context-manager

[Skill Scanner] Installation of third-party script detected This skill's stated purpose and capabilities are internally consistent: it legitimately reads session JSONL, requests an AI-generated summary via the clawdbot agent CLI, backs up the JSONL, deletes the original JSONL (reset), and injects the summary into a new session. The main risks are operational (destructive deletion) and privacy (sensitive session data stored in plaintext backups and re-injected summaries). There are no signs of external credential exfiltration, obfuscated/malicious code, or third-party download-execute chains in the provided fragment. Treat this tool as useful but high-privilege: require operator confirmation before destructive actions, protect the backup directory, and avoid suppressing stderr in production runs. LLM verification: Functionally, the skill implements session summarization and compaction as documented and contains no explicit malicious constructs. Primary security concerns are operational: it reads entire session histories (potentially sensitive) and can delete live session JSONL files. The summarization step may send sensitive data to an external model/provider depending on the gateway configuration, which is the main exfiltration risk. Improve safety by adding confirmation for destructive operations, backu