Install
openclaw skills install @bobbyswhip/wolverine-aiSupervised self-healing process manager for OpenClaw. Wraps your gateway in a crash recovery loop — catches errors, diagnoses with AI, proposes fixes for review, verifies them, and restarts. Includes runtime code injection detection (33 patterns), automatic backup/rollback, and semantic memory that learns from past fixes.
openclaw skills install @bobbyswhip/wolverine-aiEXPERIMENTAL: This skill wraps your OpenClaw gateway in a supervised repair and security layer. Do not use in workspaces with critical production data until you have tested in a staging environment. All file modifications create backups first and can be rolled back.
Wolverine watches your OpenClaw process. When it crashes, Wolverine:
Most errors are resolved in 3–60 seconds for $0.00–$0.10 in AI tokens. All changes are backed up before being applied.
npx wolverine-ai@latest --setup-claw
One command. Detects your .openclaw/config.yml, merges settings, scaffolds wolverine-claw/. Zero code changes needed.
Error detected (crash or 500)
→ Empty stderr? → Just restart ($0.00)
→ Operational fix? → npm install / chmod / kill port ($0.00)
→ AI diagnosis → proposes code fix
→ Verify → syntax check + boot probe
→ Pass? → Apply fix, restart
→ Fail? → Rollback to backup, try next approach
→ 3 failures on same error → stop, file bug report for human review
Safety controls:
src/, bin/, node_modules/, .env files cannot be modified33 static analysis patterns scan code for injection attacks:
eval(req.body.code) blockedexecSync(req.query.cmd) blocked__proto__[key] = value blockedrequire(req.query.module) blockedfetch(req.query.url) blockedspawn("/bin/sh") blockedBlocked files are quarantined with forensic logs (code hash, stack trace, timestamp) for review.
Every fix creates a backup first. Nothing is lost.
wolverine --backup "before risky change"
wolverine --rollback-latest
wolverine --undo-rollback
Backups stored in ~/.wolverine-safe-backups/ — outside the project directory, survives git pull and reinstalls.
Lifecycle: UNSTABLE → VERIFIED → STABLE (30min of no crashes).
Vector store that learns from every fix. Before calling AI, Wolverine searches past solutions.
| Layer | What It Does |
|---|---|
| Code Guard | 33 injection patterns, quarantine, forensic logging |
| Injection Detector | 50+ prompt injection patterns before AI sees error text |
| Secret Redactor | Scrubs API keys from all AI calls, logs, and memory |
| Sandbox | File access restricted to project directory only |
| Rate Limiter | Prevents runaway AI costs |
| Blocked Commands | 18 dangerous shell patterns rejected |
Edit wolverine-claw/config/settings.json:
{
"gateway": { "port": 18789 },
"agent": { "model": "claude-sonnet-4-6", "maxTurns": 25 },
"healing": { "enabled": true, "maxHealsPerWindow": 5 },
"security": { "sandbox": true }
}
Secrets in .env.local only:
ANTHROPIC_API_KEY=sk-ant-...
OPENAI_API_KEY=sk-proj-... # optional, for embeddings
wolverine-claw --setup # guided onboarding
wolverine --claw # start with healing
wolverine-claw --direct # start without healing (debug)
wolverine --backup "msg" # create snapshot
wolverine --rollback-latest # restore last snapshot
wolverine --update # safe framework upgrade (never touches your code)
server/ and wolverine-claw/ directoriessrc/, bin/) is read-onlyMost fixes: $0.00–$0.01. Complex multi-file: $0.05–$0.10. Idle: $0.00.