When you're debugging a server and see an unfamiliar process or port listener, witr answers "why is this running?" without forcing you to correlate ps, lsof, systemctl, and docker ps yourself. It traces the full causality chain from a PID or port back through parent processes, systemd units, containers, and shell sessions. The TUI mode gives you a live dashboard, while the JSON output makes it scriptable for audits. Works across Linux, macOS, Windows, and FreeBSD. Honestly, this is one of those tools that should probably be built into the OS but isn't, so someone made it in Go instead. Requires elevated permissions for system processes, which makes sense but means you'll be typing sudo more than you'd like.
npx skills add https://github.com/aradotso/trending-skills --skill witr-process-inspector