Crawler Summary
Incident response and forensics for agent workspaces. Investigate compromises, build timelines, assess blast radius, and collect evidence. Cross-references data from warden, ledger, signet, and sentinel for unified analysis. Free alert layer — upgrade to openclaw-triage-pro for automated containment, remediation playbooks, and evidence export. --- name: openclaw-triage description: "Incident response and forensics for agent workspaces. Investigate compromises, build timelines, assess blast radius, and collect evidence. Cross-references data from warden, ledger, signet, and sentinel for unified analysis. Free alert layer — upgrade to openclaw-triage-pro for automated containment, remediation playbooks, and evidence export." user-invocable: true metadata: {" Published capability contract available. No trust telemetry is available yet. Last updated 3/1/2026.
Freshness
Last checked 3/1/2026
Best For
Contract is available with explicit auth and schema references.
Not Ideal For
openclaw-triage is not ideal for teams that need stronger public trust telemetry, lower setup complexity, or more explicit contract coverage before production rollout.
Evidence Sources Checked
editorial-content, capability-contract, runtime-metrics, public facts pack
Incident response and forensics for agent workspaces. Investigate compromises, build timelines, assess blast radius, and collect evidence. Cross-references data from warden, ledger, signet, and sentinel for unified analysis. Free alert layer — upgrade to openclaw-triage-pro for automated containment, remediation playbooks, and evidence export. --- name: openclaw-triage description: "Incident response and forensics for agent workspaces. Investigate compromises, build timelines, assess blast radius, and collect evidence. Cross-references data from warden, ledger, signet, and sentinel for unified analysis. Free alert layer — upgrade to openclaw-triage-pro for automated containment, remediation playbooks, and evidence export." user-invocable: true metadata: {"
Public facts
6
Change events
1
Artifacts
0
Freshness
Mar 1, 2026
Published capability contract available. No trust telemetry is available yet. Last updated 3/1/2026.
Trust score
Unknown
Compatibility
OpenClaw
Freshness
Mar 1, 2026
Vendor
Atlaspa
Artifacts
0
Benchmarks
0
Last release
Unpublished
Key links, install path, and a quick operational read before the deeper crawl record.
Summary
Published capability contract available. No trust telemetry is available yet. Last updated 3/1/2026.
Setup snapshot
git clone https://github.com/AtlasPA/openclaw-triage.gitSetup complexity is LOW. This package is likely designed for quick installation with minimal external side-effects.
Final validation: Expose the agent to a mock request payload inside a sandbox and trace the network egress before allowing access to real customer data.
Everything public we have scraped or crawled about this agent, grouped by evidence type with provenance.
Vendor
Atlaspa
Protocol compatibility
OpenClaw
Auth modes
api_key
Machine-readable schemas
OpenAPI or schema references published
Handshake status
UNKNOWN
Crawlable docs
6 indexed pages on the official domain
Merged public release, docs, artifact, benchmark, pricing, and trust refresh events.
Extracted files, examples, snippets, parameters, dependencies, permissions, and artifact metadata.
Extracted files
0
Examples
6
Snippets
0
Languages
typescript
Parameters
bash
python3 {baseDir}/scripts/triage.py investigate --workspace /path/to/workspacebash
python3 {baseDir}/scripts/triage.py timeline --workspace /path/to/workspacebash
python3 {baseDir}/scripts/triage.py timeline --hours 72 --workspace /path/to/workspacebash
python3 {baseDir}/scripts/triage.py scope --workspace /path/to/workspacebash
python3 {baseDir}/scripts/triage.py evidence --workspace /path/to/workspacebash
python3 {baseDir}/scripts/triage.py evidence --output /path/to/evidence/dir --workspace /path/to/workspaceFull documentation captured from public sources, including the complete README when available.
Docs source
GITHUB OPENCLEW
Editorial quality
ready
Incident response and forensics for agent workspaces. Investigate compromises, build timelines, assess blast radius, and collect evidence. Cross-references data from warden, ledger, signet, and sentinel for unified analysis. Free alert layer — upgrade to openclaw-triage-pro for automated containment, remediation playbooks, and evidence export. --- name: openclaw-triage description: "Incident response and forensics for agent workspaces. Investigate compromises, build timelines, assess blast radius, and collect evidence. Cross-references data from warden, ledger, signet, and sentinel for unified analysis. Free alert layer — upgrade to openclaw-triage-pro for automated containment, remediation playbooks, and evidence export." user-invocable: true metadata: {"
Incident response and forensics for agent workspaces. When something goes wrong — a skill behaves unexpectedly, files change without explanation, or another security tool flags an anomaly — triage investigates what happened, assesses the damage, and guides recovery.
This is the "detective" that pulls together evidence from all OpenClaw security tools into a unified incident report.
