Grafana Lens
ReviewAudited by ClawScan on May 10, 2026.
Overview
Grafana Lens appears purpose-built for Grafana automation, but it gives an agent broad monitoring control and persistent data-collection abilities that need tighter user approval and scoping.
Install only if you want an agent to actively operate Grafana. Use a dedicated least-privilege Grafana token, test in a non-production workspace first, require confirmation for alert silences and Alloy pipeline changes, restrict log collection paths/sources, and verify redaction and retention settings before sending real prompts, logs, or infrastructure data to Grafana.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could mute Grafana alerts during an investigation, which may cause missed or delayed incident notifications.
This is a state-changing alert-management action. The visible instruction does not require explicit user approval, a time limit, or a specific alert/rule scope before silencing.
Silence alerts during investigation — use `grafana_check_alerts` with action `silence` to prevent repeat notifications while investigating
Require explicit user confirmation, a bounded duration, and a named alert/rule scope before any silence operation; also provide an easy undo path.
Private operational logs, secrets accidentally present in logs, or noisy pipeline changes could be forwarded to Grafana and affect team monitoring.
The Alloy recipes can create broad local, container, and system log collection, sometimes without mandatory filters. The provided artifacts do not show mandatory approval, preview, or redaction for every such pipeline.
`docker-logs` | `(none)` | Docker socket (opt: containerNames, excludeContainers); `file-logs` | `paths` (glob array) | Local files; `journal-logs` | `(none)` | systemd journal
Preview generated Alloy configs, require user confirmation before create/update, prefer narrow filters, enable redaction where possible, and document rollback/delete steps.
If given an over-privileged token, the agent may read sensitive observability data or modify dashboards, alerts, and related Grafana state.
The skill needs a Grafana API key and advertises broad read/write Grafana operations, so its effective authority depends on the token's Grafana permissions.
requires config: grafana.url, grafana.apiKey; "You have full native Grafana access — query data, create dashboards, set alerts"
Use a dedicated least-privilege Grafana service account, prefer a non-production Grafana instance for testing, and rotate/revoke the token if behavior is unexpected.
Prompts, responses, application logs, and diagnostic events may become searchable in Grafana/Loki according to the configured retention and access controls.
The skill can persist sensitive agent conversation and application log content into Grafana/Loki. This is purpose-aligned for observability, but it is sensitive data handling.
Logs → Loki: diagnostic events, LLM inputs/outputs, app log forwarding, security events ... Configurable content capture with secret redaction for privacy
Verify content-capture settings, redaction behavior, Grafana access controls, and retention policies before enabling this in a real workspace.
Grafana alert content can influence the agent's investigation workflow and may include sensitive labels, annotations, or links.
The skill can connect Grafana alert webhooks into the agent context. That is expected for alert investigation, but webhook origin and alert annotation content should be trusted and controlled.
Run `grafana_check_alerts` with action `setup` once before alert notifications can reach the agent — this creates the webhook contact point
Restrict webhook sources to trusted Grafana instances, avoid putting secrets in alert annotations, and review automatically suggested investigations before high-impact follow-up actions.
Users have less external context for verifying the publisher, release history, or source code provenance before granting Grafana access.
The supplied registry metadata does not provide a source repository or homepage, limiting independent provenance review.
Source: unknown; Homepage: none
Verify the publisher and package contents through ClawHub or another trusted channel before installing in a production environment.