leak-check

Scan session logs for leaked credentials. Checks JSONL session files against known credential patterns and reports which AI provider received the data.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "leak-check" with this command: npx skills add khaney64/leak-check

Leak Check

Scan OpenClaw session JSONL files for leaked credentials. Reports which real AI provider (anthropic, openai, google, etc.) received the data, skipping internal delivery echoes.

Quick Start

# Check for leaked credentials (default: discord format)
node scripts/leak-check.js

# JSON output
node scripts/leak-check.js --format json

Configuration

Credentials to check are defined in leak-check.json. The script searches for this file in order:

  1. Skill directory (./leak-check.json) — for backward compatibility
  2. ~/.openclaw/credentials/leak-check.json — recommended persistent location (survives skill updates via clawhub)

Since clawhub clears the skill directory on updates, place your config in ~/.openclaw/credentials/ to avoid losing it:

mkdir -p ~/.openclaw/credentials
cp leak-check.json ~/.openclaw/credentials/leak-check.json

You can also specify an explicit path with --config.

[
  { "name": "Discord", "search": "abc*xyz" },
  { "name": "Postmark", "search": "k7Qm9x" }
]

Important: Do not store full credentials in this file. Use only a partial fragment — enough to uniquely identify the credential via a contains, begins-with, or ends-with match.

Wildcard patterns:

  • abc* — starts with "abc"
  • *xyz — ends with "xyz"
  • abc*xyz — starts with "abc" AND ends with "xyz"
  • abc (no asterisk) — contains "abc"
  • "" (empty) — skip this credential

Options

  • --format <type> — Output format: discord (default) or json
  • --config <path> — Path to credential config file (default: ./leak-check.json, then ~/.openclaw/credentials/leak-check.json)
  • --help, -h — Show help message

Output

Discord (Default)

🔐 **Credential Leak Check**

⚠️ **2 leaked credentials found**

**Discord Token**
• Session: `abc12345` | 2026-02-14 18:30 UTC | Provider: anthropic

**Postmark**
• Session: `def67890` | 2026-02-10 09:15 UTC | Provider: anthropic

Or if clean:

🔐 **Credential Leak Check**
✅ No leaked credentials found (checked 370 files, 7 credentials)

Config Echoes

If the leak-check.json config file is read or discussed during an OpenClaw session, the credential patterns will appear in that session's JSONL log. The scanner detects this and reports these matches separately as config echoes rather than real leaks:

📋 **3 possible config echoes** (session contains leak-check config)

• **Discord**: 1 session
...

✅ No credential leaks beyond config echoes

Config echoes will continue to appear on every run until the session file is removed. To clear them, delete the session file from ~/.openclaw/agents/main/sessions/:

rm ~/.openclaw/agents/main/sessions/<session-uuid>.jsonl

Tip: Avoid reading or referencing leak-check.json during an OpenClaw session. If it happens, note the session ID from the report and delete it.

JSON

{
  "leaks": [
    {
      "credential": "Discord Token",
      "session": "abc12345",
      "timestamp": "2026-02-14T18:30:00.000Z",
      "provider": "anthropic"
    }
  ],
  "configEchoes": [
    {
      "credential": "Gateway",
      "session": "b175e53c",
      "timestamp": "2026-02-19T18:00:30.067Z",
      "provider": "minimax-portal",
      "configEcho": true
    }
  ],
  "summary": {
    "filesScanned": 370,
    "credentialsChecked": 7,
    "leaksFound": 2,
    "configEchoesFound": 1
  }
}

Security

This skill is designed to be local-only and read-only. The following properties can be verified by inspecting scripts/leak-check.js:

  • No network access — no use of http, https, net, dgram, fetch, WebSocket, or any network API
  • No child processes — no use of child_process, exec, spawn, or execSync
  • No external dependencies — zero npm packages; only Node.js built-ins (fs, path, os)
  • No dynamic code execution — no eval(), Function(), or dynamic require()/import()
  • No file writes — only fs.readFileSync, fs.existsSync, and fs.readdirSync are used; no files are created, modified, or deleted
  • No environment variable access — does not read process.env
  • Output is stdout only — all results go to console.log; nothing is sent elsewhere

Verify It Yourself

Confirm no unexpected APIs are used anywhere in the script:

grep -E 'require\(|import |http|fetch|net\.|dgram|child_process|exec|spawn|eval\(|Function\(|\.write|\.unlink|\.rename|process\.env' scripts/leak-check.js

Expected output — only the three built-in require() calls at the top of the file:

const fs = require('fs');
const path = require('path');
const os = require('os');

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

Ai Competitor Analyzer

提供AI驱动的竞争对手分析,支持批量自动处理,提升企业和专业团队分析效率与专业度。

Registry SourceRecently Updated
062
yang1002378395-cmyk
General

Ai Data Visualization

提供自动化AI分析与多格式批量处理,显著提升数据可视化效率,节省成本,适用企业和个人用户。

Registry SourceRecently Updated
041
yang1002378395-cmyk
General

Ai Cost Optimizer

提供基于预算和任务需求的AI模型成本优化方案,计算节省并指导OpenClaw配置与模型切换策略。

Registry SourceRecently Updated
037
yang1002378395-cmyk