Mission Control 🚀

A real-time dashboard showing what your OpenClaw agent is doing, cron job health, issues requiring attention, and recent activity. Check it from anywhere — your phone, your laptop, wherever.

Quick Start

Tier 1 — Canvas (Zero Setup) ⚡

No external services. The agent renders the dashboard directly in your OpenClaw session.

How to use:
CODEBLOCK0

The agent will:

1. 1. Gather current state (active tasks, crons, etc.)
2. Generate a dashboard using the canvas tool
3. Present it inline in your session

That's it. No deploy, no accounts, nothing to configure.

---

Tier 2 — GitHub Pages + Polling (Recommended) 🌐

Free hosting with 30-second auto-refresh. Takes 2 minutes to set up.

Setup:

1. 1. Create a repo:

CODEBLOCK1

1. 2. Copy the dashboard:

CODEBLOCK2

1. 3. Edit index.html:

- Change YOUR_PIN_HERE to your chosen PIN

1. 4. Enable GitHub Pages:

- Go to repo Settings → Pages - Source: Deploy from branch main - Folder: INLINECODE3

1. 5. Deploy:

CODEBLOCK3

Your dashboard is now live at https://YOUR_USERNAME.github.io/mission-control/

---

Tier 3 — Supabase Realtime + Vercel (Premium) ⚡🔥

True websocket realtime — updates appear in under 1 second.

Prerequisites:

• - Supabase account (free tier works)
• Vercel account (free tier works)

Step 1: Create Supabase Table

In your Supabase SQL Editor, run assets/templates/setup-supabase.sql.

Step 2: Get Your Keys

From Supabase Dashboard → Settings → API:

• - Copy SUPABASE_URL (Project URL)
• Copy SUPABASE_ANON_KEY (anon public key)

That's it — no service_role key needed. The anon key handles both reads (dashboard) and writes (push script) via table-specific RLS.

Step 3: Edit the Dashboard

In tier3-realtime.html:

1. 1. Replace YOUR_SUPABASE_URL with your project URL
2. Replace YOUR_SUPABASE_ANON_KEY with your anon key
3. Replace YOUR_PIN_HERE with your chosen PIN

Step 4: Deploy to Vercel

CODEBLOCK4

Step 5: Configure Push Script

CODEBLOCK5

---

🔄 Keeping It Fresh — Auto-Update Mechanism

The dashboard updates itself automatically. Here's how:

1. Cron Auto-Update (Every 30 Minutes)

Set up a cron job that collects data from OpenClaw APIs and pushes it:

CODEBLOCK6

Data sources: Only OpenClaw built-in APIs (cron list, sessions_list). No local files are read. Action items and recent activity are added manually via the "Manual Update" command below.

Sample cron configuration:
CODEBLOCK7

2. Real-Time Event Pushes

Beyond the periodic cron, the agent pushes updates immediately when significant events happen:

• - ✅ Task starts or finishes
• ❌ Errors or failures
• 🚀 Deploys complete
• 📧 Important notifications arrive

This means the dashboard reflects changes within seconds, not just every 30 minutes.

How to enable: When you start a major task, tell the agent:
CODEBLOCK8

3. Force Update Button

Every dashboard tier includes a 🔄 Update button in the header:

• - Tier 2: Re-fetches dashboard-data.json immediately
• Tier 3: Re-fetches from Supabase immediately
• Resets the "Updated X ago" timer
• Shows loading spinner while fetching

Use this when you want to confirm the latest state without waiting for auto-refresh.

The Result

The combination of periodic cron + real-time pushes + manual refresh keeps your dashboard accurate at all times. You'll always see what your agent is actually doing.

---

Dashboard Features

🚨 Action Required

Urgent items that need your attention. Highlighted at the top with priority badges (high/medium/low).

⚡ Active Now

What the agent is currently working on, with model name and duration.

📊 Products

Your product cards with live/testing/down status badges.

⏰ Cron Jobs

Table showing all scheduled jobs with status, last run time, and error counts. Click to expand error details.

📋 Recent Activity

Timeline of recent events and accomplishments.

🔴 Live Indicator (Tier 3 only)

Green pulsing dot shows websocket is connected. Flash animation when data updates.

---

Requirements by Tier

Tier	Tools Needed	External Accounts	Env Vars
Tier 1	None	None	None
Tier 2

git, gh CLI | GitHub (free) | DASHBOARD_PIN | | Tier 3 | curl | Supabase (free), Vercel (free) | See below |

Environment Variables

Variable	Required	Tier	Purpose
INLINECODE19	No	All	PIN code for dashboard access (set directly in HTML config)
INLINECODE20

Yes | Tier 3 only | Your Supabase project URL | | SUPABASE_ANON_KEY | Yes | Tier 3 only | Supabase anon key — used for both dashboard reads AND push script writes |

Tier 1 needs zero env vars. Tier 2 needs only a GitHub repo. Tier 3 needs only SUPABASE_URL and SUPABASE_ANON_KEY — no service_role key required.

