Vercel Deployment Watchdog Skill
⚠️ SECURITY & USAGE DISCLAIMER
This skill is designed exclusively for monitoring your own web applications and deployments. It must not be used to probe, scan, or monitor any systems you do not own or have explicit permission to test.
Permitted Use:
- - Monitoring your own websites and APIs deployed on Vercel or similar platforms
- Automated health checks for deployments you control
- Integration with your own alerting systems (Telegram, etc.)
Prohibited Use:
- - Scanning third-party websites without authorization
- Attempting to access private/internal networks
- Testing systems you do not own or manage
- Any activity that could be considered unauthorized access or harassment
By using this skill, you agree to use it only for legitimate monitoring of your own infrastructure.
Skill Overview
Automated deployment monitoring for Vercel-hosted applications. This skill provides:
- 1. Post-deployment health checks: Verify HTTP status, cache freshness, content validation
- Vercel API integration: Detect new deployments automatically
- Feed validation: Check API endpoints return valid JSON with expected data
- Cron job setup: Schedule regular checks or trigger on deployment completion
- Alerting integration: Configure OpenClaw cron jobs to send failure notifications via Telegram/WhatsApp or webhooks (delivery handled by OpenClaw platform)
🔒 Security & Compliance
Built-in Safety Features
The skill includes multiple security measures:
- 1. URL Validation: All URLs are validated to:
- Require
http:// or
https:// protocol
- Warn/block localhost addresses (
localhost,
127.0.0.1,
0.0.0.0)
- Can be configured to block private IP ranges (RFC 1918)
- Allow monitoring of internal resources via
ALLOW_INTERNAL=true environment variable (requires explicit opt-in; no CLI bypass flags)
-
Security Warning: Only enable
ALLOW_INTERNAL=true if you need to monitor localhost/private IPs and have explicit permission. Enabling it allows network access to internal addresses.
- 2. Credential Safety:
- Never hardcodes API tokens or secrets
- Accepts tokens via environment variables (primary) or CLI arguments
- Scripts do not log sensitive credentials
- 3. Network Restrictions:
- No outbound network calls to private IP ranges by default
- Configurable timeout limits for HTTP requests
- Rate limiting recommendations included
Compliance with ClawHub Policies
This skill:
- - Does not attempt to bypass security controls
- Does not include obfuscated or hidden functionality
- Is open source and transparent about all operations
- Respects
robots.txt and common web standards - Follows the principle of least privilege
Responsible Usage Requirements
You must:
- 1. Have explicit permission to monitor all target URLs
- Use your own API tokens with minimal required scopes
- Respect rate limits of monitored services
- Not use this skill for surveillance or harassment
- Comply with all applicable laws and terms of service
Violation of these terms may result in removal from ClawHub and suspension of your account.
Quick Start
1. Prerequisites
CODEBLOCK0
2. Set up Environment Variables
Create a .env file or set environment variables:
CODEBLOCK1
3. Run Manual Check
CODEBLOCK2
4. Schedule Monitoring with OpenClaw Cron (Recommended)
For safe and integrated scheduling, use OpenClaw's built-in cron system instead of system cron:
CODEBLOCK3
See the "Integration with OpenClaw" section below for more details.
Features
Health Check Components
- 1. HTTP Status Verification: Ensures homepage and API return 200 OK
- Cache Freshness: Checks
age: 0 and x-vercel-cache: MISS headers - Content Validation: Verifies page title contains expected text
- JSON Feed Validation: Validates API response structure and data integrity
- Deployment Detection: Uses Vercel API to find latest deployments
Vercel API Integration
The skill can:
- - List recent deployments to detect new ones
- Check deployment state (
READY, ERROR, BUILDING) - Get deployment URLs and metadata
- Trigger health checks when deployment state changes to �INLINECODE14
Alerting
When checks fail, the skill can:
- - Send Telegram messages via OpenClaw
- Log detailed failure information
- Include remediation suggestions
- Escalate after repeated failures
Usage Examples
Basic Health Check
CODEBLOCK4
Vercel Deployment Monitoring
The script uses the VERCEL_TOKEN environment variable automatically, or you can pass it explicitly via --token.
CODEBLOCK5
Script Reference
scripts/watchdog-check.sh
Main health check script with the following options:
CODEBLOCK6
scripts/vercel-monitor.sh
Vercel API integration script:
CODEBLOCK7
Integration with OpenClaw
Note: This skill provides monitoring scripts that output results to stdout. Notifications are handled by OpenClaw's cron delivery system (delivery.mode: "announce") when configured, not by the scripts themselves. The scripts do not make external API calls for notifications.
