Config Rollback
v1.1.0Auto-rollback protection for config changes. Backs up before edit, sets a 5-minute system timer to restore if things go wrong. Works with any service config,...
⭐ 0· 429·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (auto-rollback for config edits) matches the SKILL.md instructions: backing up files and scheduling a 5-minute system restore using `at`. There are no unrelated environment variables, binaries, or installs requested.
Instruction Scope
The SKILL.md explicitly instructs running cp on system config paths (e.g., /etc/nginx/nginx.conf), echoing restore commands into `at`, and cancelling with `atrm`. This stays within the stated purpose, but it assumes root privileges and presence of system tools (`at`, `systemctl`) without checks. The instructions also demonstrate concrete shell commands that — if copied verbatim for other targets — could overwrite important files; users or an agent must substitute paths carefully.
Install Mechanism
Instruction-only skill with no install spec and no code to write to disk. Lowest install risk.
Credentials
No environment variables or credentials are required (consistent). However, the actions manipulate system config files and create system-level scheduled jobs, which effectively require elevated privileges to be useful; the skill does not document privilege requirements or safeguards.
Persistence & Privilege
The skill does not request permanent inclusion (always:false). It does instruct creation of persistent, system-level scheduled jobs (`at`) that will run independently of the user session — this is expected for the stated purpose but increases the impact of any mistaken or malicious scheduled command.
Assessment
This skill appears to do what it says: back up a config file and schedule a 5-minute restore with `at`. Before installing or invoking it, consider:
- The SKILL.md runs shell commands that change /etc files and schedule system jobs — these usually require root. Ensure you understand and run the commands as the correct user.
- `at`/`atrm` and `systemctl` must exist on the host; the skill does not check for them.
- Verify any backup/restore commands and paths before running or allowing an agent to run them — the scheduled job will run unattended and can execute arbitrary shell commands. If you don't fully trust the skill source, run the example commands manually yourself and inspect the scheduled job (atq) rather than giving the agent authority to create them.
- Consider safer alternatives: use version-controlled configuration directories, atomic config reloads, or infrastructure-specific rollback mechanisms where available.
If you want higher assurance, ask the publisher for provenance (homepage, source repo) or require the skill to include checks (presence of `at`, privilege warnings, and safer atomic backup semantics) before use.Like a lobster shell, security has layers — review code before you run it.
configvk973ye0fjgq7grbxwr8zy94hwx841a1xdevopsvk973ye0fjgq7grbxwr8zy94hwx841a1xlatestvk973ye0fjgq7grbxwr8zy94hwx841a1xrollbackvk973ye0fjgq7grbxwr8zy94hwx841a1xsafetyvk973ye0fjgq7grbxwr8zy94hwx841a1xservervk973ye0fjgq7grbxwr8zy94hwx841a1x
License
MIT-0
Free to use, modify, and redistribute. No attribution required.