Rootly Morning Brief
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a purpose-aligned Rootly digest skill, but it uses a Rootly API key and can schedule recurring Slack delivery of operational incident details.
Before installing, confirm you are comfortable giving this skill a Rootly API key, prefer a read-only or least-privilege key, keep private incidents disabled unless needed, and verify the Slack channel and cron schedule are appropriate for your team.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can use the provided Rootly API key to read incident, on-call, and action-item data available to that key.
The script can read the Rootly API key from an environment variable, an env-specified file, or OpenClaw secret-file locations. This is disclosed and purpose-aligned, but it gives the skill access through the provided Rootly credential.
file_var_name = f"{name}_FILE" ... file_value = file_path.read_text(encoding="utf-8").strip() ... candidate_paths.append(user_home / ".openclaw" / "secrets" / "rootly_api_key")Use a Rootly API key scoped to the minimum read access needed for incidents, on-calls, and action items; avoid using an owner/admin key if Rootly supports narrower permissions.
Operational incident details may be posted into a Slack destination chosen for the cron announcement.
The digest may contain incident titles, on-call names, and overdue action items, and the documented workflow sends that output to Slack through OpenClaw.
The script prints the digest to stdout. OpenClaw cron `--announce` is what delivers that output to Slack.
Send the digest only to an appropriate private operations channel, and be especially careful before enabling private incident inclusion.
Once configured, the briefing can run and announce daily without another manual prompt.
The skill documents a recurring daily cron job. This persistence is expected for a morning brief, but users should recognize that it continues to run on a schedule.
openclaw cron add ... --cron "0 8 * * *" ... --message "Use rootly-morning-brief. Run scripts/rootly_morning_brief.py and print the full digest." ... --announce
Review the cron job settings, channel, timezone, and message before enabling it, and remove or disable the job when no longer needed.