Marketplace · Logging

Logging skillsVerifiedUpdated April 30, 2026

Secure Google Docs Logger Skill

One Google Doc per day in a PE_Logs folder, append-only — like a cloud-native .txt log file your OpenClaw agent can write to from any machine.

View on ClawHub

google-docs · logging · automation · audit · daily-log

What this skill does

Docs Logger gives an OpenClaw agent a place to write run-time notes that a human can scan from any browser. The skill auto-creates a new Google Doc named YYYY-MM-DD inside a PE_Logs folder each day, then appends timestamped lines to it. Think of it as a cloud-native equivalent of `>> /var/log/agent.log` that survives across machines, browsers, and operators. Append is the only verb — there is no edit-in-place — so the doc functions as a tamper-evident running record.

Example

Prompt

Log that the nightly export finished: 1,204 rows, no errors.

Output

Doc: 2026-06-04 (auto-created in PE_Logs)
ok  appended: [03:14:07Z] export | nightly | 1204 rows | ok

append-only; no overwrite or delete verb exists.

Required tools

Google Docs

Compatible agents

OpenClaw

Grok BuildAny CLI-compatible agent

Add to your agent

Steps 1–2 are identical for every agent — install the porteden binary and authenticate once. Step 3 registers the skill with your runtime.

Install the PortEden CLI

OpenClaw skills delegate every API call to the porteden binary. Install once with Homebrew or Go.

brew install porteden/tap/porteden 
# or
go install github.com/porteden/cli/cmd/porteden@latest

Authenticate

Browser-based login is recommended — credentials are written to your OS keyring. Token-based login is available for headless environments.

porteden auth login 
# headless / CI
porteden auth login --token <PE_API_KEY> 
porteden auth status

Install the docs-logger skill

OpenClaw fetches the signed skill bundle and registers its commands with the agent.

openclaw skills install docs-logger

The SKILL.md

The canonical, copy-paste-able skill definition your agent loads.

SKILL.md · docs-logger · v1.0.0 · MIT-0

porteden docs-logger

Append log lines to daily Google Docs — one document per day, auto-created inside a PE_Logs folder. Works like a cloud-native .txt log file that agents can write to from anywhere. Use -jc flags for AI-optimized output.

If porteden is not installed: brew install porteden/tap/porteden (or go install github.com/porteden/cli/cmd/porteden@latest).

Setup

1. Authenticate (once)

Browser login (recommended): porteden auth login — opens browser, credentials stored in system keyring
Direct token: porteden auth login --token <key> — stored in system keyring
Verify: porteden auth status
If PE_API_KEY is set in the environment, the CLI uses it automatically (no login needed).
Drive access requires a token with driveAccessEnabled: true and a connected Google account with Drive scopes.

2. Set the log folder (one-time)

If PE_LOG_FOLDER is already set, skip to the logging workflow — the folder is configured.

If PE_LOG_FOLDER is not set, search for an existing PE_Logs folder:

porteden drive files --name "PE_Logs" --mime-type application/vnd.google-apps.folder -jc

If found, copy the id field and set it:

export PE_LOG_FOLDER="google:0B7_FOLDER_ID..."

If not found, create the folder:

porteden drive mkdir --name "PE_Logs" -jc

Copy the id from the response and set it:

export PE_LOG_FOLDER="google:0B7_FOLDER_ID..."

To persist across sessions, add to your shell profile (~/.bashrc, ~/.zshrc) or .env file. Once set, this step does not need to be repeated.

Logging workflow (per run)

Each run appends log lines to today's document. Follow these two steps every time you need to log.

Step 1. Find or create today's doc

Search for a doc named with today's date (YYYY-MM-DD) inside the log folder:

porteden drive files --name "2025-01-15" --folder $PE_LOG_FOLDER --mime-type application/vnd.google-apps.document -jc

If found, use the id from the result as the doc ID for step 2.

If not found, create today's doc:

porteden docs create --name "2025-01-15" --folder $PE_LOG_FOLDER -jc

Use the id from the response as the doc ID for step 2.

Step 2. Append the log line

porteden docs edit <DOC_ID> --append "[09:30:00Z] deploy | production | v2.4.1 released | success"

Each --append adds text at the end of the document, preserving all previous entries.

Multiple lines in one call:

porteden docs edit <DOC_ID> --append "[09:30:00Z] deploy | production | v2.4.1 released | success
[09:31:12Z] healthcheck | production | all endpoints healthy | success"

Log format examples

Use a consistent line format. Recommended patterns:

Timestamped event: [HH:MM:SSZ] event | source | details | status

Audit entry: [HH:MM:SSZ] actor | action | resource | result

Error line: [HH:MM:SSZ] ERROR | service | message

Task result: [HH:MM:SSZ] task | agent | input → output | duration

The date is already in the document name — log lines only need the time component.

