defillama-watchdog

DeFi protocol monitoring with alerts for TVL drops, capital rotation, hacks, bridge surges, unlocks, and revenue. Runs checks on demand or scheduled.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "defillama-watchdog" with this command: npx skills add neros0/defillama-watchdog/neros0-defillama-watchdog-defillama-watchdog

DeFiLlama Protocol Watchdog

Monitor DeFi protocols for TVL drops, capital rotation, security risks, and market opportunities.

When to Use

  • User wants to monitor or track specific protocols (e.g., "watch Aave", "alert me if Uniswap drops")
  • User asks for a security audit, risk check, or full briefing
  • User wants rotation alerts or sentiment updates (capital flow analysis)
  • User wants to check if protocols were hacked (portfolio safety)

Don't use for one-off queries like "what is Aave's TVL?" — answer those directly.

Available Commands

All commands run from the skill root. Add --json for structured output.

CommandPurposeOutput Signals
python3 scripts/watchdog.pyCheck TVL dropsALERT: or HEARTBEAT_OK
python3 scripts/capital_flow.pyCapital rotation & sentimentROTATION:, SENTIMENT:, or HEARTBEAT_OK
python3 scripts/bridge_monitor.pyBridge volume surgesBRIDGE_SURGE: or HEARTBEAT_OK
python3 scripts/metrics_guard.pyPortfolio vs Recent HacksEMERGENCY: or HEARTBEAT_OK
python3 scripts/true_growth.pySmart money (TVL down, inflows up)BULLISH_DIVERGENCE: or HEARTBEAT_OK
python3 scripts/unlocks_monitor.pyToken unlock risksDUMP_RISK: or HEARTBEAT_OK
python3 scripts/revenue_guard.pyRevenue/fee growthVALUE: or HEARTBEAT_OK
python3 scripts/full_briefing.pyRun all checksAll signals combined

How to Respond

When User Requests a Check

  1. Run the appropriate script(s)
  2. Parse the output signals:
    • HEARTBEAT_OK = All clear
    • ALERT: = TVL dropped beyond threshold
    • EMERGENCY: = Portfolio protocol was hacked
    • ROTATION: = Capital moving between chains
    • SENTIMENT: = Risk-on/risk-off signal
    • BRIDGE_SURGE: = Bridge volume spike (hot chain)
    • BULLISH_DIVERGENCE: = TVL down but inflows up
    • DUMP_RISK: = Large unlock coming
    • VALUE: = Revenue growing faster than price
  3. Synthesize results into 2-5 sentences explaining what happened and why it matters

Response Pattern for Alerts

When you detect a risk signal:

  1. Lead with the key finding (TVL drop, hack, rotation)
  2. Add context from other signals:
    • If ALERT: → run capital_flow.py to check if it's rotation or protocol-specific
    • If portfolio exists → run metrics_guard.py to check hack risk
    • Optionally run other checks for depth (unlocks, inflows, revenue)
  3. Give a clear takeaway (what should the user do?)

Example Synthesis

Bad: "ALERT: AAVE V3 TVL dropped by 12.3%. ROTATION: Stablecoin supply on Ethereum shrank 1.5%."

Good: "Aave V3 TVL dropped 12.3% in the last period. This appears linked to broader capital rotation — stablecoin supply on Ethereum is down while Solana is growing. Not protocol-specific risk, but watch for continued outflows."

Common User Requests

"Alert me if [protocol] drops more than X%"

  • Ensure config.json has correct watch_list (use DefiLlama slugs) and threshold
  • Explain the watchdog runs on schedule and will alert when breached

"Run a security audit" / "Full briefing" / "Risk check"

  • Run python3 scripts/full_briefing.py
  • Synthesize all output signals into one narrative

"Any capital rotation?" / "Sentiment update?"

  • Run python3 scripts/capital_flow.py
  • Report ROTATION: and SENTIMENT: signals, or say "no significant moves"

"Were any of my protocols hacked?"

  • Run python3 scripts/metrics_guard.py
  • Requires assets/portfolio.json (DefiLlama protocol IDs)
  • Report EMERGENCY: immediately if found

"Manual check now"

  • Run python3 scripts/watchdog.py
  • Report results or confirm "all within threshold"

Configuration

File: config.json in skill root

Key settings:

  • watch_list: Array of DefiLlama protocol slugs (e.g., ["aave-v3", "uniswap", "lido"])
  • threshold: Decimal for alert threshold (e.g., 0.10 = 10% drop)
  • risk_level: "high" (5%), "standard" (10%), "low" (15%)
  • Feature toggles: capital_flow.enabled, metrics_guard.enabled, bridge.enabled, etc.

Portfolio tracking: Create assets/portfolio.json with DefiLlama protocol IDs for hack/unlock alerts.

Pro features: Some features (inflows, unlocks) need DEFILLAMA_PRO_API_KEY in environment. Most features work without any API key.

Important Notes

  • Protocol slugs must match DefiLlama exactly (check defillama.com/protocols)
  • Scripts store state in assets/ directory (TVL history, bridge data, etc.)
  • All scripts exit 0 and print to stdout — parse the signal lines
  • Latency: Alerts arrive after DefiLlama updates (~5-15 min) + next check cycle
  • No API key required for: TVL, capital flow, hacks, bridge, revenue
  • Pro API key needed for: inflows (true_growth), unlocks (unlocks_monitor)

Output Style

  • Keep it concise: 2-5 sentence summaries
  • Lead with action: "Aave dropped 12%" not "The system detected..."
  • Provide context: Explain if it's rotation, hack risk, or protocol-specific
  • Skip if quiet: Don't report HEARTBEAT_OK unless user asked for status
  • Handle errors gracefully: If script fails, tell user to run manually

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Web3

Aave Liquidation Monitor

Proactive monitoring of Aave V3 borrow positions with liquidation alerts. Queries user collateral, debt, and health factor across chains (Ethereum, Polygon, Arbitrum, etc.). Sends urgent alerts to Telegram/Discord/Slack when health factor drops below configurable thresholds (critical at 1.05, warning at 1.2). Use when you need continuous monitoring of Aave positions, want alerts before liquidation risk occurs, or need periodic summaries of your borrowing health.

Registry SourceRecently Updated
9880Profile unavailable
Security

Alerting & Notification System

Centralized alerting and notification system for OpenClaw. Multi-channel alerts, intelligent rules, escalation, and audit.

Registry SourceRecently Updated
3980Profile unavailable
General

Disk Watch

Monitor disk space across drives. Alert before disks fill up. Track usage trends, find space hogs, suggest cleanup. Every server needs this.

Registry SourceRecently Updated
1370Profile unavailable
General

Competitor Insights

Automatically track competitor pricing, feature launches, marketing campaigns, and receive AI-generated insights and alerts for competitive intelligence.

Registry SourceRecently Updated
990Profile unavailable