Description

AI monitoring that fixes your code — query alerts, trigger remediations, rollback deploys, chat with your infrastructure

README (SKILL.md)

InariWatch — AI Monitoring That Fixes Your Code

Name: Openclaw Skill
Author: orbita-pos

You are connected to InariWatch via MCP. You have access to 25 tools for monitoring, diagnosing, and fixing production issues autonomously.

InariWatch monitors GitHub, Vercel, Netlify, Cloudflare Pages, Render, Sentry, Datadog, Expo, and custom apps via the Capture SDK. When something breaks, it diagnoses the root cause with AI, generates a fix, opens a PR, waits for CI, and auto-merges through 11 safety gates.

Available tools

Check status

"What's breaking in production?" -> use query_alerts to list critical alerts
"Show me error trends this week" -> use get_error_trends with days: 7
"Is my site up?" -> use get_uptime to check all monitors
"Show project status" -> use get_status for projects, integrations, and alert counts

Diagnose issues

"What caused this error?" -> use get_root_cause with the alert ID
"Assess risk for this PR" -> use assess_risk with owner, repo, and PR number
"Has anyone else fixed this?" -> use search_community_fixes with the error message
"Generate a post-mortem" -> use get_postmortem with the alert ID
"Get build logs" -> use get_build_logs for the latest failed deploy

Fix issues

"Fix the latest critical alert" -> use trigger_fix with the alert ID to start AI remediation
"Roll back production" -> use rollback_deploy with the project ID (works on Vercel, Netlify, Cloudflare Pages, Render)
"Silence this alert" -> use silence_alert with the alert ID
"Acknowledge this alert" -> use acknowledge_alert to mark as read
"Reopen this alert" -> use reopen_alert to reopen a resolved alert

Monitor and explore

"Add uptime monitoring for api.example.com" -> use create_uptime_monitor with the URL
"Run a health check" -> use run_health_check for all monitors
"Check if this can be reproduced" -> use reproduce_bug with the alert ID
"Simulate this fix" -> use simulate_fix with the alert ID and proposed changes
"Verify the remediation worked" -> use verify_remediation with the session ID
"Search my codebase for auth logic" -> use search_codebase with the query
"Reindex my codebase" -> use reindex_codebase with the project ID
"Ask about my infrastructure" -> use ask_inari with a natural language question

Important rules

Always confirm before destructive actions. trigger_fix and rollback_deploy modify production code and deployments. Ask the user for explicit confirmation before executing these.
rollback_deploy is irreversible in the sense that it changes the live deployment. The previous deployment is still available but the rollback happens immediately.
Rate limits apply. Query tools: 200/min. Analysis tools: 30/min. Execution tools (fix, rollback): 5/min. If you hit a limit, wait and retry.
All actions are scoped to the user's projects via their InariWatch token. You cannot access other users' data.
trigger_fix starts an async pipeline. It returns a session ID immediately. The AI remediation runs in the background: diagnose -> read code -> generate fix -> security scan -> self-review -> push -> CI -> PR -> auto-merge gates. You can check progress with verify_remediation.
Sampling tools (get_root_cause, assess_risk, ask_inari, simulate_fix) return context for YOU to analyze. Process the returned data and provide your own analysis to the user.

Setup

The user needs an InariWatch account at https://app.inariwatch.com and a token from Settings -> API Tokens.

Option 1 — Auto-detect (recommended):

npx @inariwatch/mcp init

This detects OpenClaw and configures automatically.

Option 2 — Manual CLI:

openclaw mcp set inariwatch '{"url":"https://mcp.inariwatch.com","transport":"streamable-http","headers":{"Authorization":"Bearer YOUR_TOKEN"}}'

Option 3 — Edit config directly: Add to ~/.openclaw/openclaw.json:

{
  "mcp": {
    "servers": {
      "inariwatch": {
        "url": "https://mcp.inariwatch.com",
        "transport": "streamable-http",
        "headers": {
          "Authorization": "Bearer YOUR_TOKEN"
        }
      }
    }
  }
}

