ops-mcp-server

Key things to consider before installing/using this skill: - It is instruction-only and does not ship code, but it instructs the agent (and you via examples) to use mcporter configured to call an MCP endpoint. That endpoint is where actions actually run — review and trust the MCP server before connecting. - The documentation references and uses environment/config values (OPS_MCP_SERVER_URL, EVENT_CLUSTER) and an Authorization token in ~/.openclaw/workspace/config/mcporter.json, but the skill metadata does not declare required env vars or credentials. Treat this as a gap: expect to supply sensitive tokens to mcporter if you want the skill to operate. - The skill contains examples that call execute-sops-from-ops (restart-node, db-migrate, scale-deployment). Those examples can modify infrastructure. If you want only read-only investigation, ensure the token you provide has read-only scope, or disable/guard SOPS execution on the MCP server. - Before enabling: (1) verify the MCP endpoint URL and ownership; (2) limit token scope and lifetime (use a token that cannot execute destructive SOPS if possible); (3) require manual confirmation for SOPS execution or remove execute-sops privileges; (4) test in a staging environment; (5) audit mcporter logs and MCP audit trails so any SOPS call is visible and attributable. - If you are concerned about autonomous agent behavior, consider disabling autonomous invocation of this skill for agents that should not perform actions, or ensure the agent prompts a human before any execute-sops call. - Finally, ask the publisher to clarify the contradiction between 'not for direct infrastructure changes' and the SOPS execution examples, and to declare required environment variables and recommended token scopes in the registry metadata.