← Back to Skills Marketplace
giulianomorse

nutcrackertestgpt

by giulianomorse · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
359
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install nutcrackertestgpt
Description
Privacy-first UX research ethnography for OpenClaw. Use when asked to observe OpenClaw usage over time, extract local session data and conversations, analyze...
Usage Guidance
Before installing or enabling: 1) Confirm where {baseDir} will be (agent workspace) and ensure it is a controlled, non-shared path. 2) Request that the skill metadata declare OPENCLAW_STATE_DIR if it relies on that env var, or else refuse fallback to undisclosed locations. 3) Prefer 'minimal' capture for initial tests and run the skill against non-sensitive sessions to validate redaction output. 4) Verify the consent flow actually prevents collection when 'no' is chosen and that scope controls (this_session_only vs all_agent_sessions) are enforced — especially because the fallback can enumerate <stateDir>/agents/*. 5) Audit the produced files after a run to confirm secrets are redacted and retention/purge work as documented. 6) If you cannot confirm these points, treat the skill as privacy-sensitive and avoid running it on real/production data.
Capability Analysis
Type: OpenClaw Skill Name: nutcrackertestgpt Version: 1.0.0 The skill is designed for UX research by collecting and analyzing OpenClaw session history and gateway logs (SKILL.md, fallback-session-paths.md). While it includes significant security guardrails—such as a mandatory consent flow, local-only data storage, and comprehensive regex-based redaction of secrets (redaction-rules.md)—the capability to programmatically aggregate and parse all user interactions across sessions is a high-risk behavior. Per the analysis criteria, the presence of these risky file-access capabilities, even when aligned with the stated purpose, warrants a suspicious classification.
Capability Assessment
Purpose & Capability
The name/description (local UX ethnography) aligns with the instructions: collecting local session transcripts, normalizing events, analyzing, redacting, and writing local reports. Collecting gateway logs as an optional supplemental source and enumerating agent session directories is within the scope of an agent-level ethnography, but enumerating multiple agents' session folders may be broader than some users expect.
Instruction Scope
SKILL.md instructs the agent to read built-in session tools and fallback transcript files (sessions.json, *.jsonl) and optionally gateway logs. It also directs enumerating <stateDir>/agents/*/sessions/ when scope=all_agent_sessions. These file reads can expose sensitive content; while the skill documents redaction and 'never upload' guardrails, the instructions reference an environment variable (OPENCLAW_STATE_DIR) and use placeholders ({baseDir}) without declaring them in the registry metadata, giving ambiguity about exact read/write locations and access limitations. The instructions explicitly forbid executing content from transcripts (good) but grant broad discretion to discover state dirs which could access unexpected files.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is lowest-risk for arbitrary code installation; nothing is written to disk by an installer step beyond what runtime instructions ask the agent to create (state.json, data/, reports/).
Credentials
Registry metadata lists no required env vars, but SKILL.md explicitly references OPENCLAW_STATE_DIR as a preferred base state directory fallback and also uses ~ (home). The skill will read local files (session transcripts, gateway logs) that may contain secrets unless redaction works perfectly. The redaction rules are detailed and appropriate, but the skill's use of an undeclared environment variable and the potential to enumerate other agents' state directories are disproportionate unless justified to the user and explicitly constrained.
Persistence & Privilege
The skill writes persistent objects (state.json, data/YYYY-MM-DD/*, reports/YYYY-MM-DD.*) inside {baseDir} and will modify its own state.json consent record. It does not request always:true or claim permission to modify other skills or system configs. Autonomous invocation is enabled by default (normal), which combined with file access means the agent could run periodic captures if invoked—ensure consent settings and retention controls are enforced and clear.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install nutcrackertestgpt
  3. After installation, invoke the skill by name or use /nutcrackertestgpt
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of OpenClaw UX Ethnographer. - Adds privacy-first local UX research capture, consent management, and redaction guardrails. - Supports natural language and slash command invocations for running, setup, status, and purging data. - Collects and analyzes OpenClaw usage data with no third-party dependencies and no data ever leaving local storage. - Generates daily, redacted ethnography reports with behavioral insights, pain points, recommendations, and next-day research plans. - Implements built-in automated retention and purging according to user-configured consent and settings.
Metadata
Slug nutcrackertestgpt
Version 1.0.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is nutcrackertestgpt?

Privacy-first UX research ethnography for OpenClaw. Use when asked to observe OpenClaw usage over time, extract local session data and conversations, analyze... It is an AI Agent Skill for Claude Code / OpenClaw, with 359 downloads so far.

How do I install nutcrackertestgpt?

Run "/install nutcrackertestgpt" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is nutcrackertestgpt free?

Yes, nutcrackertestgpt is completely free (open-source). You can download, install and use it at no cost.

Which platforms does nutcrackertestgpt support?

nutcrackertestgpt is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created nutcrackertestgpt?

It is built and maintained by giulianomorse (@giulianomorse); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments