← Back to Skills Marketplace
291
Downloads
1
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install openclaw-history-viewer
Description
启动一个 web 服务来浏览和查看 OpenClaw 的历史聊天记录。支持会话列表、消息详情查看、JSON API 导出、自动会话备份、刷新功能。使用场景:当用户想要查看、浏览、搜索或导出 OpenClaw 的聊天历史记录时触发此技能。触发词包括:"启动历史记录"、"打开聊天记录"、"查看历史"、"启动 hist...
Usage Guidance
This skill largely does what it says: starts a local web server to view OpenClaw session files and can create backups. Before installing or running it, do the following: 1) Inspect the remainder of history_server.py (the truncated portion) to confirm whether the HTTP server binds only to localhost (127.0.0.1) or to all interfaces — you should ensure it binds to localhost if you don't want remote access. 2) Search the code for any POST/DELETE endpoints or handlers that expose delete_session or file-write operations via HTTP; if present, confirm whether they require authentication or are intentionally disabled. 3) If you plan to run it, run as your regular (non-root) user and not on a publicly routable interface; consider using firewall rules or an SSH tunnel if you need remote access. 4) Backup scripts write to ~/.openclaw/workspace/history/ and create/modify backup_index.json; if you keep sensitive data, review those files and permissions. If you are not comfortable auditing the full server code (especially missing parts), treat this as potentially risky and avoid running it on production or multi-user machines.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-history-viewer
Version: 1.1.1
The skill bundle provides a web-based viewer for OpenClaw chat history but contains significant security vulnerabilities and documentation discrepancies. While the functionality aligns with its stated purpose, `history_server.py` binds the web server to all network interfaces ('0.0.0.0'), directly contradicting the 'local access only' claim in `SKILL.md` and potentially exposing sensitive chat logs to the network. Furthermore, the server includes a session deletion feature (`/api/delete`) that lacks any authentication or CSRF protection, allowing for unauthorized data destruction. These flaws, while likely unintentional, constitute high-risk behaviors in a tool handling private conversation data.
Capability Assessment
Purpose & Capability
Name/description match the files: scripts read ~/.openclaw session files, present a local web UI, and provide backup scripts. Access to those local paths is necessary for the stated purpose.
Instruction Scope
SKILL.md instructs running the included Python server locally and backup scripts; however the server code contains a delete_session function (deletes session files and .reset. backups) that is not documented in SKILL.md. The runtime instructions claim local-only access (localhost) but do not show or verify the server's bind address or any access control/authentication. That combination (undocumented destructive actions + unclear exposure) is a scope and safety concern.
Install Mechanism
No external install/downloads or package installs; skill is instruction-only with bundled Python scripts. Nothing is pulled from arbitrary URLs. Files run locally, so risk is limited to local file operations.
Credentials
The skill reads and writes only to OpenClaw data directories under the user's home (~/.openclaw) and a backup workspace (~/.openclaw/workspace/history), which is proportionate. It does modify files (backups, backup_index.json) and may delete session files; these write/delete permissions are expected for backup tooling but should be explicit and confirmed by the user.
Persistence & Privilege
Skill does not request persistent platform privileges (always=false). It runs as a local process and stores backups under user's home; no modification of other skills or global agent settings detected in provided files.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-history-viewer - After installation, invoke the skill by name or use
/openclaw-history-viewer - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
openclaw-history-viewer v1.1.1
- 新增“刷新”按钮,可一键重新加载聊天数据且保持当前阅读位置
- 界面顶部增加 favicon 对话气泡图标,所有页面统一显示
- 优化界面布局,移除冗余标题,使内容更紧凑
- 刷新操作有加载指示与自动恢复滚动条位置
- 其它小幅文档与界面改进
v1.1.0
新增删除会话功能:支持删除备份会话,灰色删除按钮内嵌在元数据行,当前活跃会话不可删除
v1.0.0
OpenClaw History Viewer 1.0.0
- 新增通过 web 界面浏览和查看 OpenClaw 聊天历史记录的完整服务,支持会话列表和消息详情展示
- 提供两种视图:现代化聊天视图(类微信风格)与传统 Raw 表格视图
- 支持自然语言、命令行和后台三种方式启动
- 集成 JSON API,实现会话列表和会话详情导出
- 聊天详情支持工具调用、思考过程、类型分色显示,且移动端友好响应式布局
- 明确了会话记录的数据目录结构和消息类型支持
Metadata
Frequently Asked Questions
What is Openclaw History Viewer?
启动一个 web 服务来浏览和查看 OpenClaw 的历史聊天记录。支持会话列表、消息详情查看、JSON API 导出、自动会话备份、刷新功能。使用场景:当用户想要查看、浏览、搜索或导出 OpenClaw 的聊天历史记录时触发此技能。触发词包括:"启动历史记录"、"打开聊天记录"、"查看历史"、"启动 hist... It is an AI Agent Skill for Claude Code / OpenClaw, with 291 downloads so far.
How do I install Openclaw History Viewer?
Run "/install openclaw-history-viewer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw History Viewer free?
Yes, Openclaw History Viewer is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Openclaw History Viewer support?
Openclaw History Viewer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Openclaw History Viewer?
It is built and maintained by lengyhua (@lengyhua); the current version is v1.1.1.
More Skills