Permissions Used by OpenClaw

Tier	Permissions	Why
Tier 1	None	Canvas is built into OpenClaw
Tier 2

exec | To run git push to YOUR GitHub repo | | Tier 3 | exec | To run curl to YOUR Supabase project |

No other permissions are used. No read permission needed — this skill does not access local files.

---

Data Schema

The dashboard expects JSON in this format:

CODEBLOCK9

Field Reference

Field	Type	Description
INLINECODE29	ISO-8601	When data was last refreshed
INLINECODE30

high\|medium\|low | Urgency level | | products[].status | live\|testing\|down | Product health | | crons[].status | ok\|error\|paused | Job status |

---

Security & Privacy

This is an instruction-only skill — no executable code, no install scripts, no third-party dependencies.

What This Skill Does and Doesn't Do

✅ Does	❌ Doesn't
Render HTML dashboards	Read local files (no HEARTBEAT.md, no memory files, no source code)
Push operational status to YOUR services

Send data to third-party services | | Read OpenClaw APIs only (cron list, sessions_list) | Store, log, or transmit credentials | | Use YOUR Supabase/GitHub accounts | Require service_role or admin keys |

Exactly What Data Gets Pushed (Tier 2 & 3)

The dashboard pushes ONLY these fields — nothing else:

Field	Example	Contains secrets?
INLINECODE36	"Review PR #42"	❌ No
INLINECODE37

"Deploying v2.0" | ❌ No |
| products[].name | "My App" | ❌ No |
| products[].url | "https://myapp.com" | ❌ No (public URLs only) |
| products[].status | "live" | ❌ No |
| crons[].name | "Daily Report" | ❌ No |
| crons[].status | "ok" / "error" | ❌ No |
| crons[].lastError | "timeout after 30s" | ❌ No (error messages only) |
| recentActivity[].event | "✅ Deployed v2.1" | ❌ No |

Never pushed: passwords, API keys, tokens, file contents, database credentials, user data, or PII. The agent builds the JSON from operational status only — task names, timestamps, and status codes.

What Data the Agent Reads

The auto-update cron uses ONLY OpenClaw built-in APIs:

Source	What it extracts	Sensitive?
INLINECODE45 (OpenClaw API)	Job names, status, error counts	❌ No
INLINECODE46 (OpenClaw API)

Active task labels, models | ❌ No |

No local files are read. The cron does not access HEARTBEAT.md, memory files, source code, or any other files on disk. Action items and recent activity are added manually by the user via the "Manual Update" command.

No Service Role Key Required

This skill does NOT require a Supabase service_role key. The anon key handles both reads and writes via table-specific RLS:

• - The dashboard_state table allows anon SELECT and UPDATE (via RLS policy)
• The anon key can ONLY read/write this single table — it cannot access any other tables
• Worst case if someone gets your anon key: they can overwrite dashboard status data (not sensitive)
• The anon key is the same one already embedded in your client-side Supabase app

Row Level Security (Tier 3)

The provided SQL (setup-supabase.sql) configures table-specific RLS:

• - SELECT: Allowed for anon — dashboard can read status
• UPDATE: Allowed for anon on dashboard_state table only — push script can update status
• Other tables: Unaffected — the anon key's existing RLS policies on all other tables remain unchanged
• No DELETE: Anon cannot delete the dashboard row

PIN Protection — Limitations

The client-side PIN prevents casual access, NOT determined attackers.

For stronger protection:

• - Tier 2: Make your GitHub Pages repo private (GitHub Pro)
• Tier 3: Use Vercel's password protection (Pro plan) or add Supabase Auth
• All tiers: The dashboard only contains operational status — no secrets to steal even if accessed

---

Files Included

CODEBLOCK10

---

Troubleshooting

Dashboard shows "Disconnected" (Tier 3)

• - Check Supabase project is running
• Verify anon key is correct
• Ensure realtime is enabled on the table

Data not updating (Tier 2)

• - Check GitHub Pages is enabled
• Verify data/dashboard-data.json was pushed
• Hard refresh the page (Ctrl+Shift+R)
• Click the Force Update button to confirm data is stale

PIN not working

• - PINs are case-sensitive
• Check you're using the same PIN in HTML config

Cron status not accurate

• - Ensure your Dashboard Update cron is running (cron list)
• Check for errors in the cron output
• Manually run the update: "Update my Mission Control dashboard now"

---

Credits

Built for the OpenClaw community. MIT License.