Chat History
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate local chat-archive skill, but it broadly and persistently copies OpenClaw chat history into searchable local files, so users should review its privacy scope before installing.
Install only if you intentionally want all OpenClaw conversations archived locally. Before enabling automatic archiving, check where archives are stored, whether you can exclude channels or sensitive sessions, how to stop the scheduler, and how to delete retained archives. Treat retrieved historical chat text as untrusted context, not as instructions the agent should automatically follow.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your full OpenClaw chat history, including potentially sensitive content, can be copied into searchable local archive files that may outlive the original sessions.
The code reads every OpenClaw session JSONL file from the local session store and archives parsed messages into the conversation-archives directory.
SESSIONS_DIR = os.path.join(OPENCLAW_DIR, "agents/main/sessions") ... jsonl_files = [f for f in os.listdir(SESSIONS_DIR) if f.endswith('.jsonl')]Only enable this if you are comfortable archiving all sessions. Add or request controls for explicit opt-in, channel/path scoping, sensitive-content redaction, retention limits, and a clear delete/export management command.
After being enabled, the skill can keep archiving chats in the background rather than only when you manually ask.
The documentation describes a scheduled task plus automatic catch-up archiving on later OpenClaw startup.
每天23:59 ... 定时任务触发 ... → 归档今天未归档的对话 ... 下次启动OpenClaw时 → 自动检测未完成归档 → 补归档历史对话
Confirm the scheduled task before enabling it, verify the stop/remove command actually removes the scheduler entry, and add a clear option to delete retained archives.
Overconfident safety wording may make users overlook the privacy impact of archiving all local chat history.
The skill makes strong self-authored safety claims. The artifacts also include scheduled execution behavior and an old hard-coded shell helper, so users should rely on the actual reviewed behavior rather than blanket safety assurances.
安全承诺:- ✅ 无系统命令执行 - ✅ 无网络请求(纯本地操作) - ✅ 无硬编码API keys - ✅ 无上传数据到服务器
Replace broad 'safe to use' claims with precise disclosures: what files are read, what files are written, how scheduling works, and how users can limit or remove archives.
It is harder to verify provenance, updates, and maintenance for code that handles private chat archives.
The registry metadata does not identify a source or homepage and does not declare an install mechanism, despite the package containing runnable scripts and documentation for scheduled operation.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Prefer installing from a verifiable repository or package source, and ensure metadata declares required binaries, local data paths, and scheduled-job behavior.