← Back to Skills Marketplace
diluke1600

grafana-inspector

by ken · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
220
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install grafana-inspector
Description
Grafana 自动化巡检技能。支持浏览器截图 + API 数据巡检,多仪表盘批量巡检,自动发现仪表盘。
README (SKILL.md)

\r \r

Grafana 自动化巡检技能\r

\r

快速开始\r

\r

# 1. 配置\r
cd skills/grafana-inspector/scripts\r
cp config.example.json config.json\r
# 编辑 config.json\r
\r
# 2. 执行\r
python main.py config.json\r
\r
# 或在 OpenClaw 中输入\r
执行 Grafana 巡检\r
```\r
\r
## 配置说明\r
\r
```json\r
{\r
  "grafana_url": "http://localhost:3000",\r
  "api_key": "",\r
  "dashboard_uids": [],\r
  "auto_discover": true,\r
  "discover_limit": 10,\r
  "inspection_mode": "hybrid",\r
  "screenshot_dir": "./screenshots"\r
}\r
```\r
\r
| 参数 | 说明 | 必填 |\r
|------|------|------|\r
| `grafana_url` | Grafana 地址 | ✅ |\r
| `api_key` | API Key(API 巡检用) | ✅ |\r
| `dashboard_uids` | 仪表盘 UID 列表 | ❌ |\r
| `auto_discover` | 自动发现仪表盘 | ❌ |\r
| `discover_limit` | 最多巡检数量 | ❌ |\r
\r
## 使用方式\r
\r
### 方式 1:命令行\r
\r
```bash\r
cd skills/grafana-inspector/scripts\r
python inspect_report.py config.json\r
```\r
\r
### 方式 2:OpenClaw\r
\r
```\r
执行 Grafana 巡检\r
```\r
\r
## 输出\r
\r
- `inspection_*.json` - JSON 结果\r
- `inspection_*.md` - Markdown 报告\r
\r
## 获取 Dashboard UID\r
\r
1. 打开 Grafana 仪表盘\r
2. 查看 URL: `https://grafana/d/{UID}/{name}`\r
3. 复制 UID 部分\r
\r
## 获取 API Key\r
\r
1. Grafana → Configuration → API keys\r
2. 创建 Viewer 权限的 Key\r
3. 复制到配置\r
\r
## 文件结构\r
\r
```\r
grafana-inspector/\r
├── scripts/\r
│   ├── api_inspect.py    # API 巡检\r
│   ├── main.py        # 主脚本\r
│   └── config.json       # 配置\r
├── screenshots/          # 截图\r
├── SKILL.md             # 技能定义\r
└── README.md            # 说明文档\r
```\r
\r
## 故障排查\r
\r
### API 连接失败\r
- 检查 API Key 是否正确\r
- 验证网络连接\r
- 确认 Grafana 服务正常\r
- 检查飞书授权状态\r
Usage Guidance
This skill is plausibly what it claims to be, but review and fix a few things before running it in production: - Configuration: The SKILL.md and config.example.json use keys like "dashboard_uids" and "discover_limit", but the included scripts/config.json uses different keys (e.g., "dashboard_uid"). Fix or reconcile the config file so the scripts read the intended fields. - Credentials: Provide a Grafana API key with the minimum necessary permissions (Viewer) and store config.json securely. The tool supports username/password in config but using API keys is preferable. The skill does not request platform env vars, but the config file contains secrets — treat it accordingly. - TLS verification: inspection_report.py disables TLS verification (requests(..., verify=False)). This makes HTTPS connections susceptible to MITM. If your Grafana endpoint has valid TLS, change verify to True; if you must disable verification for internal tooling, accept the risk and limit network exposure. - Leftover references: The docs mention Feishu integration; no evidence in the code of outbound posting. Treat these as stale comments but confirm no hidden endpoints (you can grep for remote URLs or 'requests.post' calls before running). - Code integrity: The provided listing shows a truncated snippet of api_inspect.py. Ensure the repository's files are complete and syntactically correct; a broken module could raise import errors. Run the scripts in a safe environment first. - Scope and network: The tool only talks to the Grafana URL you configure. Only point it at Grafana instances you control or trust. Do not run against public/unknown Grafana endpoints with privileged keys. If you are not comfortable fixing the issues above, ask the skill author to: provide a single consistent config example, remove verify=False or make it configurable, remove stale Feishu references or implement them clearly, and confirm the shipped code files are complete and validated.
Capability Analysis
