openclaw-session-viewer
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script uses system commands (
open,cmd /c start,xdg-open) to automatically open the generated HTML session viewer in the default web browser after creation. - [DATA_EXFILTRATION]: The tool reads local agent transcript files (JSONL) and generates a self-contained HTML file containing that data. While it processes sensitive logs, it only writes to local storage (defaulting to
/tmpor the project directory) and does not perform any network operations to send data externally. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted transcript data (ingested in
scripts/session-viewer.ts) that may contain malicious instructions or payloads. The code implements significant sanitization, including HTML escaping and a custom markdown renderer in the generated HTML template (scripts/html.ts), to prevent Cross-Site Scripting (XSS) when rendering untrusted text and images.
Audit Metadata