ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

vardoger — Analyze History

v0.3.1

Use when the user asks to personalize their assistant, to use vardoger, or to analyze their OpenClaw conversation history. Runs the vardoger CLI to read past...

0· 97·0 current·0 all-time
by@dstrupl

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for dstrupl/vardoger-analyze.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "vardoger — Analyze History" (dstrupl/vardoger-analyze) from ClawHub.
Skill page: https://clawhub.ai/dstrupl/vardoger-analyze
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: vardoger
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install vardoger-analyze

ClawHub CLI

Package manager switcher

npx clawhub@latest install vardoger-analyze
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description say it will run the vardoger CLI to read conversation history and produce personalization; the SKILL.md requires the vardoger binary and issues vardoger commands. Requiring the vardoger CLI and reading session directories is coherent with the stated purpose.
Instruction Scope
The instructions explicitly tell the agent to run vardoger prepare/status/synthesize/write and to read conversation data from platform session directories (examples: ~/.codex/sessions/, ~/.claude/projects/, ~/.openclaw/agents/). They also instruct the user to approve vardoger commands with write access beyond the workspace and to pipe the generated personalization into vardoger write, which will write into platform rules files. This stays within the claimed purpose (analyze history and write personalization) but grants the skill access to broad user data and to modify platform rule/skill files; the user should expect and approve that.
Install Mechanism
This is an instruction-only skill with no install spec. The SKILL.md suggests installing vardoger via pipx (or running via uvx), which are normal user-level install suggestions. The skill itself does not download or write code.
Credentials
No environment variables or credentials are requested, which aligns with the task. However, the CLI will read session directories in the user's home, which can contain sensitive conversation content (and potentially other config files). The absence of declared credentials is appropriate, but filesystem access is effectively the required privilege.
!
Persistence & Privilege
The SKILL.md documents that vardoger will create a checkpoint at ~/.vardoger/state.json and write the final personalization into platform rule files (examples include .openclaw/skills/vardoger-personalization/SKILL.md or other platform rules). That means the CLI modifies agent/platform configuration and can persist state on disk. While this is consistent with producing a personalization, it is a higher privilege (modifying agent rules and creating files under agent directories). Combined with autonomous invocation being allowed by default on the platform, this increases the blast radius and warrants user confirmation and review of the written files.
What to consider before installing
This skill runs a local CLI (vardoger) that will read your conversation history and write a personalization file into your agent/platform directories. That behavior matches the skill's description, but it requires granting read access to session directories and write access to platform rule/skill locations (files under ~/.vardoger, ~/.openclaw, ~/.claude, ~/.codex, etc.). Before installing or approving commands: 1) Confirm you trust the vardoger project (review the GitHub repo and code). 2) Back up any agent/rules files you care about. 3) When asked to allow commands that write outside the workspace, only approve if you expect the skill to modify agent rules; otherwise deny. 4) Consider running vardoger in an isolated environment (container/VM) if you want to avoid giving it direct access to your main agent config. 5) Note that no credentials are requested by the skill, but the CLI will process potentially sensitive conversation text — treat outputs accordingly and inspect the generated personalization file before using it. If you need more assurance, ask for a description of exactly which paths will be read/written on your host and for a dry-run that prints intended write operations without performing them.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsvardoger
latestvk97ak6n0cc882ajv2x9tb9s7gs85ekp4
97downloads
0stars
2versions
Updated 3d ago
v0.3.1
MIT-0
@dstrupl
latest
Download

Analyze conversation history and generate personalized instructions

Use this skill to read your OpenClaw conversation history, extract behavioral patterns, and generate personalized instructions that help the assistant better understand your preferences and working style.

How it works

vardoger prepares your conversation history in batches. You (the assistant) summarize each batch for behavioral signals, then synthesize all summaries into a personalization. vardoger writes the result.

Sandbox note (read before running any command)

vardoger reads and writes files outside the current workspace:

  • Reads conversation history from the platform's session directory (e.g. ~/.codex/sessions/, ~/.claude/projects/, ~/.cursor/projects/, ~/.openclaw/agents/).
  • Writes a checkpoint state file to ~/.vardoger/state.json (created on first run).
  • Writes the final personalization to the platform's rules file (e.g. ~/.codex/AGENTS.md, ~/.claude/rules/vardoger.md, .cursor/rules/vardoger.md, ~/.openclaw/skills/vardoger-personalization/SKILL.md).

When the host asks to approve a vardoger command, approve it with write access beyond the workspace. Otherwise the first vardoger prepare call will fail with PermissionError: ... ~/.vardoger/state.tmp because the sandbox blocks writes outside the current working directory.

Steps

1. Verify vardoger is installed

if ! command -v vardoger >/dev/null 2>&1; then
  cat <<'INSTALL_EOF'
vardoger CLI is not installed.

This skill calls the vardoger CLI to read your conversation history and
write a personalization file, so the CLI must be on PATH.

Install options:

  # Recommended:
  pipx install vardoger

  # Or run without installing:
  uvx vardoger --help

If you do not have pipx, see https://pipx.pypa.io/stable/installation/.

Project page: https://github.com/dstrupl/vardoger

After installing, re-run the personalization request.
INSTALL_EOF
  exit 1
fi

2. Check if a refresh is needed

vardoger status --platform openclaw --json

If the output shows "is_stale": false, tell the user their personalization is up to date and ask if they want to re-run anyway. If stale or never generated, continue with the analysis.

3. Get batch metadata

vardoger prepare --platform openclaw

This prints JSON like {"batches": 3, "total_conversations": 29}. Note the number of batches. Tell the user: "Found N conversations in M batches. Analyzing..."

4. Summarize each batch

For each batch number from 1 to N, run:

vardoger prepare --platform openclaw --batch 1

The output contains a summarization prompt and conversation data. Read the output carefully and produce a concise bullet-point summary of the behavioral signals you observe in that batch. Keep your summary for later.

Tell the user which batch you are processing: "Analyzing batch 1 of N..."

Repeat for all batches (--batch 2, --batch 3, etc.).

5. Get the synthesis prompt

vardoger prepare --platform openclaw --synthesize

6. Synthesize the personalization

Following the synthesis prompt, combine all your batch summaries into a single personalization. The output should be clean markdown with actionable instructions for an AI assistant.

7. Write the result

Pipe your personalization to vardoger:

echo "YOUR_PERSONALIZATION_HERE" | vardoger write --platform openclaw --scope global

Replace YOUR_PERSONALIZATION_HERE with the actual personalization markdown you generated.

8. Report to the user

Tell the user what was written and where. Mention they can ask you to re-run vardoger any time to update the personalization.

When to use

  • When the user asks to personalize their assistant
  • When the user asks to analyze their conversation history
  • When the user mentions "vardoger"

Comments

Loading comments...