← Back to Skills Marketplace
Situation Monitor
by
mohnishb-ai
· GitHub ↗
· v0.1.2
· MIT-0
129
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install situation-monitor
Description
Triages Discord activity and Kubernetes incidents into ranked situation reports with fixture-first demos, live Discord and Apify intake, Contextual-grounded...
Usage Guidance
Before installing or enabling this skill:
- Treat it as high-risk until the maintainer clarifies requirements. The published metadata lists only bash and python3, but the repo and docs also require node/npm, kubectl, gcloud, and many sensitive API tokens (Apify, Friendli, Contextual, Redis, Discord). Ask the author to update SKILL metadata to list all required binaries, env vars, and config paths.
- Do NOT run demo trigger commands (02-incidents.sh trigger* or destroy) against any real/production cluster. Those scripts intentionally inject failures and can delete a GKE cluster.
- If you need to evaluate safely, run the skill in an isolated environment: a disposable hackathon-only cluster and a sandboxed gateway with least-privilege service accounts (KUBECONFIG referencing a limited-access account), and network egress controlled for third-party tokens.
- Ensure a formal install step is added (or follow author instructions) that documents npm install for the Apify actor and Python venv creation so dependencies are reproducible and auditable.
- Verify who will have access to the listed tokens and whether the OpenClaw host will store them securely; treat REDIS_URL, FRIENDLI_TOKEN, APIFY_TOKEN, CONTEXTUAL_API_KEY, and DISCORD_BOT_TOKEN as sensitive secrets.
- If the skill will run in a hosted OpenClaw instance, require an admin review and a configuration checklist: (1) KUBECONFIG points to a non-production, limited account; (2) Node/npm are installed in a controlled environment; (3) required env vars are added intentionally; (4) destructive demo commands are disabled or removed.
If the author provides corrected metadata (declare all env vars and binaries), an explicit non-destructive default config, and an install spec for Node, this assessment could move toward 'benign'.
Capability Analysis
Type: OpenClaw Skill
Name: situation-monitor
Version: 0.1.2
The skill bundle provides legitimate SRE monitoring and triage functionality but includes high-risk capabilities that warrant a suspicious classification. Specifically, '02-incidents.sh' contains a destructive command to delete a GKE cluster ('gcloud container clusters delete'), and 'src/monitoring_the_situation/cluster_live.py' executes 'kubectl' commands via 'subprocess.run' based on agent-provided arguments. Additionally, 'SKILL.md' contains hardcoded absolute local paths and instructions for the agent to perform 'npm install' and 'node' executions. While these behaviors are plausibly aligned with the stated purpose of Kubernetes monitoring and incident simulation, they represent a high-risk attack surface. No clear evidence of intentional malice or data exfiltration was found, and the inclusion of an 'ApprovalGate' in 'src/monitoring_the_situation/approvals.py' suggests a focus on operational safety.
Capability Assessment
Purpose & Capability
The skill claims to triage Discord and Kubernetes incidents (reasonable), but the bundle actually contains both a Python OpenClaw skill and a Node.js Apify actor, plus a cluster incident trigger script (02-incidents.sh) that runs kubectl and gcloud. The registry metadata only lists bash and python3 as required binaries and declares no env vars, yet the README and docs require many sensitive env vars (REDIS_URL, FRIENDLI_TOKEN, APIFY_TOKEN, APIFY_ACTOR_ID, CONTEXTUAL_API_KEY, CONTEXTUAL_AGENT_ID, KUBECONFIG, DISCORD_BOT_TOKEN, etc.) and Node. That discrepancy is not proportionate to the published requirements.
Instruction Scope
SKILL.md and the README instruct the operator/agent to run scripts/mts (bootstraps a Python venv and installs the package), run npm install/node main.js for the Apify actor, upload runbooks to Contextual, and optionally run 02-incidents.sh which intentionally injects failures (OOM, bad image) and can delete a GKE cluster. These instructions reference reading local files (KUBECONFIG, runbooks), calling external services (Apify, GCP, GitHub, FriendliAI, Contextual, Discord), and performing destructive cluster operations — all outside what the registry metadata indicated.
Install Mechanism
No formal install spec is published for OpenClaw, yet the repo expects two installation flows: Python package install (handled by scripts/mts) and an npm install for the Apify actor. The metadata didn't declare Node/npm as required, and there's no automated, vetted install step for the Node actor. The lack of a clear, whitelisted install mechanism for the Node actor and its many npm deps increases operational risk.
Credentials
The code and docs require multiple sensitive credentials and config paths (API tokens for Apify, Friendli, Contextual, Discord bot token, REDIS_URL, and KUBECONFIG) and expect cluster admin actions via kubectl/gcloud. None of these are declared in the skill's registry metadata. Requesting KUBECONFIG and running kubectl/gcloud is high-privilege and must be explicit; the current omission is disproportionate and risky.
Persistence & Privilege
The skill is not marked always:true, but it contains scripts capable of destructive actions (applying deployments that cause OOMs, rolling back, and a destroy command that deletes a GKE cluster). Those actions are part of the demo but could be executed if the agent or an operator runs the script against a real cluster. The skill does not declare or limit required privileges (e.g., recommends 'hackathon-only' cluster but does not enforce it).
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install situation-monitor - After installation, invoke the skill by name or use
/situation-monitor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.2
Version 0.1.2 of situation-monitor introduces detailed usage guidelines and improved safety guardrails.
- Added comprehensive SKILL.md documentation, outlining usage scenarios and command examples.
- Documented new working modes for both Discord and Kubernetes (KubeWatch) monitoring, including fixture and live intake workflows.
- Improved safety guardrails: now recommends fixture modes for demos, blocks personal/private ingestion, and restricts outbound posting without Civic approval.
- Clarified expected output structure for situation reports, including executive summary and actionable items.
- Provided step-by-step instructions for setup, operation, and integration with Apify and Civic approval systems.
Metadata
Frequently Asked Questions
What is Situation Monitor?
Triages Discord activity and Kubernetes incidents into ranked situation reports with fixture-first demos, live Discord and Apify intake, Contextual-grounded... It is an AI Agent Skill for Claude Code / OpenClaw, with 129 downloads so far.
How do I install Situation Monitor?
Run "/install situation-monitor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Situation Monitor free?
Yes, Situation Monitor is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Situation Monitor support?
Situation Monitor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Situation Monitor?
It is built and maintained by mohnishb-ai (@mohnishb-ai); the current version is v0.1.2.
More Skills