ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gateway Guard

v1.0.7

Ensures OpenClaw gateway auth consistency. Use when checking or fixing gateway token/password mismatch, device_token_mismatch errors, or before delegating to...

2· 958·9 current·10 all-time
by@austindixson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code and SKILL.md: scripts inspect the running gateway, compare secrets to openclaw.json, can write gateway.auth when missing/incorrect, and can restart the gateway. Tools used (ps, lsof, kill, openclaw CLI) are appropriate for the task.
Instruction Scope
Runtime instructions ask the agent/user to run the included Python script and optional installer. The skill reads and may write the user's openclaw.json, probes processes and ports, and can issue local CLI commands (e.g., 'openclaw agent --message continue --deliver'). These actions are consistent with the stated purpose but are privileged (can restart gateway, change config, and auto-send 'continue'), so the user should explicitly consent and test in a non-production environment first.
Install Mechanism
No network install or arbitrary download. The package is file-based with included scripts and an optional LaunchAgent plist; install is a local copy or running provided install shell scripts. No third-party packages are pulled during install.
Credentials
The skill declares no required env vars but the code uses OPENCLAW_HOME and OPENCLAW_BIN with sensible defaults. It needs read/write access to the user's OpenClaw workspace (openclaw.json, logs) and permission to inspect processes and start/stop the gateway. Those privileges are proportional to its purpose but are sensitive (config writes, process restarts, local CLI invocations).
Persistence & Privilege
Persistence via a macOS LaunchAgent is optional and only installed if the user runs install_watcher.sh. The skill metadata sets always: false. Autonomy to invoke the skill is the platform default; combined with the optional watcher, it can autonomously restart gateway and auto-send 'continue' messages — this is expected for the described use but should be enabled only with informed consent.
Assessment
This package appears to do what it says: compare and (if requested) repair gateway auth and optionally run a watcher that auto-sends a local 'continue' message when a run error appears. Before installing or enabling the watcher: 1) back up your openclaw.json; 2) run the status/ensure commands without --apply to see proposed changes; 3) understand and accept that the watcher will restart the gateway and can run 'openclaw agent --message continue --deliver' (this will send a local command to your agent); 4) the scripts use lsof/ps/kill/launchctl and may reveal secrets in process arguments to other local users (this is a normal risk when passing secrets on command lines); and 5) prefer to test in a non-production environment. If you need further assurance, inspect gateway_guard.py and the plist before installing and verify the LaunchAgent contents and environment substitutions (OPENCLAW_HOME/OPENCLAW_BIN) so the daemon runs with intended paths.

Like a lobster shell, security has layers — review code before you run it.

latestvk9717rc703m4hcgkt6cbn6jjtn82hd7q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments