session-logs
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates on local session logs stored in the agent's dedicated directory (~/.openclaw/agents/). No network operations or external data transmissions were detected.
- [COMMAND_EXECUTION]: The skill provides various shell commands using jq, rg, and awk to process JSONL files. These commands are used for legitimate log analysis tasks such as searching, summarizing costs, and counting messages.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes untrusted data from historical session logs.
- Ingestion points: Session log files located at
~/.openclaw/agents/<agentId>/sessions/*.jsonlare read and processed by the agent (SKILL.md). - Boundary markers: There are no explicit markers or instructions provided to differentiate between the log data and the agent's current instructions.
- Capability inventory: The agent has access to shell commands (jq, rg, awk) to process and display the content of these logs (SKILL.md).
- Sanitization: No sanitization or filtering of the text content within the logs is performed before it is returned to the agent's context.
- [SAFE]: No hardcoded credentials, obfuscated code, or unauthorized file access patterns were found in the skill instructions.
Audit Metadata