npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

openclaw-inspector

v1.0.1

Published

Review every conversation your OpenClaw agent has ever had — including deleted sessions — and flag dangerous actions it may have taken without your knowledge.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lukavyilukavyi

Keywords

openclawclawdbotinspectorsession-viewersecurityauditai-agentcli

Readme

OpenClaw Inspector 🔍

Your AI agent has full access to your machine. Are you sure it's behaving?

OpenClaw (and Clawdbot) can run shell commands, edit files, push to git, install packages, access your camera, take screenshots — essentially do anything on your system. It runs autonomously in background sessions, cron jobs, and sub-agents. Most of the time, you never see what it does.

OpenClaw Inspector lets you see everything. It's a local web app that reads your bot's session history and shows you exactly what happened — every command, every file edit, every tool call. It automatically flags dangerous actions so you can catch problems before they escalate.

When you need this

  • 🤔 "What did my bot do while I was away?" — Browse all sessions including deleted ones
  • 🚨 "Did it run anything dangerous?" — Auto-detects rm -rf, git push --force, sudo, config edits, secret exposure, and more
  • 📱 "Did it access my camera/screen?" — Flags surveillance actions (screenshots, camera, location tracking)
  • 📊 "I have 100+ sessions, how do I review them all?" — Track read progress, filter by status, mark sessions as reviewed
  • 🔄 "I want to monitor in real-time" — Live updates via SSE, toast notifications for new messages

Quick start

npx openclaw-inspector

Opens at http://localhost:9100. That's it.

Custom port

PORT=9101 npx openclaw-inspector

Custom sessions directory

SESSIONS_DIR=~/.openclaw/agents/main/sessions npx openclaw-inspector

What it detects

| Category | Examples | Severity | |----------|----------|----------| | Destructive filesystem | rm -rf, shred, find -delete | 🔴 Critical | | Git destructive | git push --force, git reset --hard, git clean -f | 🔴 Critical | | Repo/account actions | gh repo delete, gh repo edit --visibility public | 🔴 Critical | | Config changes | sed -i, writing to .env, .ssh/, .zshrc | 🟡 Warning | | Package/system | sudo, brew uninstall, chmod 777 | 🟡 Warning | | Process killing | kill -9, killall, pkill | 🟡 Warning | | Secrets/network | curl -X POST, exported tokens/passwords | 🟡 Warning | | Surveillance | Screenshots, camera access, screen recording, location | 🟡 Warning | | Cron changes | crontab, launchctl, systemctl | 🟡 Warning |

Rules are fully customizable — edit ~/.openclaw-inspector/danger-rules.json.

Features

  • Multi-axis filtering — filter by review status (unread/in progress/reviewed), session type (active/orphan/deleted), and danger level — all combinable
  • Read progress tracking — click any message to mark everything up to that point as reviewed; a blue divider shows where you left off
  • Live updates — new messages and sessions appear automatically with toast notifications
  • Tool call previews — see URLs, file paths, search queries, and commands inline without expanding
  • Session renaming — click the title to give any session a custom label
  • Message search — full-text search within a session
  • Mobile responsive — works on phones and tablets
  • State persistence — all filters, sort order, and UI state saved in localStorage

Live monitoring

Inspector watches your sessions directory in real-time. When your bot starts a new conversation, receives a message, or runs a tool — it appears instantly in the UI. No need to refresh the page.

  • New sessions appear in the sidebar automatically
  • New messages stream into the currently open session
  • Toast notifications show activity in other sessions
  • Works for background sessions, cron jobs, and sub-agents too

Privacy & security

  • 🔒 100% local — everything runs on your machine. No cloud, no telemetry, no external connections
  • 📁 Read-only — Inspector never modifies, deletes, or interferes with your sessions. It only reads JSONL files from disk
  • 🏠 Localhost only — server binds to 127.0.0.1 by default, inaccessible from the network
  • 💾 Your data stays yours — progress and settings stored in ~/.openclaw-inspector/, never sent anywhere

Configuration

Environment variables

| Variable | Default | Description | |----------|---------|-------------| | PORT | 9100 | Server port | | HOST | 127.0.0.1 | Bind address (localhost only by default) | | SESSIONS_DIR | auto-detect (~/.openclaw/ or ~/.clawdbot/) | Path to session JSONL files | | DATA_DIR | ~/.openclaw-inspector | User config and progress storage |

User data (~/.openclaw-inspector/)

Created automatically on first launch:

  • danger-rules.json — danger detection rules (customize freely, won't be overwritten on updates)
  • progress.json — read progress (persists across devices if you sync the folder)

Remote access via Tailscale

To access Inspector from your phone or another device:

# Serve local port via Tailscale HTTPS
tailscale serve https:9100 / http://localhost:9100

Then open https://your-machine.tailnet.ts.net:9100 from any device on your tailnet.

Development

git clone https://github.com/Lukavyi/openclaw-inspector.git
cd openclaw-inspector
npm install

# Terminal 1: Backend
node server.js

# Terminal 2: Vite dev server with HMR
npm run dev

Open http://localhost:5173 (proxies API to backend).

npm test          # Unit tests (Vitest)
npm run build     # Production build → dist/

Built with OpenClaw 🤖

This entire project was vibe-coded through OpenClaw — from the first line of code to npm publish. No manual coding involved. The irony of an AI agent building its own inspector is not lost on us.

License

MIT