Grok Build Skill · Logging

Secure Grok Build Google Docs Logger Skill

One Google Doc per day in a PE_Logs folder, append-only — like a cloud-native .txt log file your Grok Build agent can write to from any machine.

View on ClawHub

google-docs · logging · automation · audit · daily-log

SKILL.md · docs-logger · v1.0.0 · MIT-0

porteden docs-logger

Append log lines to daily Google Docs — one document per day, auto-created inside a PE_Logs folder. Works like a cloud-native .txt log file that agents can write to from anywhere. Use -jc flags for AI-optimized output.

If porteden is not installed: brew install porteden/tap/porteden (or go install github.com/porteden/cli/cmd/porteden@latest).

Setup

1. Authenticate (once)

Browser login (recommended): porteden auth login — opens browser, credentials stored in system keyring
Direct token: porteden auth login --token <key> — stored in system keyring
Verify: porteden auth status
If PE_API_KEY is set in the environment, the CLI uses it automatically (no login needed).
Drive access requires a token with driveAccessEnabled: true and a connected Google account with Drive scopes.

2. Set the log folder (one-time)

If PE_LOG_FOLDER is already set, skip to the logging workflow — the folder is configured.

If PE_LOG_FOLDER is not set, search for an existing PE_Logs folder:

porteden drive files --name "PE_Logs" --mime-type application/vnd.google-apps.folder -jc

If found, copy the id field and set it:

export PE_LOG_FOLDER="google:0B7_FOLDER_ID..."

If not found, create the folder:

porteden drive mkdir --name "PE_Logs" -jc

Copy the id from the response and set it:

export PE_LOG_FOLDER="google:0B7_FOLDER_ID..."

To persist across sessions, add to your shell profile (~/.bashrc, ~/.zshrc) or .env file. Once set, this step does not need to be repeated.

Logging workflow (per run)

Each run appends log lines to today's document. Follow these two steps every time you need to log.

Step 1. Find or create today's doc

Search for a doc named with today's date (YYYY-MM-DD) inside the log folder:

porteden drive files --name "2025-01-15" --folder $PE_LOG_FOLDER --mime-type application/vnd.google-apps.document -jc

If found, use the id from the result as the doc ID for step 2.

If not found, create today's doc:

porteden docs create --name "2025-01-15" --folder $PE_LOG_FOLDER -jc

Use the id from the response as the doc ID for step 2.

Step 2. Append the log line

porteden docs edit <DOC_ID> --append "[09:30:00Z] deploy | production | v2.4.1 released | success"

Each --append adds text at the end of the document, preserving all previous entries.

Multiple lines in one call:

porteden docs edit <DOC_ID> --append "[09:30:00Z] deploy | production | v2.4.1 released | success
[09:31:12Z] healthcheck | production | all endpoints healthy | success"

Log format examples

Use a consistent line format. Recommended patterns:

Timestamped event: [HH:MM:SSZ] event | source | details | status

Audit entry: [HH:MM:SSZ] actor | action | resource | result

Error line: [HH:MM:SSZ] ERROR | service | message

Task result: [HH:MM:SSZ] task | agent | input → output | duration

The date is already in the document name — log lines only need the time component.

Reading logs

Read today's log:

porteden docs read <DOC_ID>

List all log documents in the folder:

porteden drive files --folder $PE_LOG_FOLDER -jc

Read a specific day's log:

porteden drive files --name "2025-01-10" --folder $PE_LOG_FOLDER --mime-type application/vnd.google-apps.document -jc

Then read by its ID:

porteden docs read <DOC_ID>

Best practices

1. Always use --append — never overwrite log docs. Append-only preserves the full audit trail. 2. Use ISO 8601 date for doc names (YYYY-MM-DD) — ensures chronological sort and unique daily docs. 3. Include only the time in log lines — the date is in the document name, no need to repeat it. 4. Batch multiple log lines in one --append — separate lines with \n to reduce API calls. 5. Use a consistent delimiter — pipe | keeps fields scannable. Avoid commas in free-text fields. 6. Search before creating — always check if today's doc exists before creating a new one to avoid duplicates. 7. Use -jc on drive/read calls — compact JSON output minimizes tokens for AI agents.

