Session Compact

Intelligent session compression plugin for OpenClaw that automatically manages token consumption and supports unlimited-length conversations. Compresses hist...

This package appears to implement the session-compaction feature it advertises, but there are a few red flags to check before installing: - Packaging mismatch: the registry lists no install spec, yet the bundle contains a buildable code plugin (TypeScript, bin script, openclaw.plugin.json). Confirm whether you intend to run the code plugin (it requires building and copying into ~/.openclaw/extensions). - Exec/CLI LLM calls: the implementation notes use of execSync to call the OpenClaw CLI for LLM summaries. That is convenient but increases risk (shell invocation, reliance on host CLI config). Inspect the built dist/index.js (or source) for exec/child_process usage and ensure arguments are properly escaped or, ideally, prefer a direct API integration. - File writes & config edits: the plugin will persist JSON sessions under ~/.openclaw/sessions and expects changes to ~/.openclaw/openclaw.json. Back up your OpenClaw config and existing sessions before enabling. - Source provenance: the package lists no homepage and the repository URLs in docs point to GitHub placeholders. If you plan to install, verify the source repository, review the built JS to ensure no hidden network calls or obfuscated code, and prefer installing via the official ClawHub/marketplace rather than manual cloning when possible. - Inconsistent docs: different files claim different coverage/version numbers and at least one doc notes the plugin previously triggered platform security intercepts (execSync usage). Treat these as signs to audit the code rather than immediate red flags. If you are not comfortable auditing the code yourself, ask the maintainer for a signed release on the official registry (ClawHub) or request an upstream review that addresses the execSync usage and clarifies packaging/installation instructions.

Type: OpenClaw Skill Name: session-compact-skill Version: 1.2.1 The skill bundle contains a high-risk shell injection vulnerability in 'src/compact/engine.ts'. The 'callLLM' function uses 'execSync' to execute a constructed shell command that includes conversation content. While it attempts to escape double quotes and backslashes, it fails to sanitize other shell metacharacters (e.g., backticks, dollar signs, or pipes), potentially allowing for arbitrary command execution if the agent processes malicious input. Although the extensive documentation and 163 test cases suggest the intent is a legitimate session management tool, the unsafe implementation of CLI integration poses a significant security risk.