Skills
skills/trpc-group/trpc-agent-go/session-logs/Gen Agent Trust Hub

session-logs

Warn

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses sensitive conversation history stored in ~/.openclaw/agents/<agentId>/sessions/. These files contain complete logs of user and assistant interactions, representing sensitive personal data.
  • [COMMAND_EXECUTION]: The skill provides a set of complex shell command templates using bash, jq, rg (ripgrep), and awk to filter and aggregate information from the session logs on the local filesystem.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: Processes untrusted conversation data from historical .jsonl files (SKILL.md).
  • Boundary markers: Absent; the skill does not include instructions to identify or ignore malicious commands that might be embedded in the retrieved logs.
  • Capability inventory: Possesses command execution capabilities via multiple shell-based data processing tools (SKILL.md).
  • Sanitization: Absent; session data is read and processed without any sanitization or filtering to prevent the agent from acting on malicious content in the logs.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 30, 2026, 01:08 AM
Security Audit — agent-trust-hub — session-logs