{"skill":{"slug":"key-expiry-tracker","displayName":"Key Expiry Tracker","summary":"Tracks credential expiry dates (API keys, secrets, certificates) and sends alerts when expiring within 14 days, running weekly via cron.","description":"# Key Expiry Tracker\n\nTrack **only expiry dates** (metadata) for API keys/client secrets/certificates and alert before they expire.\n\n## Description\n\nKey Expiry Tracker helps you avoid outages by tracking **only the expiry dates** of credentials (API keys, client secrets, certificates) and reminding you ahead of time.\n\n**It never stores, reads, or transmits any credential values** — you maintain a local JSON list with labels and expiry timestamps.\n\n**Token cost:** ~200-500 tokens per run (cron + simple JSON parsing).\n\n## Usage\n\n### Add a new credential\n\nEdit `~/.openclaw/workspace/.credentials.json`:\n\n```json\n{\n  \"credentials\": [\n    {\n      \"name\": \"Azure OpenClaw Calendar\",\n      \"type\": \"client-secret\",\n      \"expires\": \"2026-03-15T00:00:00Z\",\n      \"provider\": \"Microsoft Azure\",\n      \"notes\": \"For M365 calendar integration\"\n    }\n  ]\n}\n```\n\n### Run check manually\n\n```bash\n~/.openclaw/workspace/skills/key-expiry-tracker/scripts/check-credentials.sh\n```\n\n### Cron schedule\n\nWeekly on Sunday at 10:00:\n\n```\ncron add --name \"key-expiry-tracker\" \\\n  --schedule \"0 10 * * 0\" \\\n  --payload '{\"kind\":\"systemEvent\",\"text\":\"Run key-expiry-tracker weekly check\"}' \\\n  --sessionTarget main\n```\n\n## Credential Types\n\n- `client-secret`: Azure AD, API keys\n- `api-key`: Third-party APIs (OpenAI, etc.)\n- `certificate`: SSL/TLS certs\n- `token`: OAuth tokens, refresh tokens\n- `password`: Passwords with expiry\n\n## Alert Thresholds\n\n- **14 days**: Warning (yellow)\n- **7 days**: Critical (red)\n- **Expired**: Already expired!\n\n## JSON Schema\n\n```json\n{\n  \"credentials\": [\n    {\n      \"name\": \"string (required)\",\n      \"type\": \"client-secret|api-key|certificate|token|password\",\n      \"expires\": \"ISO-8601 timestamp (required)\",\n      \"provider\": \"string (optional)\",\n      \"renewed\": \"ISO-8601 timestamp (optional, last renewal)\",\n      \"notes\": \"string (optional)\"\n    }\n  ]\n}\n```\n","tags":{"latest":"1.0.2"},"stats":{"comments":0,"downloads":386,"installsAllTime":1,"installsCurrent":1,"stars":0,"versions":3},"createdAt":1771334691209,"updatedAt":1778991191543},"latestVersion":{"version":"1.0.2","createdAt":1771340849516,"changelog":"Docs: clarify no credential values are stored/handled; metadata-only expiry tracking.","license":null},"metadata":null,"owner":{"handle":"tradmangh","userId":"s17aaegq3rafytyraeyc72bkjx83twpg","displayName":"Thomas J. Radman","image":"https://avatars.githubusercontent.com/u/4415781?v=4"},"moderation":null}