Type: OpenClaw Skill Name: grafana-inspector Version: 1.0.0 The skill bundle provides tools for automated Grafana dashboard auditing and reporting via API. It is classified as suspicious because `scripts/inspection_report.py` explicitly disables SSL certificate verification (`verify=False`) during API requests, a security vulnerability that exposes sensitive credentials (API keys/passwords) to man-in-the-middle attacks. While the code's logic is aligned with its stated purpose and no evidence of intentional malice or data exfiltration was found, the inclusion of this security flaw meets the criteria for a suspicious classification.
Capability Assessment
Purpose & Capability
Name/description match the code: scripts call Grafana API endpoints, discover dashboards, generate reports and screenshots. The set of files and code are consistent with a Grafana inspection tool. There are no unrelated external services or unexpected credential requests.
Instruction Scope
SKILL.md instructs editing config.json and running the Python scripts, which is expected. However: (1) some troubleshooting text and comments mention Feishu (飞书) integration, but no code that posts to external document/chat endpoints was found — this is likely leftover documentation but creates confusion; (2) requests calls in inspection_report.py use verify=False (TLS verification disabled), which is a security risk (man-in-the-middle) and should be intentional only for internal/trusted networks; (3) the provided scripts, example config, and included config.json are inconsistent (keys like dashboard_uids vs dashboard_uid, discover_limit present in example but missing in the included config.json), which can cause incorrect behavior or user misconfiguration; (4) the displayed api_inspect.py snippet in the listing appears truncated (syntax cut mid-token) — if the shipped file contains such truncation it would raise import/runtime errors. These issues broaden the runtime scope beyond what's documented and increase risk of mistakes.
Install Mechanism
Instruction-only skill (no install spec). The code is shipped with the skill; no remote downloads or package installs are performed automatically. This is lower risk from an install mechanism perspective.
Credentials
The tool requires Grafana credentials (API key or username/password) to function — this is expected and proportionate. The skill requires no platform environment variables or unrelated credentials. Note: credentials are read from a local config file (config.json) rather than environment variables; make sure you store the API key with least-privilege (Viewer) and protect the file. Also note the mismatch between SKILL.md/example config keys and the included config.json which may lead to misconfiguration and accidentally leaving credentials in the wrong file or location.
Persistence & Privilege
always is false and the skill does not request any special platform persistence or modify other skills. It writes report files to the working directory (screenshots/reports), which is expected behavior for a reporting tool.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install grafana-inspector
  3. After installation, invoke the skill by name or use /grafana-inspector
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of grafana-inspector. - Automates Grafana dashboard inspections via browser screenshots and API data. - Supports batch inspection and auto-discovery of multiple dashboards. - Provides configurable inspection modes and output formats (JSON, Markdown). - Includes command-line and OpenClaw integration for flexible usage. - Clear setup instructions and troubleshooting included.
Metadata
Slug grafana-inspector
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is grafana-inspector?

Grafana 自动化巡检技能。支持浏览器截图 + API 数据巡检,多仪表盘批量巡检,自动发现仪表盘。 It is an AI Agent Skill for Claude Code / OpenClaw, with 220 downloads so far.

How do I install grafana-inspector?

Run "/install grafana-inspector" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is grafana-inspector free?

Yes, grafana-inspector is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does grafana-inspector support?

grafana-inspector is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created grafana-inspector?

It is built and maintained by ken (@diluke1600); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments