ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Edvisage Agent Ops

v1.0.0

Operational visibility for AI agents — cost tracking, action logging, and performance monitoring.

0· 9·0 current·0 all-time
byEdvisage Global@edvisage
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and SKILL.md all align: the skill is an instruction-only operations/monitoring helper for agents (cost estimates, action logs, summaries). It requests no binaries, no env vars, and no installs — which is proportionate for a purely protocol/format guidance skill. The only implicit capability assumed is that the agent can observe its own API calls and estimate tokens/costs, which is a plausible requirement for an ops tool.
!
Instruction Scope
The SKILL.md tells the agent to log detailed action and cost information 'in your memory files' and to 'assess and log before every API call' including file-read/write events and targets. It does not specify storage locations, retention, or access controls. That vagueness can lead the agent to record sensitive user data, API payloads, or credentials in persistent memory/logs. The instructions do not explicitly tell the agent to transmit logs off-system, but they also do not constrain what to log or who can read the logs.
Install Mechanism
This is instruction-only (no install spec, no code files to execute). No downloads or package installs are requested, which minimizes the risk of arbitrary code being written to disk.
Credentials
No environment variables, credentials, or config paths are requested. That is proportionate to the stated monitoring purpose. However, the skill's logging could cause the agent to capture unrelated sensitive environment data if the agent logs entire inputs or outputs without filtering.
!
Persistence & Privilege
always is false and autonomous invocation is allowed by default (normal), but the skill explicitly asks agents to maintain 'running daily cost log in your memory files' and daily action logs. Whether these are ephemeral or persistent depends on the agent's memory implementation; if persistent, the skill can cause accumulation of potentially sensitive transcripts across days. The skill does not request or modify other skills' configs.
What to consider before installing
This skill appears to do what it says (tracking costs and actions) and doesn't request credentials or install code, but its instructions are vague about where logs are stored and what exactly gets recorded. Before installing or enabling it: 1) Confirm where 'memory files' and logs will be written and who/what can read them; set a secure storage location and retention policy if possible. 2) Limit or redact sensitive fields from logs (user messages, API responses, credentials). 3) Test the skill in an isolated environment to inspect sample logs and verify no secrets are captured. 4) Verify the publisher (homepage/repo) and prefer a published source you trust. 5) If you enable autonomous use, consider restricting the skill's permissions or turning on manual approval for any actions that could expose data.

Like a lobster shell, security has layers — review code before you run it.

latestvk9718v952bb90rb62ff42t9xt18401de

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

agent-ops — Operational Visibility for AI Agents

By Edvisage Global — the agent safety company

Stop flying blind. agent-ops gives you complete visibility into what your agent is doing, what it's costing, and whether it's working.

What This Skill Does

When installed, your agent gains structured operational awareness — tracking its own costs, logging its actions, and generating reports for you, the owner.

Core Capabilities

1. Cost Tracking Protocol

Before every API call, assess and log:

  • Model used: Which model is being called (Opus, Sonnet, Haiku, GPT, etc.)
  • Estimated tokens: Input and output token estimate
  • Estimated cost: Based on current model pricing
  • Task classification: Is this a heartbeat, user request, automated task, or sub-agent spawn?

Maintain a running daily cost log in your memory files:

## Daily Cost Log — [DATE]
| Time | Model | Tokens (in/out) | Est. Cost | Task Type | Description |
|------|-------|-----------------|-----------|-----------|-------------|

2. Action Logging

Every significant action gets logged with:

  • Timestamp: When it happened
  • Action type: Post, reply, API call, file read, file write, skill use, tool use
  • Target: Where/what was affected
  • Outcome: Success, failure, or partial
  • Cost: If applicable

Log format:

## Action Log — [DATE]
| Time | Action | Target | Outcome | Cost | Notes |
|------|--------|--------|---------|------|-------|

3. Daily Summary Report

At the end of each operating day (or on request), generate a summary:

## Daily Operations Summary — [DATE]

### Cost Breakdown
- Total estimated spend: $X.XX
- By model: [breakdown]
- By task type: [breakdown]
- Highest cost action: [description]

### Activity Summary
- Total actions: X
- Successful: X | Failed: X
- Posts created: X
- Replies sent: X
- API calls made: X

### Alerts
- [Any unusual patterns or cost spikes]

4. Cost Alerts

Flag when:

  • Daily spend exceeds a threshold (default: $1.00)
  • A single action costs more than $0.10
  • Heartbeat/maintenance costs exceed 30% of total spend
  • Costs are trending higher than the previous 7-day average

5. Model Routing Awareness

When a task could be handled by a cheaper model, note it:

  • Simple lookups → suggest Haiku/Flash tier
  • Heartbeats → suggest cheapest available model
  • Complex reasoning → confirm current model is appropriate
  • Summarization → suggest mid-tier model

How to Use

Tell your agent: "You have the agent-ops skill installed. Start tracking your costs and actions today."

Ask for reports: "Give me your daily operations summary" or "How much have you spent today?"

Limitations (Free Version)

  • Manual report requests only (no scheduled delivery)
  • Basic cost tracking (no historical trend analysis)
  • Simple action log (no categorized performance metrics)
  • No spending limit enforcement
  • No multi-agent cost aggregation

Want automated reports, trend analysis, spending limits, and more? → Upgrade to agent-ops-pro: https://edvisage.gumroad.com/l/[TBD]

About Edvisage Global

We build practical safety and operations tools for AI agents. Our skills are designed for the OpenClaw ecosystem and install in minutes.

Website: https://edvisageglobal.com/ai-tools

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…