Smart Context Manager
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or autonomous use of the replacement command could reset the active session and alter the agent's future context, though the skill says it creates a backup.
The skill exposes a destructive session-state mutation workflow. It is disclosed and purpose-aligned, but it can reset and rewrite an OpenClaw session without an explicit confirmation step shown in the artifacts.
Compress session: generate summary, reset, inject (DESTRUCTIVE) ... Reset: Deletes the JSONL file ... Inject: Sends the AI-generated summary as the first message in the fresh session
Use --replace only after explicit user approval, require a specific session key, and add a confirmation or dry-run mode before deleting or reinjecting session context.
Important details may be omitted or distorted, and unwanted instructions from the old session could become part of the new session's working memory.
A model-generated summary of prior conversation is persisted and reused as the new session's initial context, which can carry forward mistaken, stale, or adversarial instructions from the previous context.
AI Summarization: Sends a prompt to the agent asking it to summarize its own context ... Inject: Sends the AI-generated summary as the first message in the fresh session
Review the generated summary before reinjection, strip secrets and instructions that should not persist, and consider separating factual summaries from executable guidance.
A single targeting mistake could reset or rewrite an unintended OpenClaw session, potentially disrupting future work in that session.
The helper supports operating on the most recently updated session when no explicit target is provided. If combined with reset/replacement behavior, an omitted or wrong target could affect the wrong session.
if [[ -z "$target_session" ]]; then
# Get the most recently updated session
session_data=$(echo "$sessions_json" | jq -r '.sessions | sort_by(.updatedAt) | last')Require an explicit session key for destructive operations and show the selected session details before proceeding.
The script can act through the local OpenClaw gateway and interact with the user's agent sessions.
The skill uses the user's local OpenClaw authority to list sessions and send agent messages. This is expected for the purpose, but it is privileged local agent access.
Gateway access - Script uses `openclaw agent` and `openclaw sessions`
Install only if you trust the skill to use your local OpenClaw session authority, and avoid running it in environments where sessions contain sensitive material you do not want copied or summarized.
Users relying only on registry metadata may not realize the skill needs local CLI tools and session-state access.
The registry metadata does not declare dependencies or capability tags, even though the skill documentation and script require jq/openclaw and access local OpenClaw session state.
Required binaries (all must exist): none ... Install specifications: No install spec ... Capability signals: No capability tags were derived.
Declare required binaries and local state access in metadata so users can make an informed decision before running the script.