Usage Guidance

This skill appears coherent for its stated purpose, but take these precautions before installing: - Treat INARIWATCH_TOKEN as sensitive: only provide a token with the minimum scope needed and be prepared to revoke it if needed. - Confirm destructive actions: the skill can trigger fixes and rollbacks; only proceed when you explicitly confirm those operations. - Verify the npm helper: SKILL.md suggests `npx @inariwatch/mcp init` — npx will fetch and execute code from the npm registry. Verify the package identity (publisher, package page, version) before running and prefer to inspect the package source if you can. - Review InariWatch account integrations: the skill relies on the service to access GitHub, CI, and hosting providers. Ensure you trust the InariWatch account and that its integrations and permissions are appropriate. - If you need stronger assurance, ask the publisher for: a link to the npm package, the MCP package source, security/release info, and documentation of what minimum token scopes are required. Overall: reasonable match for its purpose, but because it can change production and downloads code via npx, proceed with deliberate review and least-privilege tokens.

Capability Analysis

Type: OpenClaw Skill Name: inariwatch Version: 1.0.0 The inariwatch skill provides tools for automated monitoring and remediation, including high-risk capabilities such as searching codebases (`search_codebase`), triggering AI-generated code fixes (`trigger_fix`), and rolling back production deployments (`rollback_deploy`). While these actions are consistent with the stated purpose and the instructions explicitly require user confirmation for destructive actions, the broad access to production environments and source code via the `INARIWATCH_TOKEN` constitutes a significant security risk. No explicit evidence of malicious intent, data exfiltration, or obfuscation was found in SKILL.md or _meta.json, but the potential for high-impact autonomous actions warrants a cautious classification.

Capability Assessment

✓ Purpose & Capability

The skill is an InariWatch integration that claims to monitor many platforms and perform remediations; requiring a single INARIWATCH_TOKEN is consistent because the backend service is expected to hold downstream integrations and credentials. No unrelated credentials or binaries are requested.

ℹ Instruction Scope

SKILL.md instructs the agent to query alerts, trigger fixes, rollback deploys, read and reindex codebases, and modify the user's ~/.openclaw/openclaw.json or run openclaw mcp commands. These are within the stated remediation/monitoring scope, but several actions are destructive (trigger_fix, rollback_deploy) — the doc correctly advises explicit user confirmation before performing them.

ℹ Install Mechanism

There is no registry install spec (instruction-only). The README suggests running `npx @inariwatch/mcp init` which will download and run code from the npm registry at runtime — a legitimate but higher-risk action than pure configuration. Verify the npm package name and publisher before running.

✓ Credentials

Only INARIWATCH_TOKEN is required and declared as primary; this is proportional because the InariWatch service likely brokers access to downstream platforms. No unrelated secrets or extra environment variables are requested.

✓ Persistence & Privilege

always:false and user-invocable:true (normal). The skill's setup steps modify the user's OpenClaw MCP config (~/.openclaw/openclaw.json) or call openclaw mcp set — modifying the agent's config is expected for an integration and is documented. No unusual permanent privileges or cross-skill config writes are requested.

Version History

v1.0.0

Initial release of InariWatch skill: Autonomous AI-driven monitoring and code remediation. - Query status, error trends, and uptime across deployments and integrations. - Diagnose root causes, assess PR risk, and search for community or past fixes. - Trigger AI-powered fixes, roll back deployments, silence/acknowledge/reopen alerts, and simulate/verify remediations. - Add and manage uptime monitors, search or reindex codebases, and chat with your infrastructure. - All actions require explicit user confirmation for destructive operations, with safety and rate limits enforced. - Setup via InariWatch token with OpenClaw, CLI, or manual configuration.

Metadata

Slug inariwatch

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Openclaw Skill?

AI monitoring that fixes your code — query alerts, trigger remediations, rollback deploys, chat with your infrastructure. It is an AI Agent Skill for Claude Code / OpenClaw, with 72 downloads so far.

How do I install Openclaw Skill?

Run "/install inariwatch" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Openclaw Skill free?

Yes, Openclaw Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Openclaw Skill support?

Openclaw Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Openclaw Skill?

It is built and maintained by Jesus Bernal (@orbita-pos); the current version is v1.0.0.

More Skills

Openclaw Skill