create-ironclaws 1.0.0

package/template/container/skills/capabilities/SKILL.md

@@ -0,0 +1,100 @@
+---
+name: capabilities
+description: Show what this NanoClaw instance can do — installed skills, available tools, and system info. Read-only. Use when the user asks what the bot can do, what's installed, or runs /capabilities.
+---
+
+# /capabilities — System Capabilities Report
+
+Generate a structured read-only report of what this NanoClaw instance can do.
+
+**Main-channel check:** Only the main channel has `/workspace/project` mounted. Run:
+
+```bash
+test -d /workspace/project && echo "MAIN" || echo "NOT_MAIN"
+```
+
+If `NOT_MAIN`, respond with:
+> This command is available in your main chat only. Send `/capabilities` there to see what I can do.
+
+Then stop — do not generate the report.
+
+## How to gather the information
+
+Run these commands and compile the results into the report format below.
+
+### 1. Installed skills
+
+List skill directories available to you:
+
+```bash
+ls -1 /home/node/.claude/skills/ 2>/dev/null || echo "No skills found"
+```
+
+Each directory is an installed skill. The directory name is the skill name (e.g., `agent-browser` → `/agent-browser`).
+
+### 2. Available tools
+
+Read the allowed tools from your SDK configuration. You always have access to:
+- **Core:** Bash, Read, Write, Edit, Glob, Grep
+- **Web:** WebSearch, WebFetch
+- **Orchestration:** Task, TaskOutput, TaskStop, TeamCreate, TeamDelete, SendMessage (⚠️ for sub-agent teams only — does NOT send to Slack users)
+- **Other:** TodoWrite, ToolSearch, Skill, NotebookEdit
+- **MCP:** mcp__nanoclaw__* (messaging, tasks, group management)
+
+### 3. MCP server tools
+
+The NanoClaw MCP server exposes these tools (via `mcp__nanoclaw__*` prefix):
+- `send_message` — send a message to the user/group
+- `schedule_task` — schedule a recurring or one-time task
+- `list_tasks` — list scheduled tasks
+- `pause_task` — pause a scheduled task
+- `resume_task` — resume a paused task
+- `cancel_task` — cancel and delete a task
+- `update_task` — update an existing task
+- `register_group` — register a new chat/group (main only)
+
+### 4. Container tools (Python tools)
+
+Check for Python tools available in the container:
+
+```bash
+ls /workspace/extra/tools/*.py 2>/dev/null || echo "No extra tools found"
+```
+
+### 5. Group info
+
+```bash
+ls /workspace/group/CLAUDE.md 2>/dev/null && echo "Group memory: yes" || echo "Group memory: no"
+ls /workspace/extra/ 2>/dev/null && echo "Extra mounts: $(ls /workspace/extra/ 2>/dev/null | wc -l | tr -d ' ')" || echo "Extra mounts: none"
+```
+
+## Report format
+
+Present the report as a clean, readable message. Example:
+
+```
+📋 *NanoClaw Capabilities*
+
+*Installed Skills:*
+• /agent-browser — Browse the web, fill forms, extract data
+• /capabilities — This report
+(list all found skills)
+
+*Tools:*
+• Core: Bash, Read, Write, Edit, Glob, Grep
+• Web: WebSearch, WebFetch
+• Orchestration: Task, TeamCreate, SendMessage
+• MCP: send_message, schedule_task, list_tasks, pause/resume/cancel/update_task, register_group
+
+*Container Tools:*
+• agent-browser: ✓
+
+*System:*
+• Group memory: yes/no
+• Extra mounts: N directories
+• Main channel: yes
+```
+
+Adapt the output based on what you actually find — don't list things that aren't installed.
+
+**See also:** `/status` for a quick health check of session, workspace, and tasks.