As a Cron Job
Set up the skill to run periodically via OpenClaw's cron system:
CODEBLOCK8
As a Sub-Agent
Spawn a sub-agent to handle monitoring:
CODEBLOCK9
Troubleshooting
Common Issues
- 1. Vercel API authentication fails:
- Ensure token has
deployment:read scope
- Check if token is expired (create new one at https://vercel.com/account/tokens)
- 2. Cache freshness indicators missing:
- Deployment might be cached by CDN
- Wait a few minutes and retry
- Check Vercel project settings for cache headers
- 3. API feed validation fails:
- Verify API endpoint is accessible
- Check CORS settings if accessing from different domain
- Validate JSON structure with �INLINECODE21
Debug Mode
Enable verbose output to see detailed check results:
CODEBLOCK10
Extending the Skill
Adding New Checks
- 1. Add check function to �INLINECODE22
- Update summary output
- Test with
--verbose flag
Integrating with Other Services
- - Slack notifications: Add webhook integration
- Email alerts: Use
himalaya CLI or gog skill - Dashboard integration: Output JSON for external monitoring systems
References
See references/ directory for:
- - Vercel API documentation
- HTTP cache header specifications
- JSON schema validation examples
- OpenClaw cron job configuration guide
Vercel 部署监控技能
⚠️ 安全与使用声明
本技能仅用于监控您自己的 Web 应用和部署。严禁用于探测、扫描或监控任何您不拥有或未经明确授权的系统。
允许用途:
- - 监控您在 Vercel 或类似平台上部署的网站和 API
- 对您控制的部署进行自动化健康检查
- 与您自己的告警系统集成(Telegram 等)
禁止用途:
- - 未经授权扫描第三方网站
- 尝试访问私有/内部网络
- 测试您不拥有或管理的系统
- 任何可能被视为未经授权访问或骚扰的行为
使用本技能即表示您同意仅将其用于对自己基础设施的合法监控。
技能概述
针对 Vercel 托管应用的自动化部署监控。本技能提供:
- 1. 部署后健康检查:验证 HTTP 状态、缓存新鲜度、内容验证
- Vercel API 集成:自动检测新部署
- Feed 验证:检查 API 端点是否返回包含预期数据的有效 JSON
- 定时任务设置:安排定期检查或在部署完成时触发
- 告警集成:配置 OpenClaw 定时任务,通过 Telegram/WhatsApp 或 Webhook 发送失败通知(由 OpenClaw 平台处理投递)
🔒 安全与合规
内置安全功能
本技能包含多项安全措施:
- 1. URL 验证:所有 URL 均经过验证:
- 要求使用 http:// 或 https:// 协议
- 警告/阻止 localhost 地址(localhost、127.0.0.1、0.0.0.0)
- 可配置为阻止私有 IP 范围(RFC 1918)
- 通过 ALLOW_INTERNAL=true 环境变量允许监控内部资源(需明确选择加入;无 CLI 绕过标志)
-
安全警告:仅在需要监控 localhost/私有 IP 且拥有明确权限时启用 ALLOW_INTERNAL=true。启用后将允许网络访问内部地址。
- 2. 凭证安全:
- 绝不硬编码 API 令牌或密钥
- 通过环境变量(主要方式)或 CLI 参数接受令牌
- 脚本不会记录敏感凭证
- 3. 网络限制:
- 默认不向私有 IP 范围发起出站网络调用
- HTTP 请求可配置超时限制
- 包含速率限制建议
符合 ClawHub 政策
本技能:
- - 不尝试绕过安全控制
- 不包含混淆或隐藏功能
- 是开源的,所有操作透明
- 尊重 robots.txt 和通用 Web 标准
- 遵循最小权限原则
负责任使用要求
您必须:
- 1. 拥有监控所有目标 URL 的明确权限
- 使用具有最小所需范围的自己的 API 令牌
- 尊重被监控服务的速率限制
- 不将本技能用于监视或骚扰
- 遵守所有适用法律和服务条款
违反这些条款可能导致从 ClawHub 移除并暂停您的账户。
快速开始
1. 前提条件
bash
检查是否安装了 curl 和 jq
command -v curl >/dev/null 2>&1 && command -v jq >/dev/null 2>&1 || {
echo 错误:需要 curl 和 jq 但未安装。
echo 请使用系统包管理器安装:
echo Debian/Ubuntu:sudo apt-get install curl jq
echo macOS:brew install curl jq
echo 其他系统请参考:https://curl.se/ 和 https://stedolan.github.io/jq/
exit 1
}
2. 设置环境变量
创建 .env 文件或设置环境变量:
bash
Vercel API 令牌(在 https://vercel.com/account/tokens 创建)
export VERCEL
TOKEN=vcp...