Need automated containment and remediation? Upgrade to openclaw-triage-pro for quarantine, playbooks, evidence chain-of-custody, and post-incident hardening.
Run a comprehensive incident investigation. Collects workspace state, checks for signs of compromise (recently modified critical files, new skills, unusual permissions, off-hours modifications, large files, hidden files), cross-references with warden/ledger/signet/sentinel data, builds an event timeline, and calculates an incident severity score (CRITICAL / HIGH / MEDIUM / LOW).
python3 {baseDir}/scripts/triage.py investigate --workspace /path/to/workspace
Build a chronological timeline of all file modifications in the workspace. Groups events by hour, highlights suspicious burst activity (many files modified in a short window), shows which directories and skills were affected, and cross-references with ledger entries if available.
python3 {baseDir}/scripts/triage.py timeline --workspace /path/to/workspace
Look back further than the default 24 hours:
python3 {baseDir}/scripts/triage.py timeline --hours 72 --workspace /path/to/workspace
Assess the blast radius of a potential compromise. Categorizes all files by risk level (critical, memory, skill, config), checks for credential exposure patterns in recently modified files, scans for outbound exfiltration URLs, and estimates scope as CONTAINED (single area), SPREADING (multiple skills), or SYSTEMIC (workspace-level).
python3 {baseDir}/scripts/triage.py scope --workspace /path/to/workspace
Collect and preserve forensic evidence before remediation. Snapshots the full workspace state (file list with SHA-256 hashes, sizes, timestamps), copies all available security tool data (.integrity/, .ledger/, .signet/, .sentinel/), and generates a summary report. Always run this before any remediation to preserve the forensic trail.
python3 {baseDir}/scripts/triage.py evidence --workspace /path/to/workspace
Save to a custom output directory:
python3 {baseDir}/scripts/triage.py evidence --output /path/to/evidence/dir --workspace /path/to/workspace
One-line summary of triage state: last investigation timestamp, current threat level, and whether evidence has been collected.
python3 {baseDir}/scripts/triage.py status --workspace /path/to/workspace
If --workspace is omitted, the script tries:
OPENCLAW_WORKSPACE environment variable~/.openclaw/workspace (default)Triage automatically checks for data from these OpenClaw tools:
| Tool | Data Path | What Triage Checks |
|------|-----------|-------------------|
| Warden | .integrity/manifest.json | Baseline deviations — files modified since last known-good state |
| Ledger | .ledger/chain.jsonl | Chain breaks, unparseable entries, suspicious log entries |
| Signet | .signet/manifest.json | Tampered skill signatures — skills modified after signing |
| Sentinel | .sentinel/threats.json | Known threats and high-severity findings |
| Level | Meaning | Trigger | |-------|---------|---------| | CRITICAL | Immediate response required | Any critical finding, or 3+ high findings | | HIGH | Investigation warranted | High-severity findings from any source | | MEDIUM | Review recommended | Multiple medium findings or volume threshold | | LOW | No immediate action | Informational findings only |
0 — Clean, no actionable findings1 — Findings detected (investigation recommended)2 — Critical findings (immediate action needed)Python standard library only. No pip install. No network calls. Everything runs locally.
Works with OpenClaw, Claude Code, Cursor, and any tool using the Agent Skills specification.
Machine endpoints, protocol fit, contract coverage, invocation examples, and guardrails for agent-to-agent use.
Contract coverage
Status
ready
Auth
api_key
Streaming
No
Data region
global
Protocol support
Requires: openclew, lang:typescript
Forbidden: none
Guardrails
Operational confidence: medium
curl -s "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/snapshot"
curl -s "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/contract"
curl -s "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/trust"
Trust and runtime signals, benchmark suites, failure patterns, and practical risk constraints.
Trust signals
Handshake
UNKNOWN
Confidence
unknown
Attempts 30d
unknown
Fallback rate
unknown
Runtime metrics
Observed P50
unknown
Observed P95
unknown
Rate limit
unknown
Estimated cost
unknown
Every public screenshot, visual asset, demo link, and owner-provided destination tied to this agent.
Neighboring agents from the same protocol and source ecosystem for comparison and shortlist building.
Rank
70
AI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents
Traction
No public download signal
Freshness
Updated 2d ago
Rank
70
AI productivity studio with smart chat, autonomous agents, and 300+ assistants. Unified access to frontier LLMs
Traction
No public download signal
Freshness
Updated 5d ago
Rank
70
Free, local, open-source 24/7 Cowork app and OpenClaw for Gemini CLI, Claude Code, Codex, OpenCode, Qwen Code, Goose CLI, Auggie, and more | 🌟 Star if you like it!
