Failover Gateway Pub
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: failover-gateway-pub Version: 1.0.0 The skill is classified as suspicious due to two main reasons. First, the `SKILL.md` instructions use `curl | sh` for installing Tailscale and NVM, which introduces a supply chain vulnerability where a compromised source could lead to arbitrary code execution. Second, the `scripts/health-monitor.sh` script includes functionality to `rsync` the `~/.secrets/` directory from a user-defined `SECRETS_HOST` during a failover event. While intended for legitimate failover, this is a high-risk operation involving the transfer of sensitive data, posing a significant data exposure vulnerability if the `SECRETS_HOST` is compromised or misconfigured.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Credentials or other sensitive files in ~/.secrets could be moved to the standby machine automatically during a failover event.
If SECRETS_HOST is configured, the monitor automatically copies the entire remote ~/.secrets directory to the standby host during promotion. The artifacts do not bound which secrets are copied or require per-sync approval.
SECRETS_HOST="${SECRETS_HOST:-}" ... rsync -a "${SECRETS_HOST}:~/.secrets/" "/home/${OPENCLAW_USER}/.secrets/"Only configure SECRETS_HOST if necessary, use a narrowly scoped secrets directory or service account, and verify file permissions, host authenticity, and retention on the standby.
A misconfigured health check or network issue could cause the standby gateway to start or stop without a human decision at that moment.
The script is designed as a long-running background monitor that autonomously starts and stops the OpenClaw gateway based on health checks.
while true; do ... promote ... demote ... systemctl start openclaw ... systemctl stop openclaw
Confirm PRIMARY_IP, PRIMARY_PORT, thresholds, and channel separation before enabling the systemd service; test failover and recovery in a controlled window.
Installing from remote scripts or unpinned package channels can expose the server to upstream compromise or unexpected version changes.
The setup guide uses remote installer scripts and a global npm install. These are user-directed and relevant to setup, but they rely on external sources at install time.
curl -fsSL https://tailscale.com/install.sh | sh ... curl -fsSL https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash ... npm install -g openclaw
Review installer sources, pin versions where practical, run commands as the intended user, and prefer package checksums or trusted package repositories when available.