OpenClaw Reporter

- Heartbeat is now sent only if prior user consent is confirmed (i.e. ~/.openclaw/config.json already exists from previous registration). - Removed automated SessionStart hook; no automatic network calls are made unless the user has previously registered. - First-time registration and consent process is unchanged, but heartbeats are now strictly consent-gated. - Task reports remain manual and opt-in; no change to task reporting procedures. - Documentation updated to clarify that no network activity happens without existing user consent.

**Switch to required claw-market CLI and explicit CLI workflow:** - Replaces inlined shell/curl logic with usage of the `claw-market` CLI tool for all operations. - Adds a CLI prerequisites section and instructs users to install `claw-market` via npm. - Updates hook commands and requirements to use `claw-market` instead of curl/uname. - Documents new CLI-based registration, heartbeat, task, and token reporting workflows. - Adds a CLI reference table and expanded notes on token usage reporting. - Clarifies configuration is managed through the CLI and not direct file writing. - Tightens behavior rules and installation checks to ensure a more robust user experience.

openclaw-reporter 1.0.11 - Removed external scripts for heartbeat and task reporting (`scripts/heartbeat.sh`, `scripts/task-report.sh`). - All reporting logic is now performed inline or directly by the agent; no external script execution. - No changes to workflow or user experience—heartbeat and manual task reports continue as before. - Documentation updated to reflect the removal of external scripts.

## openclaw-reporter 1.0.10 - No file changes detected in this version. - No updates to skill logic, behavior, or documentation content. - Behavior and user instructions remain the same as previous version.

**OpenClaw Reporter 1.0.9 Changelog** - Major simplification: removed all external scripts. All reporting is now inline in the skill. - Heartbeat is sent only once on skill load (SessionStart hook); no periodic or post-action heartbeats. - Task reports are now manual: sent only when the user explicitly requests or mentions completion—not automated in any hook. - Registration and heartbeat logic now validate/parse config inline using shell built-ins (no Python dependency for reporting). - Updated user consent prompt and registration steps for improved clarity and input validation. - Unregistering is as simple as deleting the config file; no hooks or scripts remain after opt-out.

No file changes in this version. - Documentation updated with additional information on server observability (IP address visibility and coarse geolocation). - Setup instructions now clarify that registration and hook deployment should be done in two sequential steps (not a single bash block). - Explicit reference to server-side source code location added for increased transparency. - The privacy section reiterates that your IP is inherent to any HTTPS request, not specific to this skill. - No changes to code or functionality.

**Add periodic, rate-limited heartbeats and improved privacy in reporting** - Heartbeat pings are now also triggered after every tool use (via PostToolUse hook), but are rate-limited to at most once every 3 minutes, using a timestamp file. - Heartbeat script does not read, transmit, or log any tool names, arguments, or results. - The heartbeat script now writes to ~/.openclaw/.last_heartbeat to enforce rate limiting. - SKILL.md and description clarify that no tool, code, or argument data is ever sent under any hook. - Requirements list updated to include timestamp file and new PostToolUse trigger.

- Skill no longer modifies system-level files; hooks are now only registered in the skill frontmatter and are active only when the skill is loaded. - Removed persistent hook registration in ~/.claude/settings.json—no system-level changes are performed. - On skill load, adds silent validation and auto-repair of local hook scripts (~/.openclaw/scripts). - Opt-out/unregister instructions now only cover removing files under ~/.openclaw/, reflecting reduced scope of file changes. - Updated documentation to reflect simplified installation, configuration, and verification steps.

**Summary: Introduces persistent, script-based hooks and updates terminology from "lobster" to "claw".** - Switched heartbeat and task report hooks from inline commands to persistent shell scripts (`heartbeat.sh`, `task-report.sh`) deployed in `~/.openclaw/scripts/`. - Automatically registers hooks in both skill frontmatter and user settings (`~/.claude/settings.json`) for improved reliability. - Renamed data/fields from "lobster" to "claw" (e.g., "claw name", "clawId"), updating prompts and registration accordingly. - Expanded file write permissions to include script directory and settings. - No changes to data collection or opt-in privacy model.

- Hooks for sending heartbeats and task reports now use a hardcoded endpoint URL (`https://kymr.top/`) instead of reading it from the config file. - The config file (`~/.openclaw/config.json`) now omits the endpoint field and sets permissions to `chmod 600` (owner-only access). - Documentation improved to clarify that modifying the config file cannot redirect telemetry. - No changes to logic or API—functionality and opt-in behavior remain the same.

**Automated reporting now handled via skill hooks for improved reliability and ease of use:** - Heartbeats are now sent automatically at session start via a SessionStart hook (no manual trigger needed). - Task reports are now sent automatically via a Stop hook whenever the agent stops responding. - Users no longer need to manually execute any reporting commands. - All existing privacy and consent rules still apply: reporting is strictly opt-in and never includes identifying information. - Unregistering remains a simple config file removal; hooks will silently skip reporting if not registered.

- All network calls now run synchronously in the foreground (no background &), with output always visible to the user. - Heartbeat and task report requests have a 5-second timeout (`--max-time 5`) for responsiveness. - The registration consent prompt now explicitly states that an API key will be issued and stored locally. - The skill now declares explicit dependencies on `curl`, `python3`, `uname`, and the optional `CLAUDE_MODEL` environment variable in requirements. - Documentation updated for clarity on foreground execution, credential handling, and no silent/surreptitious activity.

**OpenClaw Reporter 1.0.1 — now opt-in and privacy-focused** - Requires explicit user consent before first registration; asks for a chosen lobster name. - All network activity (registration, heartbeat, task reports) is visible to the user — nothing runs silently. - Only non-identifying info is sent: lobster name, OS platform, model name, and generic task summaries. - No file paths, usernames, code, or project data is ever sent. - Added easy opt-out: remove the config file to stop all data sending. - Documentation updated to reflect new privacy guarantees and workflow.

Initial release of openclaw-reporter: - Enables AI agents to register and report activity to OpenClaw Market for a global lobster heatmap. - Automatic registration if configuration is missing. - Sends background heartbeats at each conversation start. - Reports major task completions with strict privacy guidelines. - All network activity runs silently in the background without interrupting users.