Notes

Credentials persist in the system keyring after login. No repeated auth needed.
Set PE_PROFILE=work to avoid repeating --profile.
-jc is shorthand for --json --compact: strips noise, limits fields, reduces tokens for AI agents.
File IDs are always provider-prefixed (e.g., google:1BxiMVs0XRA5...). Pass them as-is.
porteden docs read returns plain text by default.
--append adds text at the end of the document. Each call appends — it does not replace.
accessInfo in responses describes active token restrictions.
PE_LOG_FOLDER is the only env var specific to this skill. Store it alongside PE_API_KEY.
Environment variables: PE_API_KEY, PE_PROFILE, PE_LOG_FOLDER, PE_FORMAT, PE_COLOR, PE_VERBOSE.

What it does

The capability, in one paragraph

Docs Logger gives an Grok Build agent a place to write run-time notes that a human can scan from any browser. The skill auto-creates a new Google Doc named YYYY-MM-DD inside a PE_Logs folder each day, then appends timestamped lines to it. Think of it as a cloud-native equivalent of `>> /var/log/agent.log` that survives across machines, browsers, and operators. Append is the only verb — there is no edit-in-place — so the doc functions as a tamper-evident running record.

Why it matters

Agents that run unattended need an audit surface that humans can read without standing up infrastructure. Slack DMs are noisy, syslog is invisible to non-engineers, dedicated log services need accounts. A Google Doc is the lowest-friction surface a paralegal, accountant, or operations lead already knows how to open and search.

How it works

A few flags, predictable output

Auto-creates one doc per date

On first append of the day, the skill creates a new doc named YYYY-MM-DD inside the folder identified by PE_LOG_FOLDER. Subsequent appends in the same UTC day land in the same doc. At UTC midnight, a new doc spins up.

Append is timestamped and append-only

Each append prepends an ISO-8601 UTC timestamp and writes after the existing content. The skill exposes no overwrite or delete verb, so the doc is a tamper-evident chronological record (subject to native Google Docs version history).

porteden docs edit <DOC_ID> --append "[$(date -u +%H:%M:%SZ)] deploy | production | v2.4.1 | ok"

Folder isolation via PE_LOG_FOLDER

PE_LOG_FOLDER is a Drive folder ID prefixed with google:. The agent can be granted Editor on this folder only — limiting blast radius if the token is misused.

Install

Five minutes, three commands

Install the PortEden CLI

Grok Build skills delegate every API call to the porteden binary. Install once with Homebrew or Go — the agent runtime invokes it on your behalf.

brew install porteden/tap/porteden 
# or
go install github.com/porteden/cli/cmd/porteden@latest

Authenticate

Browser-based login is recommended — credentials are written to your OS keyring. Token-based login is available for headless environments.

porteden auth login 
# headless / CI
porteden auth login --token <PE_API_KEY> 
porteden auth status

Add docs-logger to your Grok Build skills directory

Grok Build loads SKILL.md files from .grok/skills/. Drop the canonical SKILL.md into that directory and Grok picks it up on next session.

mkdir -p .grok/skills/docs-logger 
curl -fsSL https://porteden.com/skills/grok-build/docs-logger/SKILL.md \ 
  -o .grok/skills/docs-logger/SKILL.md

Try it on your data

Install Secure Grok Build Google Docs Logger Skill in five minutes. No credit card required.

Free tier covers personal Gmail, Outlook, Google Calendar, and Drive accounts. Upgrade for organization-wide policy and audit log.

See pricing

Related Resources

Grok Build provider page

How Grok Build connects to PortEden's data firewall.

Open

Logger (Google Sheets variant)

Same idea, structured rows in a sheet instead of paragraphs.

Open

Product — Audit Trail

PortEden's enterprise-grade audit log for the same events.

Open

PortEden · v1.0.0 · MIT-0

Source on ClawHub

Related Skills

Grok Build · Logging

Secure OpenClaw Google Sheets Logger Skill

A purpose-built logger for OpenClaw runs — append timestamped events to one Google Sheet, with row-level structure and CSV import for batch back-fills.

View skill v1.0.0

Grok Build · Drive & Docs

Secure OpenClaw Google Docs Skill

Permission-aware document operations for Google Docs — create, read, append, share, rename, export — every write logged to PortEden's audit trail.

View skill v1.0.0

Grok Build · Drive & Docs

Secure OpenClaw Google Drive Skill

List, search, upload, organize, share, and manage Google Drive files from an OpenClaw agent — with permission changes audited and risky scopes blocked at the firewall.

View skill v1.0.0

Install Secure Grok Build Google Docs Logger Skill Without Inheriting the Audit Tail

Browser auth, keyring-bound credentials, server-side audit log. The same data firewall behind every PortEden integration — wrapped for xAI's Grok Build runtime.

Talk to sales

Regulated org or 200+ seats? Talk to sales →