every mutating command.
Recovered sessions may have lines removed, changing the stored session history or context the agent later sees.
The recover command intentionally edits persistent OpenClaw session files. This is disclosed and purpose-aligned, but it affects stored agent session state.
Attempts to recover a corrupted session file: - Validates JSON lines - Removes corrupted lines - Creates backup before recovery
Use recovery only for the intended session, keep the backup, and review what changed before continuing important work.
It is harder to verify where the code came from or how the advertised command is installed.
The artifacts do not provide a source repository, homepage, or install wiring for the documented command. This limits provenance and packaging verification.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Review the included script before use and prefer a version with a clear source repository and reproducible install instructions.