Reading logs

Read today's log:

porteden docs read <DOC_ID>

List all log documents in the folder:

porteden drive files --folder $PE_LOG_FOLDER -jc

Read a specific day's log:

porteden drive files --name "2025-01-10" --folder $PE_LOG_FOLDER --mime-type application/vnd.google-apps.document -jc

Then read by its ID:

porteden docs read <DOC_ID>

Best practices

1. Always use --append — never overwrite log docs. Append-only preserves the full audit trail. 2. Use ISO 8601 date for doc names (YYYY-MM-DD) — ensures chronological sort and unique daily docs. 3. Include only the time in log lines — the date is in the document name, no need to repeat it. 4. Batch multiple log lines in one --append — separate lines with \n to reduce API calls. 5. Use a consistent delimiter — pipe | keeps fields scannable. Avoid commas in free-text fields. 6. Search before creating — always check if today's doc exists before creating a new one to avoid duplicates. 7. Use -jc on drive/read calls — compact JSON output minimizes tokens for AI agents.

Notes

Credentials persist in the system keyring after login. No repeated auth needed.
Set PE_PROFILE=work to avoid repeating --profile.
-jc is shorthand for --json --compact: strips noise, limits fields, reduces tokens for AI agents.
File IDs are always provider-prefixed (e.g., google:1BxiMVs0XRA5...). Pass them as-is.
porteden docs read returns plain text by default.
--append adds text at the end of the document. Each call appends — it does not replace.
accessInfo in responses describes active token restrictions.
PE_LOG_FOLDER is the only env var specific to this skill. Store it alongside PE_API_KEY.
Environment variables: PE_API_KEY, PE_PROFILE, PE_LOG_FOLDER, PE_FORMAT, PE_COLOR, PE_VERBOSE.

How it works

Auto-creates one doc per date

On first append of the day, the skill creates a new doc named YYYY-MM-DD inside the folder identified by PE_LOG_FOLDER. Subsequent appends in the same UTC day land in the same doc. At UTC midnight, a new doc spins up.

Append is timestamped and append-only

Each append prepends an ISO-8601 UTC timestamp and writes after the existing content. The skill exposes no overwrite or delete verb, so the doc is a tamper-evident chronological record (subject to native Google Docs version history).

porteden docs edit <DOC_ID> --append "[$(date -u +%H:%M:%SZ)] deploy | production | v2.4.1 | ok"

Folder isolation via PE_LOG_FOLDER

PE_LOG_FOLDER is a Drive folder ID prefixed with google:. The agent can be granted Editor on this folder only — limiting blast radius if the token is misused.

Deploy org-wide

The same firewall behind every PortEden skill

Provision to teams with role-based access policies
Identity-aware execution — every call ties back to a user
Signed, version-pinned skills
Full audit trail on every tool call
Field-level redaction at egress

See enterprise controls

PortEden · v1.0.0 · MIT-0

Source on ClawHub

Frequently asked questions

Where do the logs go?

On the first append of each UTC day the skill auto-creates a Google Doc named YYYY-MM-DD inside the folder set by PE_LOG_FOLDER. Later appends that day land in the same doc.

Can the agent edit or delete past entries?

No. Append is the only verb, so the doc is a tamper-evident chronological record, subject to native Google Docs version history.

How do I limit blast radius?

Grant the agent Editor on the PE_LOG_FOLDER folder only, so a misused token cannot reach the rest of your Drive.

Which agents can install it?

OpenClaw, Grok Build, or any CLI-compatible agent through the porteden binary.

Related Skills

Logging

Secure Google Sheets Logger Skill

A purpose-built logger for OpenClaw runs — append timestamped events to one Google Sheet, with row-level structure and CSV import for batch back-fills.

View skill v1.0.0

Drive & Docs

Secure Google Docs Skill

Permission-aware document operations for Google Docs — create, read, append, share, rename, export — every write logged to PortEden's audit trail.

View skill v1.0.0

Drive & Docs

Secure Google Drive Skill

List, search, upload, organize, share, and manage Google Drive files from an OpenClaw agent — with permission changes audited and risky scopes blocked at the firewall.

View skill v1.0.0

Install Secure OpenClaw Google Docs Logger Skill Without Inheriting the Audit Tail

Browser auth, keyring-bound credentials, server-side audit log. The same data firewall behind every PortEden integration.

Talk to sales

Regulated org or 200+ seats? Talk to sales →