Traction
No public download signal
Freshness
Updated 6d ago
Rank
70
The Frontend for Agents & Generative UI. React + Angular
Traction
No public download signal
Freshness
Updated 23d ago
Contract JSON
{
"contractStatus": "ready",
"authModes": [
"api_key"
],
"requires": [
"openclew",
"lang:typescript"
],
"forbidden": [],
"supportsMcp": false,
"supportsA2a": false,
"supportsStreaming": false,
"inputSchemaRef": "https://github.com/AtlasPA/openclaw-triage#input",
"outputSchemaRef": "https://github.com/AtlasPA/openclaw-triage#output",
"dataRegion": "global",
"contractUpdatedAt": "2026-02-24T19:44:24.991Z",
"sourceUpdatedAt": "2026-02-24T19:44:24.991Z",
"freshnessSeconds": 4425406
}Invocation Guide
{
"preferredApi": {
"snapshotUrl": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/snapshot",
"contractUrl": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/contract",
"trustUrl": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/trust"
},
"curlExamples": [
"curl -s \"https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/snapshot\"",
"curl -s \"https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/contract\"",
"curl -s \"https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/trust\""
],
"jsonRequestTemplate": {
"query": "summarize this repo",
"constraints": {
"maxLatencyMs": 2000,
"protocolPreference": [
"OPENCLEW"
]
}
},
"jsonResponseTemplate": {
"ok": true,
"result": {
"summary": "...",
"confidence": 0.9
},
"meta": {
"source": "GITHUB_OPENCLEW",
"generatedAt": "2026-04-17T01:01:11.432Z"
}
},
"retryPolicy": {
"maxAttempts": 3,
"backoffMs": [
500,
1500,
3500
],
"retryableConditions": [
"HTTP_429",
"HTTP_503",
"NETWORK_TIMEOUT"
]
}
}Trust JSON
{
"status": "unavailable",
"handshakeStatus": "UNKNOWN",
"verificationFreshnessHours": null,
"reputationScore": null,
"p95LatencyMs": null,
"successRate30d": null,
"fallbackRate": null,
"attempts30d": null,
"trustUpdatedAt": null,
"trustConfidence": "unknown",
"sourceUpdatedAt": null,
"freshnessSeconds": null
}Capability Matrix
{
"rows": [
{
"key": "OPENCLEW",
"type": "protocol",
"support": "unknown",
"confidenceSource": "profile",
"notes": "Listed on profile"
}
],
"flattenedTokens": "protocol:OPENCLEW|unknown|profile"
}Facts JSON
[
{
"factKey": "docs_crawl",
"category": "integration",
"label": "Crawlable docs",
"value": "6 indexed pages on the official domain",
"href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-04-15T05:03:46.393Z",
"isPublic": true
},
{
"factKey": "vendor",
"category": "vendor",
"label": "Vendor",
"value": "Atlaspa",
"href": "https://github.com/AtlasPA/openclaw-triage",
"sourceUrl": "https://github.com/AtlasPA/openclaw-triage",
"sourceType": "profile",
"confidence": "medium",
"observedAt": "2026-03-01T06:04:32.905Z",
"isPublic": true
},
{
"factKey": "protocols",
"category": "compatibility",
"label": "Protocol compatibility",
"value": "OpenClaw",
"href": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/contract",
"sourceUrl": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/contract",
"sourceType": "contract",
"confidence": "medium",
"observedAt": "2026-02-24T19:44:24.991Z",
"isPublic": true
},
{
"factKey": "auth_modes",
"category": "compatibility",
"label": "Auth modes",
"value": "api_key",
"href": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/contract",
"sourceUrl": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/contract",
"sourceType": "contract",
"confidence": "high",
"observedAt": "2026-02-24T19:44:24.991Z",
"isPublic": true
},
{
"factKey": "schema_refs",
"category": "artifact",
"label": "Machine-readable schemas",
"value": "OpenAPI or schema references published",
"href": "https://github.com/AtlasPA/openclaw-triage#input",
"sourceUrl": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/contract",
"sourceType": "contract",
"confidence": "high",
"observedAt": "2026-02-24T19:44:24.991Z",
"isPublic": true
},
{
"factKey": "handshake_status",
"category": "security",
"label": "Handshake status",
"value": "UNKNOWN",
"href": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/trust",
"sourceUrl": "https://xpersona.co/api/v1/agents/atlaspa-openclaw-triage/trust",
"sourceType": "trust",
"confidence": "medium",
"observedAt": null,
"isPublic": true
}
]Change Events JSON
[
{
"eventType": "docs_update",
"title": "Docs refreshed: Sign in to GitHub · GitHub",
"description": "Fresh crawlable documentation was indexed for the official domain.",
"href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
"sourceType": "search_document",
"confidence": "medium",
"observedAt": "2026-04-15T05:03:46.393Z",
"isPublic": true
}
]Sponsored
Ads related to openclaw-triage and adjacent AI workflows.