session-logs
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides complex shell command templates (utilizing jq, rg, awk, and bash loops) to perform data aggregation and search tasks on session logs.
- [DATA_EXPOSURE]: The skill is designed to read conversation logs stored at
~/.openclaw/agents/<agentId>/sessions/. This is the intended primary purpose of the skill and does not involve accessing sensitive system files (like SSH keys or environment variables) or credentials. - [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from previous session logs.
- Ingestion points: Local
.jsonlfiles in~/.openclaw/agents/<agentId>/sessions/. - Boundary markers: None provided in the command templates.
- Capability inventory: The agent can run arbitrary shell commands via bash, jq, and ripgrep.
- Sanitization: None; the skill relies on the structured nature of JSONL and the specific filtering logic of jq.
- Assessment: While logs contain previously generated content, the use of search and filter tools for analysis is a standard functional requirement with low risk of accidental instruction execution.
Audit Metadata