← 返回 Skills 市场
291
总下载
1
收藏
0
当前安装
3
版本数
在 OpenClaw 中安装
/install openclaw-history-viewer
功能描述
启动一个 web 服务来浏览和查看 OpenClaw 的历史聊天记录。支持会话列表、消息详情查看、JSON API 导出、自动会话备份、刷新功能。使用场景:当用户想要查看、浏览、搜索或导出 OpenClaw 的聊天历史记录时触发此技能。触发词包括:"启动历史记录"、"打开聊天记录"、"查看历史"、"启动 hist...
安全使用建议
This skill largely does what it says: starts a local web server to view OpenClaw session files and can create backups. Before installing or running it, do the following: 1) Inspect the remainder of history_server.py (the truncated portion) to confirm whether the HTTP server binds only to localhost (127.0.0.1) or to all interfaces — you should ensure it binds to localhost if you don't want remote access. 2) Search the code for any POST/DELETE endpoints or handlers that expose delete_session or file-write operations via HTTP; if present, confirm whether they require authentication or are intentionally disabled. 3) If you plan to run it, run as your regular (non-root) user and not on a publicly routable interface; consider using firewall rules or an SSH tunnel if you need remote access. 4) Backup scripts write to ~/.openclaw/workspace/history/ and create/modify backup_index.json; if you keep sensitive data, review those files and permissions. If you are not comfortable auditing the full server code (especially missing parts), treat this as potentially risky and avoid running it on production or multi-user machines.
功能分析
Type: OpenClaw Skill
Name: openclaw-history-viewer
Version: 1.1.1
The skill bundle provides a web-based viewer for OpenClaw chat history but contains significant security vulnerabilities and documentation discrepancies. While the functionality aligns with its stated purpose, `history_server.py` binds the web server to all network interfaces ('0.0.0.0'), directly contradicting the 'local access only' claim in `SKILL.md` and potentially exposing sensitive chat logs to the network. Furthermore, the server includes a session deletion feature (`/api/delete`) that lacks any authentication or CSRF protection, allowing for unauthorized data destruction. These flaws, while likely unintentional, constitute high-risk behaviors in a tool handling private conversation data.
能力评估
Purpose & Capability
Name/description match the files: scripts read ~/.openclaw session files, present a local web UI, and provide backup scripts. Access to those local paths is necessary for the stated purpose.
Instruction Scope
SKILL.md instructs running the included Python server locally and backup scripts; however the server code contains a delete_session function (deletes session files and .reset. backups) that is not documented in SKILL.md. The runtime instructions claim local-only access (localhost) but do not show or verify the server's bind address or any access control/authentication. That combination (undocumented destructive actions + unclear exposure) is a scope and safety concern.
Install Mechanism
No external install/downloads or package installs; skill is instruction-only with bundled Python scripts. Nothing is pulled from arbitrary URLs. Files run locally, so risk is limited to local file operations.
Credentials
The skill reads and writes only to OpenClaw data directories under the user's home (~/.openclaw) and a backup workspace (~/.openclaw/workspace/history), which is proportionate. It does modify files (backups, backup_index.json) and may delete session files; these write/delete permissions are expected for backup tooling but should be explicit and confirmed by the user.
Persistence & Privilege
Skill does not request persistent platform privileges (always=false). It runs as a local process and stores backups under user's home; no modification of other skills or global agent settings detected in provided files.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-history-viewer - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-history-viewer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.1
openclaw-history-viewer v1.1.1
- 新增“刷新”按钮,可一键重新加载聊天数据且保持当前阅读位置
- 界面顶部增加 favicon 对话气泡图标,所有页面统一显示
- 优化界面布局,移除冗余标题,使内容更紧凑
- 刷新操作有加载指示与自动恢复滚动条位置
- 其它小幅文档与界面改进
v1.1.0
新增删除会话功能:支持删除备份会话,灰色删除按钮内嵌在元数据行,当前活跃会话不可删除
v1.0.0
OpenClaw History Viewer 1.0.0
- 新增通过 web 界面浏览和查看 OpenClaw 聊天历史记录的完整服务,支持会话列表和消息详情展示
- 提供两种视图:现代化聊天视图(类微信风格)与传统 Raw 表格视图
- 支持自然语言、命令行和后台三种方式启动
- 集成 JSON API,实现会话列表和会话详情导出
- 聊天详情支持工具调用、思考过程、类型分色显示,且移动端友好响应式布局
- 明确了会话记录的数据目录结构和消息类型支持
元数据
常见问题
Openclaw History Viewer 是什么?
启动一个 web 服务来浏览和查看 OpenClaw 的历史聊天记录。支持会话列表、消息详情查看、JSON API 导出、自动会话备份、刷新功能。使用场景:当用户想要查看、浏览、搜索或导出 OpenClaw 的聊天历史记录时触发此技能。触发词包括:"启动历史记录"、"打开聊天记录"、"查看历史"、"启动 hist... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 291 次。
如何安装 Openclaw History Viewer?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-history-viewer」即可一键安装,无需额外配置。
Openclaw History Viewer 是免费的吗?
是的,Openclaw History Viewer 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Openclaw History Viewer 支持哪些平台?
Openclaw History Viewer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Openclaw History Viewer?
由 lengyhua(@lengyhua)开发并维护,当前版本 v1.1.1。
推荐 Skills