High Risk:This skill has significant security concerns. Review the findings below before installing.

mission-control

Caution·Scanned 2/18/2026

This skill provides a Kanban-style dashboard and webhook-driven agent automation. It performs network calls to https://api.github.com, https://slack.com, and http://127.0.0.1:18789, reads local secrets like ~/.config/gh/hosts.yml and ~/.clawdbot/secrets/github-webhook-secret, and instructs running curl -fsSL https://tailscale.com/install.sh | sh.

from clawhub.ai·v531c24a·354.2 KB·0 installs
Scanned from 2.2.2 at 531c24a · Transparency log ↗
$ vett add clawhub.ai/rdsthomas/mission-controlReview security findings before installing

Mission Control

A Kanban-style task management system for AI assistants. Your human creates and prioritizes tasks via a web dashboard; the agent executes them automatically when moved to "In Progress".

Quick Start

Just say: "Set up Mission Control for my workspace"

The agent handles everything automatically:

  • Checks prerequisites (Tailscale, gh CLI)
  • Copies dashboard files
  • Creates config
  • Installs webhook transform
  • Sets up GitHub webhook
  • Deploys to GitHub Pages

Features

  • 📋 Kanban Board — Backlog, In Progress, Review, Done columns
  • 🔄 Auto-Execution — Agent starts working when tasks are moved to "In Progress"
  • 🎯 EPIC Support — Parent tasks with multiple child tickets
  • 💬 Comments — Track progress and feedback
  • 📊 Subtasks — Break complex tasks into steps
  • 🔔 Slack Notifications — Optional status updates

Documentation

  • SKILL.md — Full skill reference
  • docs/PREREQUISITES.md — Installation requirements
  • docs/HOW-IT-WORKS.md — Technical architecture
  • docs/TROUBLESHOOTING.md — Common issues & solutions

Requirements

ToolCheckPurpose
Tailscaletailscale statusSecure tunnel for webhooks
Tailscale Funneltailscale funnel statusExpose Clawdbot to internet
GitHub CLIgh auth statusRepository operations

Configuration

Config lives in ~/.clawdbot/mission-control.json. See CONFIG-REFERENCE.md for all options.

CLI Usage

# Update task status
mc-update.sh status <task_id> review

# Add comment
mc-update.sh comment <task_id> "Progress update..."

# Complete task
mc-update.sh complete <task_id> "Summary of what was done"

How It Works

  1. Human moves task to "In Progress" in dashboard
  2. GitHub sends webhook to Clawdbot
  3. Transform detects status change
  4. Agent receives work order
  5. Agent executes task, updates status
  6. Human reviews and approves

Security

Mission Control passes human-authored task descriptions to an AI agent for execution. This is the product's core function — not a vulnerability.

Trust model: Designed for single-user / trusted-user setups where the task author is the same person who controls the agent. For multi-user scenarios, use Clawdbot's agent sandbox and permission settings.

Mitigations included:

  • Input sanitization in mc-update.sh (blocks shell injection patterns)
  • Webhook HMAC verification with timingSafeEqual
  • Credential scanning before open-source sync
  • No tokens or secrets stored in the dashboard

See SKILL.md for full details.

License

MIT