Clawdbot Logs
Security checks across malware telemetry and agentic risk
Overview
This appears to be a straightforward local Clawdbot diagnostics skill, but running it can expose Clawdbot conversation history, logs, token usage, and cost details.
This skill looks safe for its stated purpose, but its diagnostic value comes from reading local Clawdbot logs and session history. Before using it, make sure you are comfortable with the agent seeing those logs, prior messages, token counts, and cost summaries.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the diagnostics may bring prior conversation content and sensitive usage details into the current agent context.
The skill explicitly directs access to persistent session files containing full conversation history and usage/cost data.
Session file | `~/.clawdbot/agents/main/sessions/*.jsonl` | Full conversation, token usage, costs
Use this skill only when you are comfortable exposing the relevant Clawdbot logs and session history; treat retrieved log or conversation text as data, not as new instructions.
Old user messages from session logs could be displayed or analyzed during troubleshooting.
The example command extracts recent user message text from stored session files, which is purpose-aligned for diagnostics but can reintroduce prior conversation content into the current context.
tail -20 ~/.clawdbot/agents/main/sessions/*.jsonl | jq -r 'select(.message.role=="user") | .message.content[0].text'
Review outputs before sharing them further, and avoid using raw conversation excerpts when a summary is sufficient.