ClawHub

Alert Triage

v1.0.1

Normalize and classify alerts by urgency, trust, and audience to decide send-now, batch-later, ignore, suppress-as-duplicate, or escalate actions.

0· 52·0 current·0 all-time
byPeter Zsak@wroadd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and files all describe alert normalization and triage heuristics; there are no unrelated environment variables, binaries, or install steps requested.
Instruction Scope
SKILL.md stays focused on classifying alerts, deduplication, timing, routing, and producing a sanitized policy output. It explicitly forbids including private endpoints, tokens, phone numbers, or other secrets. It does not instruct reading system files, shell history, or unrelated environment variables.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes disk writes and arbitrary code execution risk.
Credentials
The skill requires no environment variables, credentials, or config paths. The guidance about redacting private data is appropriate and proportional to the skill's function.
Persistence & Privilege
always:false and no instructions to modify other skills or system-wide settings. Autonomous invocation is allowed by default but the skill itself does not request elevated persistence or cross-skill config changes.
Assessment
This skill is a focused, instruction-only policy and appears internally consistent. Before installing: (1) confirm you will not feed real secrets or private endpoints into the agent prompts when using it, (2) test the skill in a staging environment with sanitized alerts to ensure its routing and suppression heuristics align with your org policies, (3) review and adapt suppression windows, escalation rules, and audience mappings to match your on-call rotations and SLAs, and (4) monitor early runs to ensure the skill does not omit critical alerts or over-suppress. If you need the agent to act on alerts (send pages, post to channels), prefer granting only the minimal outbound/send permissions to the agent and validate destinations first.

Like a lobster shell, security has layers — review code before you run it.

alertsvk973mnfxytsdh9chg49d08hxmn84c9znlatestvk973mnfxytsdh9chg49d08hxmn84c9znnotificationsvk973mnfxytsdh9chg49d08hxmn84c9zntriagevk973mnfxytsdh9chg49d08hxmn84c9zn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments