feat: add openclaw-bot-audit skill

[longfin]

Summary

Adds a new skill package @campforge/openclaw-bot-audit that walks the standard recovery flow for auditing an OpenClaw bot deployed on Fly.io: locate the app, wake a stopped machine, pull the session JSONL from the persistent /data volume, and parse the conversation + tool-call timeline.

Motivated by a real incident audit where we needed to:

• find which bot on Fly was behind a given Telegram conversation
• recover yesterday's session after the machine had been restarted
• enumerate the txIds issued during the session and map them back to the CSVs that produced them
• reconstruct ephemeral /tmp CSVs that were wiped on restart

The skill captures the repeatable pieces so any operator (not just the author) can repeat the audit with jq recipes rather than ad-hoc shell archaeology.

What's included

• packages/openclaw-bot-audit/package.json — npm package metadata, standard CampForge layout
• packages/openclaw-bot-audit/skills/openclaw-bot-audit/SKILL.md — full skill doc covering:
  • app/machine discovery (fly status, waking stopped machines)
  • session file layout on the persistent volume (/data/agents/main/sessions/)
  • JSONL schema cheat sheet (session/message/custom/summary, role shapes, toolCall↔toolResult pairing)
  • jq recipes: user timeline, tool-call listing, toolCall-by-id lookup, txId extraction, pattern-grep, command/result pairing
  • recovery strategies for ephemeral /tmp files (inline args → echoed output → original source)
  • cross-checking 9cscan for on-chain artifacts
  • cleanup + secret-masking notes

Skill is read-only by design: the only state change it performs is fly machine start to enable SSH/SFTP.

Test plan

• Install the skill into a test camp and invoke via Claude Code / OpenClaw
• Run §1–§3 against a known bot, confirm session file downloads
• Run each jq recipe in §5 against the downloaded JSONL
• Verify §6 recovery path by replaying a transformation heredoc from a real toolCall
• Confirm the skill does not trigger on unrelated "fly" mentions (e.g. flex-ax)

🤖 Generated with Claude Code

[Copilot]

Pull request overview

Adds a new CampForge skill package, @campforge/openclaw-bot-audit, to standardize the operational audit workflow for OpenClaw bots running on Fly.io (app/machine discovery, session JSONL retrieval from /data, and jq-based timeline/tool-call analysis).

Changes:

• Introduces a new npm package @campforge/openclaw-bot-audit.
• Adds a comprehensive SKILL.md covering Fly.io recovery steps, session file locations, JSONL schema, and jq recipes for auditing.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
packages/openclaw-bot-audit/skills/openclaw-bot-audit/SKILL.md	Skill definition + operational runbook for retrieving and analyzing OpenClaw session JSONL on Fly.io.
packages/openclaw-bot-audit/package.json	Package metadata to publish/include the new skill directory.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Adds a new CampForge skill package (@campforge/openclaw-bot-audit) that documents an operator workflow for auditing OpenClaw bot sessions on Fly.io by locating the app/machine, downloading persistent session JSONL from /data, and using jq recipes to reconstruct message/tool timelines and recover references to ephemeral working files.

Changes:

• Added a new skill doc (SKILL.md) describing the Fly.io recovery + session JSONL audit workflow and jq recipes.
• Added a new package manifest (package.json) for distributing the skill via the standard skills/ layout.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
packages/openclaw-bot-audit/skills/openclaw-bot-audit/SKILL.md	New operator-facing skill documentation and jq recipes for auditing session JSONL on Fly.io.
packages/openclaw-bot-audit/package.json	New npm package metadata for publishing the skill content.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Adds a new CampForge skill package to standardize auditing/recovery of OpenClaw bot session logs on Fly.io, including machine wake-up, session JSONL retrieval, and jq-based timeline/tool-call analysis.

Changes:

• Introduces @campforge/openclaw-bot-audit npm package metadata.
• Adds a comprehensive SKILL.md documenting the Fly.io audit workflow, session file locations, JSONL schema, and jq recipes.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
packages/openclaw-bot-audit/skills/openclaw-bot-audit/SKILL.md	New skill documentation covering audit workflow, JSONL schema, jq recipes, and recovery notes.
packages/openclaw-bot-audit/package.json	New skill package manifest for publishing/packaging the skill docs.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Adds a new CampForge skill package, @campforge/openclaw-bot-audit, documenting a repeatable operator workflow to audit OpenClaw bot sessions deployed on Fly.io by locating the app/machine, retrieving persistent session JSONL, and analyzing timelines/tool activity with jq.

Changes:

• Introduces the openclaw-bot-audit skill documentation (recovery flow + JSONL schema + jq recipes).
• Adds a new npm workspace package for distributing the skill under @campforge/openclaw-bot-audit.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
packages/openclaw-bot-audit/skills/openclaw-bot-audit/SKILL.md	Adds the full operator-facing audit playbook, including commands and jq recipes for session analysis.
packages/openclaw-bot-audit/package.json	Defines the new skill package metadata and publishes only the skills/ directory.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Adds a new CampForge skill package, @campforge/openclaw-bot-audit, documenting a repeatable operational flow for auditing OpenClaw bot sessions on Fly.io by locating the app/machine, waking it if needed, downloading durable session JSONL from /data, and analyzing the tool-call timeline via jq recipes.

Changes:

• Introduces a new npm workspace package @campforge/openclaw-bot-audit.
• Adds a comprehensive SKILL.md covering Fly.io discovery/recovery steps, session file layout, JSONL schema notes, and jq-based audit workflows.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
packages/openclaw-bot-audit/skills/openclaw-bot-audit/SKILL.md	Adds the skill spec + operator playbook for auditing OpenClaw sessions on Fly.io.
packages/openclaw-bot-audit/package.json	Registers the new skill package for workspace/publishing with standard metadata and packaged files.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.