What does Leak Check report?

It reports credential leaks found in session logs, including session, timestamp, and provider, plus any config echoes if the patterns were read from config.

How are credentials defined?

In leak-check.json as partial fragments with wildcard patterns; do not store full credentials.

What formats are available for output?

The default is a human-friendly Discord-style view; use --format json to obtain structured JSON for automation.

Leak Check

Verified

@khaney64

npx machina-cli add skill @khaney64/leak-check --openclaw

Files (1)

SKILL.md

3.1 KB

Leak Check

Scan OpenClaw session JSONL files for leaked credentials. Reports which real AI provider (anthropic, openai, google, etc.) received the data, skipping internal delivery echoes.

Quick Start

# Check for leaked credentials (default: discord format)
node scripts/leak-check.js

# JSON output
node scripts/leak-check.js --format json

Configuration

Credentials to check are defined in leak-check.json:

[
  { "name": "Discord", "search": "abc*xyz" },
  { "name": "Postmark", "search": "k7Qm9x" }
]

Important: Do not store full credentials in this file. Use only a partial fragment — enough to uniquely identify the credential via a contains, begins-with, or ends-with match.

Wildcard patterns:

abc* — starts with "abc"
*xyz — ends with "xyz"
abc*xyz — starts with "abc" AND ends with "xyz"
abc (no asterisk) — contains "abc"
"" (empty) — skip this credential

Options

--format <type> — Output format: discord (default) or json
--config <path> — Path to credential config file (default: leak-check.json in skill root)
--help, -h — Show help message

Output

Discord (Default)

🔐 **Credential Leak Check**

⚠️ **2 leaked credentials found**

**Discord Token**
• Session: `abc12345` | 2026-02-14 18:30 UTC | Provider: anthropic

**Postmark**
• Session: `def67890` | 2026-02-10 09:15 UTC | Provider: anthropic

Or if clean:

🔐 **Credential Leak Check**
✅ No leaked credentials found (checked 370 files, 7 credentials)

Config Echoes

If the leak-check.json config file is read or discussed during an OpenClaw session, the credential patterns will appear in that session's JSONL log. The scanner detects this and reports these matches separately as config echoes rather than real leaks:

📋 **3 possible config echoes** (session contains leak-check config)

• **Discord**: 1 session
...

✅ No credential leaks beyond config echoes

Config echoes will continue to appear on every run until the session file is removed. To clear them, delete the session file from ~/.openclaw/agents/main/sessions/:

rm ~/.openclaw/agents/main/sessions/<session-uuid>.jsonl

Tip: Avoid reading or referencing leak-check.json during an OpenClaw session. If it happens, note the session ID from the report and delete it.

JSON

{
  "leaks": [
    {
      "credential": "Discord Token",
      "session": "abc12345",
      "timestamp": "2026-02-14T18:30:00.000Z",
      "provider": "anthropic"
    }
  ],
  "configEchoes": [
    {
      "credential": "Gateway",
      "session": "b175e53c",
      "timestamp": "2026-02-19T18:00:30.067Z",
      "provider": "minimax-portal",
      "configEcho": true
    }
  ],
  "summary": {
    "filesScanned": 370,
    "credentialsChecked": 7,
    "leaksFound": 2,
    "configEchoesFound": 1
  }
}

Source

git clone https://clawhub.ai/khaney64/leak-checkView on GitHub

Overview

Leak Check analyzes OpenClaw JSONL session logs to detect leaked credentials using configurable patterns. It reports which real AI provider received the data and flags internal echoes, helping teams identify and remediate data exposures.

How This Skill Works

Leak Check loads the OpenClaw JSONL session files, applies wildcard-enabled patterns from leak-check.json (including contains, begins-with, and ends-with), and flags matching credentials with their session, timestamp, and provider. It supports a default Discord-style output or JSON via --format json, and it separately reports config echoes when the pattern file is read.

When to Use It

Regular security audits of OpenClaw session logs for leaked credentials.
Investigation to identify which real AI provider received leaked data after a suspected leak.
Pre-sharing log reviews to ensure no full credentials are exposed and only partial fragments are used.
Config validation to verify leak-check.json patterns are effective and up-to-date.
Automation in CI to surface leaks in JSON for downstream tooling.

Quick Start

Step 1: Run node scripts/leak-check.js
Step 2: Run node scripts/leak-check.js --format json
Step 3: Update leak-check.json with your patterns and re-run

Best Practices

Store only partial credential fragments in leak-check.json; never store full credentials.
Use wildcard patterns (begins-with, ends-with, contains) to minimize false positives.
Run with --format json for machine-readable outputs in automation.
Regularly rotate credentials and prune outdated patterns from leak-check.json.
Treat config echoes separately: review them to avoid confusing leaks with config data.

Example Use Cases

Discord Token leaked to anthropic: Session abc12345, 2026-02-14 18:30 UTC.
Postmark key matched: Session def67890, 2026-02-10 09:15 UTC; provider: anthropic.
No leaks found after scanning 370 files and 7 credentials.
Config echoes detected: 3 possible config echoes (from leak-check.json).
JSON output shows leaks, configEchoes, and a final summary.

Frequently Asked Questions

Add this skill to your agents