← Back to Skills Marketplace
Session Janitor
by
halfdeadcat
· GitHub ↗
· v1.5.0
· MIT-0
218
Downloads
0
Stars
1
Active Installs
8
Versions
Install in OpenClaw
/install session-janitor
Description
Automated transcript trimming, LLM memory extraction, and session hygiene for OpenClaw gateways. Keeps transcripts from bloating, extracts structured memorie...
Usage Guidance
What to consider before installing:
- Scope & secrets: setup auto-reads your OpenClaw installation(s) (~/.openclaw*/openclaw.json) and uses each gateway's auth token to call the local API. That token is sensitive; the skill did not declare it up front. If you are uncomfortable granting that access, do not install.
- Persistence: setup will modify your crontab and install a user watcher service (systemd/launchd). These run automatically on your account and will perform file edits, trims, and LLM extraction without further prompts.
- Memory handling / possible exfiltration: despite a doc claim that memories go "only" to the mem DB, extract-llm.py also writes scene files and attempts to git commit/push them (if sceneFilesPath points inside a git repo). If that repo has a remote, extracted memories could be pushed off-machine. The skill also invokes the optional 'mem' CLI which may transmit data elsewhere depending on your mem setup. To reduce risk: leave memCli.disabled, do not set sceneFilesPath (or set it to a safe local directory not tracked by git), and inspect/disable git remotes if you enable scene files.
- Restart behavior: the watchdog can call restart scripts (paths are configurable). Review those scripts before enabling autoRestart; they could encapsulate arbitrary commands run automatically by the janitor.
- Inspect before enabling: review scripts/setup.sh, scripts/janitor.sh, scripts/extract-llm.py, and scripts/sidecar.py yourself. Consider running janitor in a dry-run environment (copy your sessions to a test dir) and run janitor.sh manually to observe behavior before allowing cron/service installs.
- Recommended mitigations: back up ~/.openclaw, disable llmExtraction or set maxPerRun=0 if you don't want automatic LLM calls, set memCli.enabled=false, leave sceneFilesPath empty, and check crontab and systemd user services after setup. If you accept this skill, be aware it will automatically modify and archive session transcripts and can persist extracted data outside the gateway unless you reconfigure it.
What would reduce my concern: explicit registry metadata declaring that the skill reads openclaw.json and gateway tokens, a documented opt-in for scene file git commits (or removal of automatic git push), and an explicit configuration/consent step for installing cron/systemd services and for any auto-restart behavior.
Capability Analysis
Type: OpenClaw Skill
Name: session-janitor
Version: 1.5.0
The session-janitor skill is a maintenance utility that performs transcript trimming and memory extraction, but it employs several high-risk patterns. The setup.sh script automatically harvests authentication tokens from all discovered OpenClaw gateway configurations in the user's home directory. Additionally, janitor.sh uses an unsafe 'eval' pattern to load configuration values, creating a shell injection vulnerability. The extract-llm.py script also includes logic to automatically git commit and push 'scene files' to a remote repository, which could be leveraged for data exfiltration.
Capability Assessment
Purpose & Capability
Name/description (transcript trimming, LLM extraction, session hygiene) match the included scripts. However the registry metadata claims no required config paths or credentials, while setup.sh and other scripts auto-discover and read ~/.openclaw*/openclaw.json (including gateway.auth.token) — a secret — without declaring it. Also SKILL.md/README claim memories go only to the mem DB and do not inflate context, but extract-llm.py also writes scene files and attempts to git commit/push them (durable storage). These undocumented reads/writes are inconsistent with the declared requirements.
Instruction Scope
SKILL.md and the scripts instruct the agent to: read user OpenClaw configs, modify sessions.json, move/rename session transcripts, create .toolcache files adjacent to transcripts, install cron entries and a systemd/launchd watcher service, call the gateway's chat/completions endpoint with the gateway token, run an LLM extraction via HTTP, call the local 'mem' CLI if present, and append/commit scene files (and push). Several of these actions (reading tokens, committing & pushing extracted memories, auto-installing cron/services, optionally auto-restarting gateways via configured restart scripts) reach beyond simple local trimming and are not fully documented in the registry metadata.
Install Mechanism
No remote download/extract install spec is present (instruction-only with bundled scripts). There is no external binary fetched during setup. The setup script does modify the user's crontab and installs a user watcher service (systemd/launchd) — persistent but local. No high-risk network installs were observed.
Credentials
The skill declares no required env vars or primary credential, but setup and janitor scripts automatically read gateway ports and auth tokens from each gateway's openclaw.json and then use those tokens to call local APIs and to perform LLM extraction. The scripts also call 'git' and the optional 'mem' CLI, which could send extracted data to remote services depending on local git remotes or mem configuration. Access to gateway tokens and potential pushing of extracted memories is a sensitive capability that should have been declared and explicitly approved.
Persistence & Privilege
setup.sh modifies the user's crontab and installs a watcher service (systemd user or launchd), creating persistent automatic behavior. The janitor/watchdog can rename session files, remove session entries, run restart scripts (if enabled/configured), and git commit/push scene files. While not 'always:true', this level of persistence and the ability to run periodic automated actions (and potentially restart services) is significant and should be considered before enabling.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install session-janitor - After installation, invoke the skill by name or use
/session-janitor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.4.0
Add extractOnTrim: async LLM memory extraction after watcher-triggered trim; configurable via extractOnTrim.enabled in config.json
v1.5.0
Add sub-agent STATUS/ERROR reporting conventions; watcher skips reload ping for sub-agent sessions to prevent ghost spawns
v1.0.5
Clean up orphaned *.checkpoint.*.jsonl files left behind by auto-compaction. Removes when parent session is gone, or after archiveRetentionDays. Prevents watchdog false-positive alerts on large orphaned checkpoints.
v1.0.4
Sidecar offloader: offload large tool outputs + inline base64 images to .toolcache/ files; always-trim mode (drop toolResults if still over threshold); expand archive cleanup (bak/purged/emergency dirs + orphan toolcache); per-session pre-trim cap; prune compactionCheckpoints from sessions.json; lower trimMaxKB default 250→100
v1.0.3
fix: clear sessions.json entry after transcript reset to prevent dangling pointer to renamed file
v1.0.2
fix: reset session after trim instead of curl-notify to prevent dangling toolResult state on gateway restart
v1.0.1
Add watchdog: hung-session detector with Slack alerts; add config table + Watchdog section to SKILL.md
v1.0.0
Initial release of session-janitor for OpenClaw gateways:
- Automates transcript trimming, compaction, and archival to prevent bloat.
- Extracts structured LLM memories (facts, decisions, lessons) before discarding transcript content.
- Prunes stale subagent and cron sessions; archives orphan transcripts.
- Includes robust setup with auto-discovery of gateway installs, config generation, cron and watcher service installation (systemd and launchd).
- Supports detailed configuration controls for trimming, retention, LLM extraction, and scheduling.
- Provides both cron-based and near-real-time (watcher) operation modes with logging and manual run support.
Metadata
Frequently Asked Questions
What is Session Janitor?
Automated transcript trimming, LLM memory extraction, and session hygiene for OpenClaw gateways. Keeps transcripts from bloating, extracts structured memorie... It is an AI Agent Skill for Claude Code / OpenClaw, with 218 downloads so far.
How do I install Session Janitor?
Run "/install session-janitor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Session Janitor free?
Yes, Session Janitor is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Session Janitor support?
Session Janitor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Session Janitor?
It is built and maintained by halfdeadcat (@halfdeadcat); the current version is v1.5.0.
More Skills