Skip to main content
Glama

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
DASHCLAW_URLYesThe URL of your DashClaw instance (e.g., https://your-dashclaw.vercel.app).
DASHCLAW_API_KEYYesYour DashClaw API key (e.g., oc_live_xxx).

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": true
}
resources
{
  "listChanged": true
}

Tools

Functions exposed to the LLM to take actions

NameDescription
dashclaw_guardA

Evaluate DashClaw governance policies before taking a risky action. Call this BEFORE any action that modifies external systems, deploys code, sends messages, or touches production data. Returns a decision: "allow" (proceed), "warn" (proceed with caution), "block" (stop), or "require_approval" (wait for human in Mission Control). If the decision is "block", do NOT proceed with the action.

dashclaw_recordA

Record a governed action in DashClaw's audit trail. Use this to log significant decisions, completed tasks, or notable outcomes. Every important action the agent takes should be recorded for governance visibility in Mission Control and the Decisions ledger.

dashclaw_invokeA

Invoke a DashClaw-governed capability (external API). The capability is guarded (policy check), executed (HTTP call), and recorded (audit trail) automatically. Use this instead of making direct HTTP calls when the target API is registered as a DashClaw capability. Call dashclaw_capabilities_list first to discover available capability IDs.

dashclaw_capabilities_listA

List available capabilities registered in DashClaw. Use this to discover what external APIs and tools are available before invoking them. Returns capability IDs, names, health status, and risk levels. Filter by category, risk level, or search term.

dashclaw_policies_listA

List active governance policies. Use this to understand what rules govern your actions before taking them. Helps calibrate risk scores and know which action types require approval. Optionally filter to policies applying to a specific agent.

dashclaw_wait_for_approvalA

Wait for a human to approve or deny a pending action in DashClaw Mission Control. Call this after a guard decision returns "require_approval" or after recording an action with status "pending_approval". Polls the action status until it changes. Default timeout is 300 seconds (5 minutes).

dashclaw_session_startA

Register this agent session with DashClaw. Creates a session record that groups all subsequent actions for tracking and observability. Call this at the beginning of a task to establish a governance boundary.

dashclaw_session_endA

Close a DashClaw session and update its status. Call this when the task is complete or if the session needs to be marked as failed. Provides a clean lifecycle boundary for governance reporting in Mission Control.

dashclaw_optimal_files_previewA

Preview the Optimal Files bundle DashClaw Code Sessions would generate for a given session. Returns the per-file plan with confidence, secret-scan, and overwrite-risk flags. Read-only — does NOT write to disk; pair with dashclaw_optimal_files_manifest to persist a chosen subset.

dashclaw_optimal_files_manifestA

Persist a write plan for selected Optimal Files entries. Returns { manifest_id, expires_at, apply_command }. The local CLI invokes dashclaw code apply <manifest_id> to apply the plan to disk. Manifest expires after 24h.

dashclaw_handoff_createA

Create a session handoff bundle for the next session of this agent to consume on start. Call this when wrapping up — include a 1-2 sentence summary, any open loops, decisions made, and freeform state you want the next session to see.

dashclaw_handoff_latestB

Fetch the latest unconsumed session handoff for this agent (+ project, optional). Call this on session start to pick up where the last session left off. Returns null if no handoff is waiting.

dashclaw_handoff_consumeA

Mark a handoff as consumed. Call after dashclaw_handoff_latest returns a bundle and you have processed it. Idempotent.

dashclaw_secret_listA

List tracked secrets (metadata only — no values). Returns each entry with name, rotation interval, last_rotated_at, and computed next_rotation_due.

dashclaw_secret_dueA

List secrets coming due for rotation. Call this BEFORE acting on credentials. If a credential you would use is in the result, flag the operator rather than proceeding.

dashclaw_secret_mark_rotatedA

Mark a tracked secret as rotated (sets last_rotated_at = now). Agents only call this if the operator instructs; secret registration is an operator task.

dashclaw_skill_scanA

Run a static safety scan against the contents of an untrusted skill before loading it. Returns findings (severity, file, line) and a passed boolean. If passed=false, do NOT load the skill — show the findings to the operator.

dashclaw_loop_addA

Register an open loop on a parent action — a commitment made in conversation that needs follow-up. Use when you say "I will X later" so the loop is tracked outside of context. Loops are action-scoped; action_id is required.

dashclaw_loop_listB

List open (or resolved) loops with optional filters. Use on session start to remember what you promised to follow up on.

dashclaw_loop_closeA

Resolve an open loop. Call when the followed-up-on item is complete. Requires the loop_id and a short resolution note.

