← Back to Skills Marketplace
SourceHarbor Watchlist Briefing
by
Yifeng[Terry] Yu
· GitHub ↗
· v1.0.0
· MIT-0
143
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install sourceharbor-watchlist-briefing
Description
Use SourceHarbor watchlists, briefings, Ask, MCP, and HTTP API to answer one question with current story context and evidence.
Usage Guidance
This skill appears to be a legitimate operator briefing card for a local SourceHarbor service, but there are inconsistencies you should clear up before installing or running anything: (1) The manifest declares no required env vars, yet SKILL.md expects SOURCE_HARBOR_API_BASE_URL and other runtime inputs — ask the author to declare these explicitly. (2) The install guidance tells you to clone and run code from https://github.com/xiaojiou176-open/sourceharbor.git; treat that as untrusted until you review the repo contents and author provenance. (3) Do not run ./bin/dev-mcp or any binaries from an unknown repo on production systems; run them in an isolated environment first. (4) Confirm whether your platform will actually provide MCP access or local HTTP access to 127.0.0.1:9000 and whether any credentials are required. If you cannot validate the repository and the missing manifest declarations, proceed cautiously or prefer an officially published SourceHarbor package.
Capability Analysis
Type: OpenClaw Skill
Name: sourceharbor-watchlist-briefing
Version: 1.0.0
The skill bundle defines a workflow for an AI agent to interact with 'SourceHarbor,' a tool for managing watchlists and briefings, using the Model Context Protocol (MCP) or a local HTTP API. It includes comprehensive documentation, configuration templates for OpenClaw and OpenHands, and clear instructions in SKILL.md that guide the agent to provide evidence-backed answers. While it directs users to clone an external repository (github.com/xiaojiou176-open/sourceharbor.git) and execute a local binary, these actions are consistent with the stated purpose of setting up a local MCP server and do not exhibit signs of malicious intent or unauthorized data exfiltration.
Capability Assessment
Purpose & Capability
The skill is clearly an operator briefing card for SourceHarbor and its instructions (use MCP or HTTP API to load a watchlist/briefing and cite evidence) align with that purpose. However, the skill metadata declares no required environment variables or credentials while the runtime instructions expect variables like SOURCE_HARBOR_API_BASE_URL, WATCHLIST_ID and SOURCE_HARBOR_MCP_STATUS. That mismatch between declared requirements and the actual workflow is an incoherence to resolve.
Instruction Scope
SKILL.md confines the agent to loading watchlist/briefing data, evidence lookup, and returning structured outputs and guardrails (do not invent evidence). It instructs use of local MCP or local HTTP API endpoints (curl to /api/v1/...), which is appropriate for this use case. The instructions also include human-facing setup steps (git clone, run ./bin/dev-mcp) — useful but these ask a human to run local binaries and set env vars, so they should not be executed blindly by an operator or automated installer.
Install Mechanism
There is no automated install spec (instruction-only), which reduces immediate risk. However references/INSTALL.md recommends cloning https://github.com/xiaojiou176-open/sourceharbor.git and running ./bin/dev-mcp. That points to a third‑party GitHub repo (not declared/verified in metadata). While the guidance is local/manual, following it would install and run code from an unvetted source — a higher-risk action that the user should validate first.
Credentials
The skill requests no credentials in its manifest, but the runtime instructions reference runtime inputs and env vars (SOURCE_HARBOR_API_BASE_URL, WATCHLIST_ID, SOURCE_HARBOR_MCP_STATUS, and local path substitutions). The manifest should declare these as required env/config items. There are no requests for cloud keys or secrets in the instructions, but the metadata mismatch (undeclared envs and local config edits) makes the runtime privilege/requirements unclear and is a proportionality concern.
Persistence & Privilege
The skill is instruction-only, has no install step that would write to disk at install time, and does not request always:true or other elevated persistence. Example config snippets are provided for users to add to their MCP config, but the skill itself does not force persistent agent changes.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install sourceharbor-watchlist-briefing - After installation, invoke the skill by name or use
/sourceharbor-watchlist-briefing - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of sourceharbor-watchlist-briefing.
- Added core logic and documentation for briefing on a single watchlist with evidence-backed answers.
- Introduced setup, capabilities, and workflow reference files in the /references directory.
- Updated SKILL.md and README.md with workflow details and runtime requirements.
- Provided new installation, capabilities, demo, and troubleshooting guides.
- Expanded references to support both MCP and HTTP API configurations.
v0.1.16
- Added references/http-fallback.md as new documentation for HTTP API fallback usage.
- Updated SKILL.md to reference the new http-fallback documentation in the companion references section.
- Improved language in SKILL.md for clarity and consistency (e.g., renamed "plugin-grade operator briefing card" to "operator briefing skill card").
- Updated references in documentation files to ensure all relevant usage guides and capability maps are included.
v0.1.15
- Added detailed documentation files: README.md, capability map, example output, and setup reference.
- Expanded SKILL.md to clarify exposed MCP abilities, runtime setup, and output contract.
- Introduced trigger keywords for easier discovery and integration.
- Improved workflow, guardrails, and guidance for using SourceHarbor watchlists in operator briefings.
v0.1.14
sourceharbor-watchlist-briefing 0.1.14
- Updated SKILL.md with clearer instructions, workflow details, and required steps for answering questions using SourceHarbor watchlists.
- Added sections on skill goal, specific user inputs, and prioritized workflow order (MCP, HTTP API, then web routes).
- Clarified required outputs: current story, changes, evidence, and suggested next action.
- Included explicit guardrails to prevent false claims and ensure evidence-based answers.
- Listed related documentation surfaces for reference.
Metadata
Frequently Asked Questions
What is SourceHarbor Watchlist Briefing?
Use SourceHarbor watchlists, briefings, Ask, MCP, and HTTP API to answer one question with current story context and evidence. It is an AI Agent Skill for Claude Code / OpenClaw, with 143 downloads so far.
How do I install SourceHarbor Watchlist Briefing?
Run "/install sourceharbor-watchlist-briefing" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is SourceHarbor Watchlist Briefing free?
Yes, SourceHarbor Watchlist Briefing is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does SourceHarbor Watchlist Briefing support?
SourceHarbor Watchlist Briefing is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created SourceHarbor Watchlist Briefing?
It is built and maintained by Yifeng[Terry] Yu (@xiaojiou176); the current version is v1.0.0.
More Skills