Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Gateway Safety
v1.0.0Safely update OpenClaw gateway configuration (openclaw.json) with automatic validation, backup, and 30-second health-check rollback. Use this skill whenever...
⭐ 0· 231·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to safely update the gateway config and the provided script implements that. However, the metadata declares no required binaries while the script calls external commands (jq for JSON validation and openclaw for restart/status). The missing declared dependencies is an incoherence: the skill will fail or behave unpredictably if those binaries are absent or not the expected implementations.
Instruction Scope
SKILL.md restricts actions to using the included script and describes the backup/validate/restart/rollback flow. The scope is limited to gateway config files in $HOME/.openclaw and agent-facing behavior. Note: the script assumes an existing config at $HOME/.openclaw/openclaw.json (no pre-check before backing up) and writes logs to $HOME/.rook/logs and a lockout file that instructs agents to 'STOP ALL OPERATIONS' and wait for a named person ('Kevin'), which may be operationally awkward.
Install Mechanism
This is an instruction-only skill with an included shell script and no install spec — low install risk. Nothing is downloaded or installed by the skill bundle itself.
Credentials
The skill declares no required environment variables or credentials, which is fine, but the script uses $HOME paths and external binaries without declaring them. The implicit dependency on jq and the openclaw CLI should be declared; otherwise the agent may run this when the environment is not appropriate.
Persistence & Privilege
The skill does not request persistent or elevated platform privileges; always:false. It writes backups, a known-good file, failure count, logs, and potentially a GATEWAY_LOCKOUT file in the user's home directory — expected for its purpose but worth noting because those files control agent retry behavior and include a hardcoded human contact instruction.
What to consider before installing
This skill appears to implement the stated safe-update behavior, but before installing or invoking it: 1) Verify jq and the openclaw CLI exist on target hosts and are the expected tools (the metadata does not declare these binaries). 2) Inspect and confirm the script's file paths ($HOME/.openclaw, $HOME/.rook) and ensure you accept logs/backups being written there. 3) Understand the lockout behavior: after 3 failures the script creates a GATEWAY_LOCKOUT file and instructs agents to stop and 'wait for Kevin' — confirm who is the intended approver and update messaging/policy if needed. 4) Consider testing the script in a safe environment (non-production gateway) to see how restart/status behave and to confirm rollback works. 5) Recommend updating the skill metadata to list required binaries (jq, openclaw) and/or hardening the script (check that CONFIG_PATH exists before copying, validate permissions, and avoid reliance on a single named human in automated messaging).Like a lobster shell, security has layers — review code before you run it.
latestvk97b54y41c6pwn22qggpw1jqth82r18k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.