dashclaw_assumption_recordA

Record an assumption you are acting on — something you treat as true but have not verified (e.g. "staging tests passed", "no active legal hold on this record"). Attach it to the action whose decision rests on it so operators can later validate or refute it and staleness drift is tracked. Call right after the action that depends on the belief.

dashclaw_learning_logA

Log a decision + outcome to the learning database. Use after making a non-obvious decision so future sessions can recall the reasoning and outcome.

dashclaw_learning_queryA

Query the learning database for prior decisions and lessons. Use BEFORE making a decision similar to one you might have made before.

dashclaw_decisions_recentB

Query the guardrail decisions ledger for recent governed actions. Filter by agent, action type, decision verdict, or time window. Use for in-session retrospection — "what have I done recently?"

dashclaw_behavior_suggestionsA

List DashClaw Policy Coach suggestions — evidence-backed, observe-only policy suggestions the analyzer learned from this agent's locally-recorded behavior (destructive commands, protected-path writes, repeated reloads, failed loops, model/task mismatches, and the safe operating envelope). Read-only: each suggestion carries confidence, sample size, evidence, and expected effect. Review, simulate, and adopt them from the Policy Coach UI — nothing is enforced automatically.

dashclaw_inbox_listA

List this agent's DashClaw inbox messages and unread count. Use at the start of a session, or when notified, to see governance messages, lessons, questions, and status updates addressed to you before deciding what to do next. Each message includes an is_read flag; the response also carries the total unread_count. Pair with dashclaw_messages_mark_read once you have processed them.

dashclaw_messages_mark_readA

Mark one or more DashClaw inbox messages as read for this agent. Call after processing messages from dashclaw_inbox_list so they stop reappearing as unread. Direct messages are marked read for the target agent; broadcasts record this agent in read_by. Returns { updated: }.

dashclaw_pairA

Enroll this agent's cryptographic identity with DashClaw (operator pairing requests in your inbox ask for exactly this). Generates an RSA-2048 keypair locally, stores the PRIVATE key on this machine only (~/.dashclaw/identity/.pem — never logged, never sent), and POSTs the public key to /api/pairings. An admin then approves the pairing, which creates the agent identity and lets your recorded actions be signature-verified. Set wait:true to poll until approved/expired (max 5 min). After pairing, mark the request message read via dashclaw_messages_mark_read.

dashclaw_postureA

Read the org-wide governance posture score (0-100) and its prioritized remediation queue. Returns the gaming-resistant score, the six dimension breakdowns (identity, enforcement, spend, auditability, approval, data_protection), and the open findings (each with severity, points recoverable, evidence, and the prefilled fix). Read-only governance retrospection — "how well is my fleet actually governed, and what is the highest-leverage gap?" Resolving findings is operator-driven (UI/CLI); an agent can observe gaps but never activates enforcement.

dashclaw_posture_nextA

Return the single highest-priority open governance gap (the top of the posture remediation queue) with its severity, points recoverable, evidence, and prefilled fix. Use for "what is the one governance gap I should close next?" Read-only — preparing or activating the fix is operator-driven, not agent-driven.

dashclaw_work_order_submitA

Submit a DashClaw work order: a typed, budget-capped unit of agent work governed by policy. The order is validated against the registered contract for its type, guard-gated (may be blocked or parked for human approval), then queued for any worker to claim. Returns work_order_id + status + the guard decision.

dashclaw_work_order_statusA

Check a DashClaw work order: current lifecycle status, worker, guard decision, and — once terminal — the self-verifying receipt (cost, output hash, governance trail).

list_projectsA

List all known projects and which one is currently selected.

create_projectC

Create a new project in the default workspace.

select_projectA

Set the active project used by tools that omit an explicit project arg.

get_project_contextA

THE tool to call FIRST. Returns the full production context for a project/environment: GitHub repo, Vercel project + live latest deployment status/URL/failure, Supabase project, Stripe mode, what is allowed / blocked / approval-required, project memory, recent audit history, suggested safe next actions, and a human-readable summary. Pass environment to focus on one (recommended); otherwise all environments are returned.

export_contextC

Export a versioned project context snapshot as JSON or Markdown.

add_environmentB

Add an environment (e.g. staging, production) to a project.

list_environmentsA

List environments for a project.

map_provider_resourceB

Bind a provider resource to a project environment. Examples of resource: {provider:'github',owner:'your-org',repo:'your-repo'}, {provider:'vercel',projectId:'your-vercel-project'}, {provider:'supabase',projectRef:'your_project_ref'}, {provider:'stripe',mode:'live'}.

