← 返回 Skills 市场
halfdeadcat

Session Janitor

作者 halfdeadcat · GitHub ↗ · v1.5.0 · MIT-0
cross-platform ⚠ suspicious
218
总下载
0
收藏
1
当前安装
8
版本数
在 OpenClaw 中安装
/install session-janitor
功能描述
Automated transcript trimming, LLM memory extraction, and session hygiene for OpenClaw gateways. Keeps transcripts from bloating, extracts structured memorie...
安全使用建议
What to consider before installing: - Scope & secrets: setup auto-reads your OpenClaw installation(s) (~/.openclaw*/openclaw.json) and uses each gateway's auth token to call the local API. That token is sensitive; the skill did not declare it up front. If you are uncomfortable granting that access, do not install. - Persistence: setup will modify your crontab and install a user watcher service (systemd/launchd). These run automatically on your account and will perform file edits, trims, and LLM extraction without further prompts. - Memory handling / possible exfiltration: despite a doc claim that memories go "only" to the mem DB, extract-llm.py also writes scene files and attempts to git commit/push them (if sceneFilesPath points inside a git repo). If that repo has a remote, extracted memories could be pushed off-machine. The skill also invokes the optional 'mem' CLI which may transmit data elsewhere depending on your mem setup. To reduce risk: leave memCli.disabled, do not set sceneFilesPath (or set it to a safe local directory not tracked by git), and inspect/disable git remotes if you enable scene files. - Restart behavior: the watchdog can call restart scripts (paths are configurable). Review those scripts before enabling autoRestart; they could encapsulate arbitrary commands run automatically by the janitor. - Inspect before enabling: review scripts/setup.sh, scripts/janitor.sh, scripts/extract-llm.py, and scripts/sidecar.py yourself. Consider running janitor in a dry-run environment (copy your sessions to a test dir) and run janitor.sh manually to observe behavior before allowing cron/service installs. - Recommended mitigations: back up ~/.openclaw, disable llmExtraction or set maxPerRun=0 if you don't want automatic LLM calls, set memCli.enabled=false, leave sceneFilesPath empty, and check crontab and systemd user services after setup. If you accept this skill, be aware it will automatically modify and archive session transcripts and can persist extracted data outside the gateway unless you reconfigure it. What would reduce my concern: explicit registry metadata declaring that the skill reads openclaw.json and gateway tokens, a documented opt-in for scene file git commits (or removal of automatic git push), and an explicit configuration/consent step for installing cron/systemd services and for any auto-restart behavior.
功能分析
Type: OpenClaw Skill Name: session-janitor Version: 1.5.0 The session-janitor skill is a maintenance utility that performs transcript trimming and memory extraction, but it employs several high-risk patterns. The setup.sh script automatically harvests authentication tokens from all discovered OpenClaw gateway configurations in the user's home directory. Additionally, janitor.sh uses an unsafe 'eval' pattern to load configuration values, creating a shell injection vulnerability. The extract-llm.py script also includes logic to automatically git commit and push 'scene files' to a remote repository, which could be leveraged for data exfiltration.
能力评估
Purpose & Capability
Name/description (transcript trimming, LLM extraction, session hygiene) match the included scripts. However the registry metadata claims no required config paths or credentials, while setup.sh and other scripts auto-discover and read ~/.openclaw*/openclaw.json (including gateway.auth.token) — a secret — without declaring it. Also SKILL.md/README claim memories go only to the mem DB and do not inflate context, but extract-llm.py also writes scene files and attempts to git commit/push them (durable storage). These undocumented reads/writes are inconsistent with the declared requirements.
Instruction Scope
SKILL.md and the scripts instruct the agent to: read user OpenClaw configs, modify sessions.json, move/rename session transcripts, create .toolcache files adjacent to transcripts, install cron entries and a systemd/launchd watcher service, call the gateway's chat/completions endpoint with the gateway token, run an LLM extraction via HTTP, call the local 'mem' CLI if present, and append/commit scene files (and push). Several of these actions (reading tokens, committing & pushing extracted memories, auto-installing cron/services, optionally auto-restarting gateways via configured restart scripts) reach beyond simple local trimming and are not fully documented in the registry metadata.
Install Mechanism
No remote download/extract install spec is present (instruction-only with bundled scripts). There is no external binary fetched during setup. The setup script does modify the user's crontab and installs a user watcher service (systemd/launchd) — persistent but local. No high-risk network installs were observed.
Credentials
The skill declares no required env vars or primary credential, but setup and janitor scripts automatically read gateway ports and auth tokens from each gateway's openclaw.json and then use those tokens to call local APIs and to perform LLM extraction. The scripts also call 'git' and the optional 'mem' CLI, which could send extracted data to remote services depending on local git remotes or mem configuration. Access to gateway tokens and potential pushing of extracted memories is a sensitive capability that should have been declared and explicitly approved.
Persistence & Privilege
setup.sh modifies the user's crontab and installs a watcher service (systemd user or launchd), creating persistent automatic behavior. The janitor/watchdog can rename session files, remove session entries, run restart scripts (if enabled/configured), and git commit/push scene files. While not 'always:true', this level of persistence and the ability to run periodic automated actions (and potentially restart services) is significant and should be considered before enabling.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install session-janitor
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /session-janitor 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.4.0
Add extractOnTrim: async LLM memory extraction after watcher-triggered trim; configurable via extractOnTrim.enabled in config.json
v1.5.0
Add sub-agent STATUS/ERROR reporting conventions; watcher skips reload ping for sub-agent sessions to prevent ghost spawns
v1.0.5
Clean up orphaned *.checkpoint.*.jsonl files left behind by auto-compaction. Removes when parent session is gone, or after archiveRetentionDays. Prevents watchdog false-positive alerts on large orphaned checkpoints.
v1.0.4
Sidecar offloader: offload large tool outputs + inline base64 images to .toolcache/ files; always-trim mode (drop toolResults if still over threshold); expand archive cleanup (bak/purged/emergency dirs + orphan toolcache); per-session pre-trim cap; prune compactionCheckpoints from sessions.json; lower trimMaxKB default 250→100
v1.0.3
fix: clear sessions.json entry after transcript reset to prevent dangling pointer to renamed file
v1.0.2
fix: reset session after trim instead of curl-notify to prevent dangling toolResult state on gateway restart
v1.0.1
Add watchdog: hung-session detector with Slack alerts; add config table + Watchdog section to SKILL.md
v1.0.0
Initial release of session-janitor for OpenClaw gateways: - Automates transcript trimming, compaction, and archival to prevent bloat. - Extracts structured LLM memories (facts, decisions, lessons) before discarding transcript content. - Prunes stale subagent and cron sessions; archives orphan transcripts. - Includes robust setup with auto-discovery of gateway installs, config generation, cron and watcher service installation (systemd and launchd). - Supports detailed configuration controls for trimming, retention, LLM extraction, and scheduling. - Provides both cron-based and near-real-time (watcher) operation modes with logging and manual run support.
元数据
Slug session-janitor
版本 1.5.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 8
常见问题

Session Janitor 是什么?

Automated transcript trimming, LLM memory extraction, and session hygiene for OpenClaw gateways. Keeps transcripts from bloating, extracts structured memorie... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 218 次。

如何安装 Session Janitor?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install session-janitor」即可一键安装,无需额外配置。

Session Janitor 是免费的吗?

是的,Session Janitor 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Session Janitor 支持哪些平台?

Session Janitor 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Session Janitor?

由 halfdeadcat(@halfdeadcat)开发并维护,当前版本 v1.5.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论