package/template/container/skills/edit-agent/SKILL.md

@@ -0,0 +1,93 @@
+---
+name: edit-agent
+description: Collaboratively edit any agent's CLAUDE.md — propose a diff, wait for confirmation, then apply. Use when asked to update, change, or improve an agent's instructions or behaviour.
+---
+
+# Edit Agent — Collaborative CLAUDE.md Editor
+
+Use this when the user wants to change how an agent behaves.
+
+## Step 1 — Identify the target agent
+
+Figure out which agent to edit from the user's message. If ambiguous, ask which one.
+
+Get the folder name:
+
+```bash
+python3 -c "
+import sqlite3
+db = sqlite3.connect('/workspace/project/store/messages.db')
+rows = db.execute('SELECT name, folder FROM registered_groups').fetchall()
+for r in rows:
+    print(f'{r[0]} -> {r[1]}')
+db.close()
+"
+```
+
+## Step 2 — Read the current CLAUDE.md
+
+```bash
+cat /workspace/project/groups/<folder>/CLAUDE.md
+```
+
+## Step 3 — Understand what needs to change
+
+Read the current file carefully. Understand the full context before proposing anything.
+
+## Step 4 — Propose the change
+
+Show the user EXACTLY what will change. Be specific — quote the text being removed and the text replacing it, or show where new content will be inserted.
+
+Format:
+
+```
+Here's what I'm proposing to change in *<Agent Name>*'s CLAUDE.md:
+
+*Remove:*
+> <exact text being removed>
+
+*Replace with:*
+> <exact new text>
+
+*Reason:* <one sentence explaining why>
+
+Should I go ahead?
+```
+
+If it's an addition rather than a replacement:
+
+```
+Here's what I'm proposing to add to *<Agent Name>*'s CLAUDE.md:
+
+*Add after "<section heading>":*
+> <exact new text>
+
+Should I go ahead?
+```
+
+## Step 5 — Wait for explicit confirmation
+
+Do NOT apply the change until the user says yes / go ahead / confirmed / approved or similar.
+
+If they say no or want adjustments — revise and re-propose.
+
+## Step 6 — Apply the change
+
+```bash
+# Read current content, apply edit, write back
+# Use Python for safe file manipulation
+python3 -c "
+content = open('/workspace/extra/groups/<folder>/CLAUDE.md').read()
+# Apply the specific change
+content = content.replace('<old text>', '<new text>')
+open('/workspace/extra/groups/<folder>/CLAUDE.md', 'w').write(content)
+print('Done')
+"
+```
+
+## Step 7 — Confirm
+
+Tell the user:
+- What was changed
+- That the change is live immediately (no restart needed for CLAUDE.md changes)
+- The agent will use the new instructions from its next message

package/template/container/skills/slack-formatting/SKILL.md

@@ -0,0 +1,92 @@
+---
+name: slack-formatting
+description: Format messages for Slack using mrkdwn syntax. Use when responding to Slack channels (folder starts with "slack_" or JID contains slack identifiers).
+---
+
+# Slack Message Formatting (mrkdwn)
+
+When responding to Slack channels, use Slack's mrkdwn syntax instead of standard Markdown.
+
+## Slack context
+
+All agents in this deployment communicate via Slack. These formatting rules always apply.
+
+## Formatting reference
+
+### Text styles
+
+| Style | Syntax | Example |
+|-------|--------|---------|
+| Bold | `*text*` | *bold text* |
+| Italic | `_text_` | _italic text_ |
+| Strikethrough | `~text~` | ~strikethrough~ |
+| Code (inline) | `` `code` `` | `inline code` |
+| Code block | ` ```code``` ` | Multi-line code |
+
+### Links and mentions
+
+```
+<https://example.com|Link text>     # Named link
+<https://example.com>                # Auto-linked URL
+<@U1234567890>                       # Mention user by ID
+<#C1234567890>                       # Mention channel by ID
+<!here>                              # @here
+<!channel>                           # @channel
+```
+
+### Lists
+
+Slack supports simple bullet lists but NOT numbered lists:
+
+```
+• First item
+• Second item
+• Third item
+```
+
+Use `•` (bullet character) or `- ` or `* ` for bullets.
+
+### Block quotes
+
+```
+> This is a block quote
+> It can span multiple lines
+```
+
+### Emoji
+
+Use standard emoji shortcodes: `:white_check_mark:`, `:x:`, `:rocket:`, `:tada:`
+
+## What NOT to use
+
+- **NO** `##` headings (use `*Bold text*` for headers instead)
+- **NO** `**double asterisks**` for bold (use `*single asterisks*`)
+- **NO** `[text](url)` links (use `<url|text>` instead)
+- **NO** `1.` numbered lists (use bullets with numbers: `• 1. First`)
+- **NO** tables (use code blocks or plain text alignment)
+- **NO** `---` horizontal rules
+
+## Example message
+
+```
+*Daily Standup Summary*
+
+_March 21, 2026_
+
+• *Completed:* Fixed authentication bug in login flow
+• *In Progress:* Building new dashboard widgets
+• *Blocked:* Waiting on API access from DevOps
+
+> Next sync: Monday 10am
+
+:white_check_mark: All tests passing | <https://ci.example.com/builds/123|View Build>
+```
+
+## Quick rules
+
+1. Use `*bold*` not `**bold**`
+2. Use `<url|text>` not `[text](url)`
+3. Use `•` bullets, avoid numbered lists
+4. Use `:emoji:` shortcodes
+5. Quote blocks with `>`
+6. Skip headings — use bold text instead