list_provider_mappingsA

List all environment→provider-resource mappings for a project.

get_provider_mappingC

Get the concrete provider resource mapped to a given environment.

list_connectionsA

List configured provider connections. Secrets are never returned; only env var names are shown.

create_connectionB

Create an explicit provider connection backed by an environment variable. The secret value is never stored.

set_app_env_varsA

Set multiple environment variables on the mapped Vercel or Railway app under one governed env_change action. Values are sent to the target provider but are not included in DashClaw/audit summaries. Production changes require approval by default.

check_policyA

Ask whether a capability (read/write/deploy/env_change/delete/destructive_sql/purchase) is allowed, blocked, or requires approval for a provider in an environment — WITHOUT executing anything.

simulate_actionC

Simulate a provider capability in an environment without executing a provider call or writing audit entries.

list_policy_rulesA

List explicit policy rules (highest priority first). Built-in defaults also apply.

set_policy_ruleA

Add an explicit policy rule that overrides defaults. Higher priority wins. Use this to approve something normally gated (effect:'allow') or to tighten further (effect:'block').

list_pending_approvalsC

List approval requests created by gated provider actions.

doctorA

Run local readiness checks: project/environment resolution, mappings, credential env vars, and audit writability. When DASHCLAW_URL and DASHCLAW_API_KEY are configured, the result also includes a read-only report.platform section fetched from the DashClaw platform's own /api/doctor endpoint.

approve_actionA

Approve a pending action request for one matching rerun. This never executes the provider call by itself; rerun the original action after approval.

reject_actionA

Reject a pending action request so it cannot be approved later.

read_project_memoryA

Read short notes saved for a project (optionally scoped to one environment).

write_project_memoryA

Save a short note for a project/environment so future agent sessions know what happened (e.g. 'Last Vercel deploy failed because DATABASE_URL was missing').

list_audit_logB

List recent audit entries (every provider action is logged here). Filter by project, environment, provider.

export_audit_logC

Export recent audit entries as jsonl, csv, or markdown.

dashclaw_statusA

Check DashClaw authoritative gate configuration and reachability.

dashclaw_recent_decisionsC

Read recent DashClaw guard decisions scoped to project/environment when supported by DashClaw.

export_dashclaw_evidenceC

Export local audit entries that include DashClaw guard/evidence metadata.

explain_action_riskC

Dry-run local policy and DashClaw guard context for a provider action without executing it.

governed_action_summaryC

Summarize recent local audit entries with DashClaw correlation fields.

get_app_logsA

Fetch application/deployment logs for a project environment from the mapped provider(s). If provider is given, reads that provider only; otherwise reads every mapped provider that supports logs (Vercel + Railway in V0, Vercel prioritized). Returns the resource used, time range, log lines, and any API limitation. Reads are allowed everywhere and are audited.

get_latest_deployment_logsA

Convenience: find the latest deployment for the mapped provider (default Vercel) and fetch its logs. Returns deployment status + logs. Read-only and audited.

create_launch_planA

Create a stateful launch plan for a project: an ordered step checklist derived from the launch playbook for the declared stack (subset of: domain, vercel, neon, stripe, resend, clerk, upstash, r2, sentry, posthog). Plans TRACK the launch — each step names the existing guarded tool that performs it and a machine-evaluable reality check; nothing is executed by this tool. Stored locally under .dashclaw-local/launches/.

get_launch_statusA

Load a launch plan and report done / pending / blocked-on-approval / failed per step plus THE single next action. Completion is verified, not self-reported: every step's reality check is re-evaluated against provider/local state (reads only, audited), so a crashed session cannot leave phantom done marks. Resumable across sessions.

preflight_launchA

Run before step 1 — verifies the declared stack is actually launchable: provider tokens present AND valid (cheap authenticated read each), mappings complete, Stripe mode sanity (live vs test key for the target environment), Namecheap client IP whitelisted. Returns pass/fail per check with remediation hints. Run before any money is spent.

verify_launchA

Run after the last step — end-to-end verification that the launch actually works: domain resolves, latest deployment READY, required env vars present on the app, Stripe webhook enabled, email sending domain verified. Reads only, audited.

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription
DashClaw PoliciesCurrent active governance policy set for the organization.
DashClaw CapabilitiesAvailable capabilities and their health status.
DashClaw StatusInstance health and operational summary metrics.
Code Sessions ProjectsAll Claude Code projects with ingested session data plus per-project rollups.

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/ucsandman/DashClaw'

If you have feedback or need assistance with the MCP directory API, please join our Discord server