auto-rollback
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the rollback timer fires while Gateway is unhealthy, your OpenClaw configuration can be reverted automatically and Gateway restarted.
The generated rollback task can overwrite the OpenClaw config with a backup and restart Gateway. This is the intended safety function, but it is a real local mutation.
cp "\$BACKUP_FILE" "$CONFIG_FILE" || {
log "❌ Failed to restore backup"
exit 1
}
log "🔄 Restarting Gateway"
"\$OPENCLAW_CMD" gateway restartUse this only when you intentionally want rollback protection for openclaw.json changes, and run status or cancel after confirming Gateway is healthy.
A background macOS launchd job may remain scheduled until it runs, is cancelled, or is cleaned up by the BOOT.md health-check flow.
The script writes and loads a launchd plist that runs a rollback script later. This is temporary persistence and is disclosed by the skill.
cat > "$plist_file" <<EOF
...
<string>/bin/bash</string>
<string>$rollback_script</string>
...
launchctl load "$plist_file"Verify the pending job with the status command, cancel it after a successful restart if BOOT.md integration is not enabled, and inspect ~/.openclaw/ai.openclaw.rollback.plist if needed.