Agent Session State
v2.1.4Per-channel session isolation, Write-Ahead Log (WAL) protocol, and working buffer management. Prevents cross-session interference, captures decisions and fac...
⭐ 0· 153·0 current·0 all-time
byRich@richgoodson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description ask for per-channel durable session state and WAL behavior; the skill only requires the openclaw binary and declares read/write access to workspace memory paths (memory/sessions/, memory/working-buffer.md, memory/topics/, memory/daily/, MEMORY.md). Those dependencies and paths are coherent with the described purpose.
Instruction Scope
Instructions (excerpt provided) focus on writing per-channel markdown files, a working buffer, and WAL entries before responding — all within declared workspace paths. This is consistent. However the guidance uses open-ended phrases like 'use your judgment' about when to log, which grants the agent broad discretion about what to persist; that can lead to over-recording of sensitive context unless policies or quotas are defined. Also the SKILL.md supplied here was truncated, so I couldn't verify there are no other instructions that reach beyond the declared paths.
Install Mechanism
Instruction-only skill with no install spec and no code files. Lowest-risk install model; nothing is downloaded or written at install time beyond agent runtime writes described in metadata.
Credentials
No environment variables, credentials, or external service tokens requested. The skill declares only filesystem workspace paths and the openclaw binary requirement, which are proportionate to its function.
Persistence & Privilege
Does not request always:true or elevated platform privileges. It writes and reads its own workspace paths (declared in metadata) and does not claim to modify other skills or global agent settings. It does ask to set restrictive filesystem permissions (chmod 700) which is reasonable to protect per-session files.
Assessment
This skill is internally coherent for maintaining per-channel session state and WAL files, but keep a few operational cautions in mind:
- The skill will persist agent-authored session files in your agent workspace. Those files may contain sensitive user data or decisions; ensure the workspace (and any backups or sync targets) is trusted and access-restricted.
- The SKILL.md uses 'use your judgment' to decide what to log. If you want stricter control, ask the author for explicit logging rules or add a policy that prevents logging of secrets (passwords, tokens, PII). Consider periodic review/rotation or automated redaction of session files.
- Ensure memory/sessions/ is not synced to external services unless you intend it; set directory permissions as recommended (chmod 700) and audit file contents after use.
- Because the provided SKILL.md was truncated in the package you gave me, consider reviewing the full SKILL.md before installing to confirm there are no instructions that read/write outside the declared paths or call external endpoints.
If those checks are acceptable, the skill appears to do what it says and does not request disproportionate privileges.Like a lobster shell, security has layers — review code before you run it.
latestvk973yskagegbfxgvbjqswkkvph84n8h0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsopenclaw