LobsterOps
v1.0.3AI Agent Observability & Debug Console - flight recorder and debug console for autonomous AI systems
⭐ 0· 143·0 current·0 all-time
byNoel DeLisle@noeldelisle
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (AI agent observability and debug console) match the code and instructions: core classes, storage backends (json, sqlite, supabase), exporter, analytics, and instrumentation are present. Requiring only 'node' as a binary is appropriate for a Node.js library. The optional SUPABASE_URL / SUPABASE_KEY env vars listed in SKILL.md are expected for the Supabase backend.
Instruction Scope
SKILL.md and examples instruct the agent to capture and persist reasoning traces, tool calls, lifecycle events and (optionally) file changes and git ops. Capturing tool inputs/outputs and reasoning traces is consistent with the stated purpose, but this is sensitive: those traces often contain secrets, API keys, or PII. The skill claims built-in PII filtering and that file/git capture is opt-in (defaults to off) which mitigates risk if followed. There's a small documentation mismatch: README/Deploy instructions reference a DASHBOARD_PASSWORD secret for the example dashboard, but SKILL.md's Environment Variable Contract doesn't list DASHBOARD_PASSWORD — this is an inconsistency you should confirm before deploying the dashboard.
Install Mechanism
Registry metadata says 'no install spec' (instruction-only), but the package includes package.json and many source files and a package-lock (npm dependencies: @supabase/supabase-js, express, sqlite3, etc.). There is no risky external download URL; dependencies come from npm — standard but you will need to install them (npm install) to run features like the dashboard or SQLite backend. Because there is code included, you should run it in a controlled environment and review dependencies before installing in production.
Credentials
Declared optional env vars (SUPABASE_URL, SUPABASE_KEY, LOBSTER_STORAGE) are appropriate for a Supabase backend. However: (1) SKILL.md suggests SUPABASE_KEY may be anon or service-role — using a Supabase service-role key grants broad DB privileges and is risky for logging endpoints; do not supply a service-role key unless you understand the implications. (2) README references DASHBOARD_PASSWORD for the example dashboard but SKILL.md does not list it — an interface/contract mismatch. (3) Instrumentation can capture tool calls and reasoning traces which frequently include secrets; the PII filtering is helpful but may not catch all formats. These factors make credential and secret handling the primary risk area.
Persistence & Privilege
The skill is not marked always:true and does not request elevated agent/system privileges in the manifest. It stores data locally by default (JSON/SQLite) and only sends data off-host if you explicitly configure Supabase. The skill does reference OpenClaw's config path for its configuration ('.openclaw/workspace/config/lobsterops.json'), which is expected for an OpenClaw skill but means it will read that workspace-scoped configuration file.
What to consider before installing
What to check before installing or enabling LobsterOps:
- Review and test locally first: the package includes source code and npm dependencies; run it in an isolated/dev environment before enabling in production.
- Supabase = remote logs: if you configure SUPABASE_URL / SUPABASE_KEY, events will leave your machine. Never provide a Supabase service-role key unless you accept full DB privileges; prefer an anon key scoped appropriately.
- Instrumentation scope: features like captureToolCalls, captureReasoningTraces, captureFileChanges and captureGitOps can record sensitive data (secrets, API keys, code, or PII). Keep file/git capture disabled unless you intentionally need it, and review the OpenClawInstrumentation and PIIFilter code to confirm what is redacted and how.
- PII filtering is helpful but not guaranteed: examine src/core/PIIFilter.js and test it against your actual data formats to ensure it redacts the secrets and patterns you care about.
- Dashboard deployment notes: README asks you to set DASHBOARD_PASSWORD in Replit secrets for the example dashboard, but SKILL.md's env table doesn't mention it — confirm all required secrets/envs before deploying the dashboard publicly.
- Dependency hygiene: dependencies are from npm (no obscure download URLs), but review package-lock and run vulnerability scans if you plan to deploy broadly.
If you want a safer rollout: use JSON or local SQLite storage (no network egress), keep instrumentation defaults (file/git capture) off, validate PIIFilter behavior, and only enable remote Supabase storage after auditing keys and access controls.tests/LobsterOps.test.js:453
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
🦞 Clawdis
Binsnode
latest
Noel DeLisle@noeldelisle
DownloadLobsterOps Skill
AI Agent Observability & Debug Console. A lightweight, flexible "black box flight recorder" and debug console for AI agents. Automatically captures agent thoughts, tool calls, decisions, errors, spawning events, and lifecycle transitions.
Core Tasks
- "Log my agent activity to LobsterOps" - Initialize LobsterOps and begin recording agent events with structured logging
- "Show me what my agent did" - Query the event log and display a chronological trace of agent activity
- "Debug my agent's last session" - Use the debug console to step through agent execution with time-travel debugging
- "Analyze my agent's behavior patterns" - Run behavioral analytics to detect loops, failure patterns, and performance trends
- "Set up alerts for my agent" - Configure alerting rules for cost spikes, repeated failures, or anomalous behavior
- "Export my agent logs" - Export events to JSON, CSV, or Markdown format for sharing or auditing
Environment Variable Contract
| Variable | Required | Description |
|---|---|---|
LOBSTER_STORAGE | No | Storage backend type: json, memory, sqlite, or supabase (default: json) |
SUPABASE_URL | If using supabase | Supabase project URL |
SUPABASE_KEY | If using supabase | Supabase anon or service role key |
Configuration
LobsterOps uses OpenClaw's config system. Place configuration at .openclaw/workspace/config/lobsterops.json:
{
"enabled": true,
"storageType": "json",
"storageConfig": {
"dataDir": "./agent-logs",
"maxAgeDays": 30
},
"piiFiltering": {
"enabled": true,
"patterns": ["email", "phone", "ssn", "creditCard", "ipAddress", "apiKey"]
},
"alerts": {
"enabled": true,
"rules": []
}
}
Storage Backend Options
JSON Files (default, zero-config):
{ "storageType": "json", "storageConfig": { "dataDir": "./agent-logs" } }
SQLite (lightweight production):
{ "storageType": "sqlite", "storageConfig": { "filename": "./lobsterops.db" } }
Supabase (cloud, team collaboration):
{
"storageType": "supabase",
"storageConfig": {
"supabaseUrl": "https://your-project.supabase.co",
"supabaseKey": "your-anon-key"
}
}
Security & Guardrails
- LobsterOps includes built-in PII filtering that automatically redacts emails, phone numbers, SSNs, credit card numbers, IP addresses, and API keys from logged events
- All data is stored locally by default (JSON files or SQLite) - no data leaves the machine unless Supabase is explicitly configured
- The Supabase backend requires explicit URL and key configuration - credentials are never inferred or auto-discovered
- Event retention policies automatically clean up old data based on configurable age limits
- LobsterOps never modifies agent behavior - it is strictly read-only observation
Troubleshooting
- "Cannot find module 'sqlite3'": Run
npm install sqlite3- only needed if using SQLite backend - "Supabase table does not exist": Create the required table in your Supabase dashboard using the DDL provided in the error message
- Events not appearing: Ensure
enabled: truein config and thatawait ops.init()has been called - High disk usage: Reduce
maxAgeDaysin storage config or runawait ops.cleanupOld()manually - PII still visible in logs: Check that
piiFiltering.enabledistrueand the relevant pattern types are listed
Comments
Loading comments...