Oversee Agent Management
ReviewAudited by ClawScan on May 13, 2026.
Overview
This telemetry plugin is transparent about sending agent data to Oversee, but it needs review because any agent chat can enable capture of full message and tool output content.
Install only if you want gateway-level telemetry sent to a trusted Oversee endpoint. Review SOUL.md, IDENTITY.md, and AGENTS.md for secrets first, keep readUserData and captureOutputs off unless needed, and make sure the `/oversee capture on` command cannot be used by untrusted users or agents.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent with access to an agent chat could turn on capture of sensitive messages and tool results, causing private data or secrets returned by tools to be sent to the configured endpoint.
This shows a runtime command can enable sending message text, responses, and tool results. The artifacts do not show admin-only gating or a confirmation step, and the command is described as usable from any agent chat.
`captureOutputs: false` is the default. When you set it to `true`... actual content... You can flip the flag at runtime in any agent's chat with `/oversee capture on`
Only install this where `/oversee capture on` is restricted to trusted administrators or where users are comfortable with full content capture if it is enabled.
Agent instructions and identity files may leave the local machine and become visible to the configured Oversee service.
Agent identity and instruction files are persistent agent context and may contain sensitive operating instructions or secrets. The plugin discloses that these files are exported at startup.
the contents of each agent's `SOUL.md`, `IDENTITY.md`, and `AGENTS.md`... sends them to Oversee... they leave your machine
Review and redact agent identity files before enabling the plugin, and only point the endpoint at an Oversee instance you trust.
Anyone who obtains the API key could potentially send telemetry to the user’s Oversee account or impersonate this gateway to that service.
The plugin uses an Oversee API key for telemetry export. This is expected for the integration, but it is still a credential that should be protected.
`apiKey` ... Sent as the `X-Oversee-Api-Key` header on every export
Store the key in a secret manager or protected environment variable, scope it to telemetry use, and rotate it if exposed.