Failover Gateway Pub
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Credentials or other sensitive files in ~/.secrets could be moved to the standby machine automatically during a failover event.
If SECRETS_HOST is configured, the monitor automatically copies the entire remote ~/.secrets directory to the standby host during promotion. The artifacts do not bound which secrets are copied or require per-sync approval.
SECRETS_HOST="${SECRETS_HOST:-}" ... rsync -a "${SECRETS_HOST}:~/.secrets/" "/home/${OPENCLAW_USER}/.secrets/"Only configure SECRETS_HOST if necessary, use a narrowly scoped secrets directory or service account, and verify file permissions, host authenticity, and retention on the standby.
A misconfigured health check or network issue could cause the standby gateway to start or stop without a human decision at that moment.
The script is designed as a long-running background monitor that autonomously starts and stops the OpenClaw gateway based on health checks.
while true; do ... promote ... demote ... systemctl start openclaw ... systemctl stop openclaw
Confirm PRIMARY_IP, PRIMARY_PORT, thresholds, and channel separation before enabling the systemd service; test failover and recovery in a controlled window.
Installing from remote scripts or unpinned package channels can expose the server to upstream compromise or unexpected version changes.
The setup guide uses remote installer scripts and a global npm install. These are user-directed and relevant to setup, but they rely on external sources at install time.
curl -fsSL https://tailscale.com/install.sh | sh ... curl -fsSL https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash ... npm install -g openclaw
Review installer sources, pin versions where practical, run commands as the intended user, and prefer package checksums or trusted package repositories when available.