← Back to Skills Marketplace
Session Logs Forensics
by
Daniel Sinewe
· GitHub ↗
· v1.0.0
· MIT-0
139
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install session-logs-forensics
Description
Analyze OpenClaw session JSONL history for cost spikes, tool-call anomalies, and behavior regressions with jq + rg.
Usage Guidance
This skill appears coherent and does what it claims: local forensic queries over OpenClaw session JSONL files using jq and rg. Before installing or running it, confirm you trust the operator invoking it because the skill reads full conversation history (sensitive content). Ensure you run it locally (no network steps are included), verify the agentId you supply to avoid scanning other agents, and confirm jq and rg on your system are the expected binaries (to avoid a malicious replacement). If you need stricter controls, run the commands manually or review the SKILL.md snippets before allowing autonomous invocation.
Capability Assessment
Purpose & Capability
Name/description match the required binaries (jq, rg) and the runtime instructions. The skill legitimately needs access to session JSONL files and uses jq/rg to analyze them; nothing requested is disproportionate to the stated forensics task.
Instruction Scope
Instructions explicitly tell the agent to read session files under ~/.openclaw/agents/<agentId>/sessions/ and run shell pipelines with jq/rg to compute costs, tool-call counts, and regressions. This is appropriate for forensic analysis, but it does mean the skill will read complete conversation history (sensitive data). There are no network exfiltration steps or references to other system credentials, but operator caution is warranted because it processes sensitive transcripts.
Install Mechanism
Instruction-only skill with no install spec and no downloads. Lowest-risk install profile; it assumes jq and rg are present on PATH, which matches the declared requirements.
Credentials
No environment variables, credentials, or config paths are requested beyond reading session files in the user's OpenClaw data directory. That file access is necessary for the described task and proportionate to the skill's purpose.
Persistence & Privilege
always is false, and the skill does not request any persistent system-wide changes or modification of other skills' configs. Autonomous invocation is allowed by default but not combined with other concerning privileges.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install session-logs-forensics - After installation, invoke the skill by name or use
/session-logs-forensics - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: forensic session-log analysis playbook for cost spikes, tool-call anomalies, and behavior regressions.
Metadata
Frequently Asked Questions
What is Session Logs Forensics?
Analyze OpenClaw session JSONL history for cost spikes, tool-call anomalies, and behavior regressions with jq + rg. It is an AI Agent Skill for Claude Code / OpenClaw, with 139 downloads so far.
How do I install Session Logs Forensics?
Run "/install session-logs-forensics" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Session Logs Forensics free?
Yes, Session Logs Forensics is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Session Logs Forensics support?
Session Logs Forensics is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Session Logs Forensics?
It is built and maintained by Daniel Sinewe (@danielsinewe); the current version is v1.0.0.
More Skills