要监控的目标 URL
export HOMEPAGE_URL=https://your-site.com/
export API
FEEDURL=https://your-site.com/api/feed
可选:用于 OpenClaw 定时通知的 Telegram 聊天 ID(脚本不使用)
export TELEGRAM
CHATID=YOUR
TELEGRAMCHAT_ID
安全:仅在监控 localhost/私有 IP 时设置 ALLOW_INTERNAL=true
export ALLOW_INTERNAL=true
3. 运行手动检查
bash
赋予脚本执行权限
chmod +x scripts/watchdog-check.sh
运行检查
./scripts/watchdog-check.sh --homepage $HOMEPAGE
URL --api $APIFEED_URL
4. 使用 OpenClaw 定时任务安排监控(推荐)
为安全且集成的调度,请使用 OpenClaw 内置的定时系统而非系统 cron:
javascript
// 创建 OpenClaw 定时任务(每 5 分钟)
{
name: Vercel 监控,
schedule: { kind: every, everyMs: 300000 },
payload: {
kind: agentTurn,
message: 对我的网站运行部署监控检查
},
delivery: {
mode: announce,
channel: telegram,
to: YOURTELEGRAMCHAT_ID
}
}
更多详情请参见下方与 OpenClaw 集成部分。
功能特性
健康检查组件
- 1. HTTP 状态验证:确保首页和 API 返回 200 OK
- 缓存新鲜度:检查 age: 0 和 x-vercel-cache: MISS 头信息
- 内容验证:验证页面标题是否包含预期文本
- JSON Feed 验证:验证 API 响应结构和数据完整性
- 部署检测:使用 Vercel API 查找最新部署
Vercel API 集成
本技能可以:
- - 列出最近的部署以检测新部署
- 检查部署状态(READY、ERROR、BUILDING)
- 获取部署 URL 和元数据
- 在部署状态变为 READY 时触发健康检查
告警功能
当检查失败时,本技能可以:
- - 通过 OpenClaw 发送 Telegram 消息
- 记录详细的失败信息
- 包含修复建议
- 在重复失败后升级告警
使用示例
基本健康检查
bash
./scripts/watchdog-check.sh --homepage https://your-site.com --api https://your-site.com/api/feed
Vercel 部署监控
脚本会自动使用 VERCEL_TOKEN 环境变量,或您可以通过 --token 显式传递。
bash
检查过去 10 分钟内的新部署
./scripts/vercel-monitor.sh --project your-project --since 10m
脚本参考
scripts/watchdog-check.sh
主要健康检查脚本,支持以下选项:
bash
--homepage URL # 要检查的首页 URL(默认:https://your-site.com/)
--api URL # 要检查的 API feed URL(默认:https://your-site.com/api/feed)
--verbose # 启用详细输出
--json # 以 JSON 格式输出结果,便于程序化使用
scripts/vercel-monitor.sh
Vercel API 集成脚本:
bash
--token TOKEN # Vercel API 令牌(必需)
--project NAME # 要监控的项目名称(默认:自动检测)
--since MINUTES # 检查过去 N 分钟内的部署(默认:5)
--team-id ID # 组织账户的团队 ID
与 OpenClaw 集成
注意:本技能提供将结果输出到 stdout 的监控脚本。通知由 OpenClaw 的定时投递系统(delivery.mode: announce)在配置时处理,而非由脚本本身处理。脚本不会为通知发起外部 API 调用。
作为定时任务
通过 OpenClaw 的定时系统设置技能定期运行:
javascript
// 定时任务配置示例
{
name: Vercel 监控,
schedule: { kind: every, everyMs: 300000 }, // 每 5 分钟
payload: {
kind: agentTurn,
message: 运行部署监控检查,如有失败则通知
},
delivery: {
mode: announce,
channel: telegram,
to: YOURTELEGRAMCHAT_ID
}
}
作为子代理
生成子代理来处理监控:
bash
使用 OpenClaw sessions_spawn 在后台