package/template/container/skills/status/SKILL.md

@@ -0,0 +1,104 @@
+---
+name: status
+description: Quick read-only health check — session context, workspace mounts, tool availability, and task snapshot. Use when the user asks for system status or runs /status.
+---
+
+# /status — System Status Check
+
+Generate a quick read-only status report of the current agent environment.
+
+**Main-channel check:** Only the main channel has `/workspace/project` mounted. Run:
+
+```bash
+test -d /workspace/project && echo "MAIN" || echo "NOT_MAIN"
+```
+
+If `NOT_MAIN`, respond with:
+> This command is available in your main chat only. Send `/status` there to check system status.
+
+Then stop — do not generate the report.
+
+## How to gather the information
+
+Run the checks below and compile results into the report format.
+
+### 1. Session context
+
+```bash
+echo "Timestamp: $(date)"
+echo "Working dir: $(pwd)"
+echo "Channel: main"
+```
+
+### 2. Workspace and mount visibility
+
+```bash
+echo "=== Workspace ==="
+ls /workspace/ 2>/dev/null
+echo "=== Group folder ==="
+ls /workspace/group/ 2>/dev/null | head -20
+echo "=== Extra mounts ==="
+ls /workspace/extra/ 2>/dev/null || echo "none"
+echo "=== IPC ==="
+ls /workspace/ipc/ 2>/dev/null
+```
+
+### 3. Tool availability
+
+Confirm which tool families are available to you:
+
+- **Core:** Bash, Read, Write, Edit, Glob, Grep
+- **Web:** WebSearch, WebFetch
+- **Orchestration:** Task, TaskOutput, TaskStop, TeamCreate, TeamDelete, SendMessage
+- **MCP:** mcp__nanoclaw__* (send_message, schedule_task, list_tasks, pause_task, resume_task, cancel_task, update_task, register_group)
+
+### 4. Container utilities
+
+```bash
+which agent-browser 2>/dev/null && echo "agent-browser: available" || echo "agent-browser: not installed"
+node --version 2>/dev/null
+claude --version 2>/dev/null
+```
+
+### 5. Task snapshot
+
+Use the MCP tool to list tasks:
+
+```
+Call mcp__nanoclaw__list_tasks to get scheduled tasks.
+```
+
+If no tasks exist, report "No scheduled tasks."
+
+## Report format
+
+Present as a clean, readable message:
+
+```
+🔍 *NanoClaw Status*
+
+*Session:*
+• Channel: main
+• Time: 2026-03-14 09:30 UTC
+• Working dir: /workspace/group
+
+*Workspace:*
+• Group folder: ✓ (N files)
+• Extra mounts: none / N directories
+• IPC: ✓ (messages, tasks, input)
+
+*Tools:*
+• Core: ✓  Web: ✓  Orchestration: ✓  MCP: ✓
+
+*Container:*
+• agent-browser: ✓ / not installed
+• Node: vXX.X.X
+• Claude Code: vX.X.X
+
+*Scheduled Tasks:*
+• N active tasks / No scheduled tasks
+```
+
+Adapt based on what you actually find. Keep it concise — this is a quick health check, not a deep diagnostic.
+
+**See also:** `/capabilities` for a full list of installed skills and tools.

