@unblocklabs/skill-usage-audit 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/README.md +138 -0
  2. package/evaluate-skill-health.mjs +919 -0
  3. package/index.ts +1523 -0
  4. package/openclaw.plugin.json +66 -0
  5. package/package.json +38 -0
package/README.md ADDED
@@ -0,0 +1,138 @@
1
+ # skill-usage-audit
2
+
3
+ ## What it does
4
+
5
+ `skill-usage-audit` is an OpenClaw plugin that records tool calls and skill execution telemetry to SQLite. It tracks:
6
+
7
+ - skill reads (which skill files were read)
8
+ - tool call lifecycle (`before_tool_call`/`after_tool_call`)
9
+ - user/assistant messages around a skill execution
10
+ - inferred skill execution outcomes (`positive` / `negative` / `unclear`)
11
+ - skill versions and execution snapshots
12
+
13
+ The goal is to give you machine-readable data for health scoring and automated lifecycle decisions (stable/experimental/degraded/underused).
14
+
15
+ ## Install
16
+
17
+ ```bash
18
+ openclaw plugins install @unblocklabs/skill-usage-audit
19
+ ```
20
+
21
+ Then enable/configure in OpenClaw config:
22
+
23
+ ```json
24
+ {
25
+ "plugins": {
26
+ "entries": {
27
+ "skill-usage-audit": {
28
+ "enabled": true,
29
+ "config": {
30
+ "dbPath": "~/.openclaw/audits/skill-usage.db"
31
+ }
32
+ }
33
+ }
34
+ }
35
+ }
36
+ ```
37
+
38
+ ## Configuration (`configSchema`)
39
+
40
+ The plugin manifest defines these options:
41
+
42
+ - `dbPath` (string, default `~/.openclaw/audits/skill-usage.db`)
43
+ - SQLite database file to write telemetry to.
44
+ - `includeToolParams` (boolean, default `false`)
45
+ - Include tool parameters in `before_tool_call` / `after_tool_call` event rows.
46
+ - `captureMessageContent` (boolean, default `false`)
47
+ - If true, stores sanitized snapshots of message text; if false, stores only metadata for privacy.
48
+ - `redactKeys` (array<string>, default `["token", "apikey", "api_key", "apiKey", "password", "passwd", "auth", "authorization", "secret", "secretToken", "refreshToken", "client_secret"]`)
49
+ - Keys that are redacted from object payloads before storage.
50
+ - `skillBlockDetection` (boolean, default `true`)
51
+ - Emit `skill_block_detected` events from `before_prompt_build` prompts.
52
+ - `contextWindowSize` (integer, default `5`, min `1`)
53
+ - Number of messages retained before/after a skill read for execution context.
54
+ - `contextTimeoutMs` (integer, default `60000`, min `0`)
55
+ - Milliseconds to wait for follow-up messages before finalizing a skill execution record.
56
+
57
+ ## What gets stored
58
+
59
+ Data is written into SQLite tables from the plugin at `dbPath`:
60
+
61
+ - `skill_events`
62
+ - `skill_versions`
63
+ - `skills`
64
+ - `skill_executions`
65
+ - `skill_feedback`
66
+ - `skill_health_snapshots`
67
+
68
+ ## Query examples
69
+
70
+ ### Show recent skill executions
71
+
72
+ ```bash
73
+ sqlite3 ~/.openclaw/audits/skill-usage.db \
74
+ "SELECT skill_name, ts, mechanical_success, implied_outcome, error FROM skill_executions ORDER BY ts DESC LIMIT 20;"
75
+ ```
76
+
77
+ ### Count by status recommendation
78
+
79
+ ```bash
80
+ sqlite3 ~/.openclaw/audits/skill-usage.db \
81
+ "SELECT status, COUNT(*) FROM skills GROUP BY status;"
82
+ ```
83
+
84
+ ### Extract events and inspect JSON payloads with `jq`
85
+
86
+ ```bash
87
+ sqlite3 -json ~/.openclaw/audits/skill-usage.db \
88
+ "SELECT ts, type, skill_name, params FROM skill_events WHERE type='tool_call_end' LIMIT 50;" \
89
+ | jq '.[].params'
90
+ ```
91
+
92
+ ### Show latest health snapshot per skill
93
+
94
+ ```bash
95
+ sqlite3 ~/.openclaw/audits/skill-usage.db \
96
+ "SELECT skill_name, usage_count, mechanical_failure_rate, implied_negative_rate, status_recommendation, created_at FROM skill_health_snapshots ORDER BY created_at DESC LIMIT 20;"
97
+ ```
98
+
99
+ ## Evaluator script
100
+
101
+ A bundled evaluator script can compute deterministic health signals and write recommendations back to the same DB:
102
+
103
+ ```bash
104
+ node evaluate-skill-health.mjs --help
105
+ node evaluate-skill-health.mjs --db-path ~/.openclaw/audits/skill-usage.db --window-days 14
106
+ ```
107
+
108
+ Supported options (highlights):
109
+
110
+ - `--db-path` / `--db` (or env `SKILL_USAGE_AUDIT_DB_PATH`)
111
+ - `--report-dir <path>`
112
+ - `--window-days <n>`
113
+ - `--stable-min-usage <n>`
114
+ - `--experimental-min-usage <n>`
115
+ - `--degraded-sample-min <n>`
116
+ - `--degraded-mechanical-rate <r>`
117
+ - `--degraded-implied-rate <r>`
118
+ - `--underused-max <n>`
119
+ - `--no-update-status`
120
+ - `--no-report`
121
+ - `--no-filesystem-scan`
122
+ - `--verbose`
123
+
124
+ The evaluator writes:
125
+
126
+ - `skills.status` updates (stable/experimental/degraded/unused)
127
+ - `skill_health_snapshots` rows for historical tracking
128
+ - Markdown reports under `reports/skill-health/`
129
+
130
+ ## Requirements
131
+
132
+ - **Node.js >= 22** (for `node:sqlite` support)
133
+ - No external npm dependencies are required for the plugin at runtime.
134
+
135
+ ## Notes
136
+
137
+ - This package is distributed as a scoped npm package and installs into OpenClaw as `~/.openclaw/extensions/skill-usage-audit/`.
138
+ - `openclaw.plugins install` uses `npm pack` under the hood and expects `index.ts` and `openclaw.plugin.json` to be included in package files.