ClawHub

Conversation Archiver

v1.0.0

Archive completed conversations and projects. Use on project completion, resolved threads, or when asked to archive a conversation. Writes structured summari...

0· 326·1 current·1 all-time
by@npfaerber
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the instructions to write archive files and update memory/tasks. However, the SKILL.md mentions optionally posting to Discord and marking tracked tasks complete without specifying how (webhook vs bot token, which task system), so required capabilities for those features are not declared.
!
Instruction Scope
Instructions explicitly direct the agent to write files under archive/ and to append to memory/YYYY-MM-DD.md and to mark tasks complete. They also permit posting summaries to a Discord channel and linking full files. That allows exfiltration of full conversation contents unless posting behavior and auth are constrained. The instructions are vague about what 'mark it complete' means (which external systems, APIs, or files), giving the agent broad discretion.
Install Mechanism
Instruction-only skill with no install spec or downloaded code; nothing will be written to disk by an installer. This minimizes supply-chain risk.
!
Credentials
The skill requests no environment variables or credentials in metadata, but runtime behavior (posting to Discord, updating external task trackers) will require credentials (webhook URL, bot token, API keys). The absence of declared credentials is an inconsistency and could lead the agent to reuse unrelated tokens or prompt for/seek secrets at runtime.
Persistence & Privilege
always:false and no install means the skill does not demand permanent presence or elevated platform privileges. It does require write access to the workspace (archive/ and memory/ files), which is normal but should be limited to intended paths.
What to consider before installing
This skill is plausible for archiving, but it leaves important details unspecified. Before installing or using it, confirm: (1) exactly where the agent will write files and restrict its filesystem permissions to that directory; (2) how Discord posting is authenticated—prefer a single-use webhook URL stored explicitly (e.g., ARCHIVE_DISCORD_WEBHOOK) rather than allowing the agent to access arbitrary tokens; (3) what 'mark task complete' means (which task system or file) and supply only the minimal API access required; (4) require the agent to ask for explicit user confirmation before posting any archive text outside the workspace; and (5) review archived content for sensitive data before any external posting. If possible, update SKILL.md/metadata to declare required env vars (Discord webhook or bot token, task-system creds) and to narrow the described scope.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d8w43fdenvekwyt1x5hxbd5821c7h

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments