ClawHub

Session Resume

v1.0.0

会话恢复。Gateway 重启或 session 中断后,自动恢复任务上下文并向用户汇报进度。通过 .task-state.json 持久化任务状态,确保长时间任务不会因断线而丢失。触发词:恢复任务、resume、任务状态、断线恢复、session resume。也可在每次 session 启动时自动检测。

0· 71·1 current·1 all-time
by@wavmson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and runtime instructions all focus on saving/restoring a .task-state.json file in the OpenClaw workspace to resume long-running tasks. There are no unrelated env vars, binaries, or install actions demanded — the declared capabilities match what is needed for this functionality.
Instruction Scope
SKILL.md explicitly instructs the agent to read/write ~/.openclaw/workspace-main/.task-state.json and to be invoked at session start (recommended insertion into AGENTS.md). This is in-scope for a resume feature, but the instructions do not mention any protections for sensitive data stored in the state file (encryption, redaction, or access controls), which means sensitive context could be persisted unintentionally.
Install Mechanism
There is no install spec embedded in the skill (instruction-only). README suggests installing from ClawHub or cloning a GitHub repo; those are expected and do not embed arbitrary download/execution logic in the skill itself.
Credentials
The skill requests no credentials or special environment variables, which is appropriate. However, it persists 'context' fields that may contain file paths, config values, or intermediate results; storing such data locally can expose secrets if users or other processes can access the workspace file. The lack of guidance about redaction or file permissions is a proportionality concern to consider.
Persistence & Privilege
The skill does not request elevated privileges, does not set always:true, and only recommends being invoked at session start. Its suggested behavior — reading/writing a state file in the user's OpenClaw workspace — is a normal level of persistence for this feature.
Assessment
This skill appears to do what it says (save/restore a .task-state.json to resume long-running tasks). Before installing: 1) Verify the source (check the GitHub repo / ClawHub package owner) since README points to an external repo. 2) Inspect any example or existing .task-state.json files to see what 'context' they store; avoid saving secrets (API keys, passwords, private keys) into task state. 3) Limit file access (store the file under ~/.openclaw with restrictive permissions, e.g., chmod 600) or consider adding encryption/redaction if your tasks include sensitive data. 4) If you enable automatic detection at session start (editing AGENTS.md), be aware the agent will read the state file automatically — ensure only trusted agents run on that host. 5) If you need stronger guarantees, request that the skill include explicit redaction/encryption steps or only record non-sensitive metadata. These precautions will reduce the chance of accidentally persisting sensitive information.

Like a lobster shell, security has layers — review code before you run it.

latestvk976tejj7dr0f91j7gpnne2yhd840q9j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments