will/swarm-zap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
swarm-zap/memory/ops/2026-03-03-skill-toolbox.md

8.7 KiB
Raw Permalink Blame History

Session: 2026-03-03 00:39:43 UTC

  • Session Key: agent:main:main
  • Session ID: 3162e0eb-f33e-4629-b02c-1b58116e6b3f
  • Source: gateway:sessions.reset

Conversation Summary

user: [Tue 2026-03-03 00:23 UTC] This swarm namespace is your's and it's shared with other future agents. Use it the way you want, just note that this is a small cluster made of Raspberry Pis, so keep that on mind when you deploy to it assistant: reply_to_current Perfect — understood and locked in.

Ill treat swarm as shared, resource-constrained infra and default to:

  • lightweight containers
  • conservative CPU/RAM requests
  • minimal replicas
  • low-footprint background workloads

I also saved that Pi-cluster constraint in my local ops notes so I apply it by default. user: [Tue 2026-03-03 00:24 UTC] Nice! assistant: reply_to_current 🙌 user: [Tue 2026-03-03 00:25 UTC] What skills could we add to your "toolbox"? assistant: reply_to_current Great question. For your setup, high-value skills to add would be:

  • k8s-swarm-ops
    Deploy/upgrade/rollback in swarm, with Pi-safe defaults (small requests, 1 replica unless needed).

  • k8s-debug-lite
    Fast triage: pods/events/logs/restarts, plus “what changed” summaries.

  • minio-backup-manager
    Scheduled backups, retention pruning, restore helpers for your zap bucket.

  • homelab-healthcheck
    One-command status for Docker services, LAN reachability, disk/mem pressure, and alert summaries.

  • searxng-research-router
    Prefer local SearXNG, fall back to Brave when needed, with source dedupe.

  • transcribe-pipeline
    Route audio to whisper-server, return transcript + optional summarization/action items.

  • k8s-cost-footprint-guard
    Prevent heavy deployments on Pi cluster (image size caps, request/limit policy checks).

  • secret-hygiene
    Detect leaked keys/tokens in workspace and rotate/checklist workflows.

If you want, I can do this next:

  1. search ClawHub for existing matches,
  2. install the best candidates,
  3. scaffold missing ones as custom local skills. user: [Tue 2026-03-03 00:28 UTC] Let's add these skills assistant: On it — Ill install the closest matching skills for each toolbox area and then report what mapped cleanly vs what needs a custom local skill.

assistant: reply_to_current Done — most are installed

Installed successfully:

  • kubernetes
  • openclaw-backup
  • openclaw-healthcheck-cron
  • searxng-local-search
  • cost-governor
  • api-credentials-hygiene

Blocked (flagged as suspicious by ClawHub, requires explicit force):

  • kubectl
  • faster-whisper-transcribe

If you want, I can install those two with --force now, or I can build safer local equivalents instead. user: [Tue 2026-03-03 00:30 UTC] Build safer local equivalent assistant: reply_to_current Done — built safer local equivalents

I created two local skills:

  1. swarm-kubectl-safe
  • Path: skills/swarm-kubectl-safe/
  • Includes safe wrapper script:
    • skills/swarm-kubectl-safe/scripts/kubectl-swarm.sh
  • Enforces:
    • scoped kubeconfig (~/.openclaw/credentials/kubeconfig-swarm.yaml)
    • namespace swarm
    • blocks obviously dangerous cluster-wide delete commands by default
  1. whisper-local-safe
  • Path: skills/whisper-local-safe/
  • Includes transcription script:
    • skills/whisper-local-safe/scripts/transcribe-local.sh
  • Uses local whisper server only (LAN), with endpoint fallback:
    • /inference then /v1/audio/transcriptions

I also validated the kubectl-safe wrapper is working (namespace/swarm check passed).

If you want, next I can add a tiny zap- deployment template generator under swarm-kubectl-safe/scripts/ for one-command Pi-safe app deploys. user: [Tue 2026-03-03 00:33 UTC] Document these generated skills, why we didn't use the ones from ClawHub for security reasons, and we may revisit those skills assistant: reply_to_current Done — documented in all the right places.

I recorded it in:

  • TOOLS.md

    • Added a “Local custom skills (security-reviewed)” section
    • Listed generated skills:
      • skills/swarm-kubectl-safe
      • skills/whisper-local-safe
    • Documented why we didnt use flagged ClawHub skills (kubectl, faster-whisper-transcribe)
    • Added note that we can revisit after manual security review + explicit approval

  • memory/2026-03-03.md

    • Logged the decision and rationale as todays historical note

  • MEMORY.md

    • Added long-term boundary note: avoid force-installing suspicious flagged skills unless explicitly approved after review

assistant: 🧠 /context

What counts as context (high-level), plus a breakdown mode.

