Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Wolverine — Self-Healing Process Manager
v1.0.2Supervised self-healing process manager for OpenClaw. Wraps your gateway in a crash recovery loop — catches errors, diagnoses with AI, proposes fixes for rev...
⭐ 0· 51·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (self-healing process manager using AI) aligns with required binaries (node/npm) and the declared primary credential (ANTHROPIC_API_KEY). Installing an npm package that provides command-line binaries (wolverine, wolverine-claw) is coherent with the stated goal.
Instruction Scope
SKILL.md instructs the agent to read project config (.openclaw/config.yml), create backups in ~/.wolverine-safe-backups, modify code (apply fixes), run npm install/chmod/kill, and probe boots. It also references an optional OPENAI_API_KEY for embeddings (not declared by the registry metadata). These instructions grant broad filesystem and process control beyond simple read-only monitoring; the skill claims protections (read-only framework dirs, sandbox, secret redactor), but those are assertions in prose and not enforced by the registry metadata.
Install Mechanism
Install is an npm package (wolverine-ai) which is a common distribution for Node CLIs. That means arbitrary JS will be installed and run on the host — moderate risk and expected for this type of tool, but you should verify the npm package and its source (maintainer, releases, code) before installing.
Credentials
Registry requires only ANTHROPIC_API_KEY (reasonable). However, SKILL.md also references OPENAI_API_KEY (optional) and expects secrets in .env.local. The skill has wide file-write capabilities (backups, code edits). Requesting an AI API key is expected, but the presence of additional environment variables in the runtime instructions that aren’t declared is an inconsistency and reduces transparency about what secrets the skill may use or need.
Persistence & Privilege
The skill is not always-enabled and does not request elevated OpenClaw platform privileges in metadata, which is good. But it does install binaries and writes backups under the user home directory, and it will modify project files at runtime. Those are legitimate for a self-healing tool but increase blast radius — consider isolation (container/VM) and careful review before granting access to production workspaces.
What to consider before installing
This skill is plausible for self-healing OpenClaw but has real power (it edits code, runs commands, and installs an npm CLI). Before installing: 1) Verify the npm package and GitHub repo (publisher identity, recent commits, issues, and package contents). 2) Test in an isolated staging environment or container, not production. 3) Only provide the minimum API key needed (rotate keys and avoid sharing long-lived credentials). 4) Inspect or audit the installed package code (or pin to a vetted version) so you can confirm the claimed sandboxing, secret-redaction, and protected-path behavior. 5) Be aware SKILL.md references OPENAI_API_KEY even though it isn’t declared — ask the publisher whether that variable is required and what it’s used for. If you lack the ability to audit the package, treat this as higher risk and avoid deploying it against sensitive environments.Like a lobster shell, security has layers — review code before you run it.
latestvk97a9671gtxmrf55f8mryg6ags84hkcy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🐺 Clawdis
Binsnpm
Any binnode
EnvANTHROPIC_API_KEY
Primary envANTHROPIC_API_KEY
Install
Node
Bins: wolverine, wolverine-claw
npm i -g wolverine-ai