package/template/container/tools/elastic_query.py

@@ -0,0 +1,161 @@
+"""
+Standalone Elastic/Kibana log query tool for Argus.
+
+Usage:
+  python3 elastic_query.py --namespace it-ops
+  python3 elastic_query.py --namespace it-ops --container my-service
+  python3 elastic_query.py --namespace it-ops --from 2024-01-01T10:00:00Z --to 2024-01-01T11:00:00Z
+  python3 elastic_query.py  # searches all namespaces with default lookback
+
+Environment variables (required):
+  ELASTIC_BASE_URL      e.g. https://kibana.yourcompany.com
+  ELASTIC_API_KEY       Kibana API key
+
+Optional environment variables:
+  ELASTIC_LOOKBACK_MINUTES  default 60
+  ELASTIC_MAX_LOGS          default 100
+"""
+
+import argparse
+import json
+import os
+import sys
+from datetime import datetime, timedelta, timezone
+
+try:
+    import requests
+except ImportError:
+    print("ERROR: 'requests' is not installed. Run: pip3 install requests", file=sys.stderr)
+    sys.exit(1)
+
+KIBANA_PROXY_PATH = "/api/console/proxy"
+
+
+def parse_args():
+    p = argparse.ArgumentParser(description="Query Elastic error logs via Kibana proxy")
+    p.add_argument("--namespace", help="Kubernetes namespace (omit to search all)")
+    p.add_argument("--container", help="Kubernetes container name (optional filter)")
+    p.add_argument("--from", dest="from_ts", help="Start timestamp (ISO 8601 or 'now-Xm/h/d')")
+    p.add_argument("--to", dest="to_ts", help="End timestamp (ISO 8601 or 'now')")
+    p.add_argument("--lookback", type=int, help="Lookback minutes (overrides ELASTIC_LOOKBACK_MINUTES)")
+    p.add_argument("--max", type=int, help="Max log entries (overrides ELASTIC_MAX_LOGS)")
+    return p.parse_args()
+
+
+def resolve_ts(ts: str) -> str:
+    """Resolve 'now-Xm/h/d' and 'now' to ISO timestamps."""
+    if not ts.startswith("now"):
+        return ts
+    import re
+    m = re.match(r"now-(\d+)([mhd])$", ts)
+    if m:
+        amount, unit = int(m.group(1)), m.group(2)
+        delta = {"m": timedelta(minutes=amount), "h": timedelta(hours=amount), "d": timedelta(days=amount)}[unit]
+        return (datetime.now(timezone.utc) - delta).isoformat()
+    return datetime.now(timezone.utc).isoformat()
+
+
+def query_logs(namespace, container, from_ts, to_ts, max_logs, base_url, api_key):
+    if from_ts and to_ts:
+        time_range = {"gte": from_ts, "lte": to_ts}
+    else:
+        now = datetime.now(timezone.utc)
+        lookback = int(os.environ.get("ELASTIC_LOOKBACK_MINUTES", "60"))
+        since = now - timedelta(minutes=lookback)
+        time_range = {"gte": since.isoformat(), "lte": now.isoformat()}
+
+    must = [{"range": {"@timestamp": time_range}}]
+    if namespace:
+        must.append({"match_phrase": {"kubernetes.namespace": namespace}})
+    if container:
+        must.append({"match_phrase": {"kubernetes.container.name": container}})
+
+    body = {
+        "size": max_logs,
+        "sort": [{"@timestamp": {"order": "desc"}}],
+        "query": {
+            "bool": {
+                "must": must,
+                "should": [
+                    {"match_phrase": {"log.level": "error"}},
+                    {"match_phrase": {"log.level": "ERROR"}},
+                    {"match": {"message": "error"}},
+                    {"match": {"message": "exception"}},
+                    {"match": {"message": "traceback"}},
+                    {"match": {"message": "Traceback"}},
+                ],
+                "minimum_should_match": 1,
+            }
+        },
+        "_source": [
+            "@timestamp",
+            "message",
+            "log.level",
+            "kubernetes.pod.name",
+            "kubernetes.container.name",
+        ],
+    }
+
+    url = f"{base_url.rstrip('/')}{KIBANA_PROXY_PATH}"
+    params = {"path": "/filebeat-*/_search", "method": "GET"}
+    # Authorization header is optional here — if ELASTIC_API_KEY env var is set,
+    # use it directly. If absent, the OneCLI HTTPS proxy injects it automatically.
+    headers = {"kbn-xsrf": "true", "Content-Type": "application/json"}
+    if api_key:
+        headers["Authorization"] = f"ApiKey {api_key}"
+
+    resp = requests.post(url, params=params, headers=headers, json=body, timeout=30)
+    resp.raise_for_status()
+    hits = resp.json().get("hits", {}).get("hits", [])
+    return [h["_source"] for h in hits]
+
+
+def format_logs(logs):
+    if not logs:
+        return "No error logs found in the specified time window."
+    lines = []
+    for log in logs:
+        ts = log.get("@timestamp", "?")
+        level = log.get("log.level") or (log.get("log") or {}).get("level", "?")
+        k8s = log.get("kubernetes") or {}
+        pod = (k8s.get("pod") or {}).get("name", "?")
+        ctr = (k8s.get("container") or {}).get("name", "?")
+        msg = log.get("message", "").strip()
+        lines.append(f"[{ts}] [{level}] [{ctr}/{pod}] {msg}")
+    return "\n".join(lines)
+
+
+def main():
+    args = parse_args()
+
+    base_url = os.environ.get("ELASTIC_BASE_URL", "").strip()
+    if not base_url:
+        print("ERROR: ELASTIC_BASE_URL must be set in the environment.", file=sys.stderr)
+        sys.exit(1)
+
+    # api_key is optional — if absent, OneCLI HTTPS proxy injects the Authorization header.
+    api_key = os.environ.get("ELASTIC_API_KEY", "").strip()
+
+    from_ts = resolve_ts(args.from_ts) if args.from_ts else None
+    to_ts = resolve_ts(args.to_ts) if args.to_ts else None
+    max_logs = args.max or int(os.environ.get("ELASTIC_MAX_LOGS", "100"))
+
+    try:
+        logs = query_logs(
+            namespace=args.namespace,
+            container=args.container,
+            from_ts=from_ts,
+            to_ts=to_ts,
+            max_logs=max_logs,
+            base_url=base_url,
+            api_key=api_key,
+        )
+    except Exception as e:
+        print(f"ERROR: Elastic query failed: {e}", file=sys.stderr)
+        sys.exit(1)
+
+    print(format_logs(logs))
+
+
+if __name__ == "__main__":
+    main()