The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to perform file system operations, specifically deleting old .jsonl files and modifying the sessions.json file located in the user's home directory (~/.openclaw/agents/main/sessions/).
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Since the agent is required to process existing session files to rebuild the index, malicious instructions embedded in previously recorded sessions could potentially influence the agent's behavior during the cleanup process.
[DATA_EXPOSURE]: The skill accesses the ~/.openclaw/ directory, which contains session history and interaction data. Although this access is intended for maintenance, it involves handling sensitive user information.

openclaw-session-cleaner