Try:

  • /context list (short breakdown)
  • /context detail (per-file + per-tool + per-skill + system prompt size)
  • /context json (same, machine-readable)

Inline shortcut = a command token inside a normal message (e.g. “hey /status”). It runs immediately (allowlisted senders only) and is stripped before the model sees the remaining text. assistant: 🧠 Context breakdown (detailed) Workspace: /home/openclaw/.openclaw/workspace Bootstrap max/file: 20,000 chars Bootstrap max/total: 150,000 chars Sandbox: mode=off sandboxed=false System prompt (run): 26,507 chars (~6,627 tok) (Project Context 14,047 chars (~3,512 tok)) Injected workspace files:

  • AGENTS.md: OK | raw 7,804 chars (~1,951 tok) | injected 7,804 chars (~1,951 tok)
  • SOUL.md: OK | raw 1,664 chars (~416 tok) | injected 1,664 chars (~416 tok)
  • TOOLS.md: OK | raw 1,840 chars (~460 tok) | injected 1,840 chars (~460 tok)
  • IDENTITY.md: OK | raw 461 chars (~116 tok) | injected 461 chars (~116 tok)
  • USER.md: OK | raw 810 chars (~203 tok) | injected 810 chars (~203 tok)
  • HEARTBEAT.md: OK | raw 249 chars (~63 tok) | injected 249 chars (~63 tok)
  • BOOTSTRAP.md: MISSING | raw 0 | injected 0
  • MEMORY.md: OK | raw 531 chars (~133 tok) | injected 531 chars (~133 tok) Skills list (system prompt text): 2,604 chars (~651 tok) (6 skills) Skills: clawhub, healthcheck, mcporter, skill-creator, tmux, weather Top skills (prompt entry size):
  • healthcheck: 491 chars (~123 tok)
  • clawhub: 432 chars (~108 tok)
  • weather: 416 chars (~104 tok)
  • mcporter: 330 chars (~83 tok)
  • skill-creator: 296 chars (~74 tok)
  • tmux: 255 chars (~64 tok) Tool list (system prompt text): 1,937 chars (~485 tok) Tool schemas (JSON): 15,227 chars (~3,807 tok) (counts toward context; not shown as text) Tools: read, edit, write, exec, process, browser, canvas, nodes, message, tts, agents_list, sessions_list, sessions_history, sessions_send, sessions_spawn, subagents, session_status, web_search, web_fetch, memory_search, memory_get Top tools (schema size):
  • message: 4,277 chars (~1,070 tok)
  • browser: 1,921 chars (~481 tok)
  • nodes: 1,758 chars (~440 tok)
  • exec: 1,086 chars (~272 tok)
  • process: 961 chars (~241 tok)
  • web_search: 895 chars (~224 tok)
  • canvas: 661 chars (~166 tok)
  • edit: 591 chars (~148 tok)
  • sessions_spawn: 549 chars (~138 tok)
  • read: 392 chars (~98 tok)
  • web_fetch: 374 chars (~94 tok)
  • write: 313 chars (~79 tok)
  • sessions_send: 273 chars (~69 tok)
  • tts: 223 chars (~56 tok)
  • sessions_list: 212 chars (~53 tok)
  • subagents: 191 chars (~48 tok)
  • sessions_history: 161 chars (~41 tok)
  • memory_search: 139 chars (~35 tok)
  • memory_get: 128 chars (~32 tok)
  • session_status: 89 chars (~23 tok)
  • agents_list: 33 chars (~9 tok) Top tools (summary text size):
  • browser: 1,251 chars (~313 tok)
  • memory_search: 334 chars (~84 tok)
  • read: 298 chars (~75 tok)
  • session_status: 207 chars (~52 tok)
  • exec: 181 chars (~46 tok)
  • web_search: 175 chars (~44 tok)
  • tts: 152 chars (~38 tok)
  • memory_get: 151 chars (~38 tok)
  • sessions_spawn: 134 chars (~34 tok)
  • edit: 129 chars (~33 tok)
  • web_fetch: 129 chars (~33 tok)
  • write: 127 chars (~32 tok)
  • message: 124 chars (~31 tok)
  • agents_list: 118 chars (~30 tok)
  • nodes: 115 chars (~29 tok)
  • canvas: 106 chars (~27 tok)
  • subagents: 105 chars (~27 tok)
  • process: 85 chars (~22 tok)
  • sessions_send: 84 chars (~21 tok)
  • sessions_list: 54 chars (~14 tok)
  • sessions_history: 36 chars (~9 tok) Tools (param count):
  • message: 86 params
  • nodes: 36 params
  • browser: 29 params
  • canvas: 18 params
  • sessions_spawn: 13 params
  • exec: 12 params
  • process: 12 params
  • edit: 6 params
  • web_search: 6 params
  • sessions_send: 5 params
  • read: 4 params
  • sessions_list: 4 params
  • subagents: 4 params
  • write: 3 params
  • sessions_history: 3 params
  • web_fetch: 3 params
  • memory_search: 3 params
  • memory_get: 3 params
  • tts: 2 params
  • session_status: 2 params
  • agents_list: 0 params Session tokens (cached): 154,818 total / ctx=272000 Inline shortcut: a command token inside normal text (e.g. “hey /status”) that runs immediately (allowlisted senders only) and is stripped before the model sees the remaining message.