auto-rollback
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: auto-rollback Version: 1.2.0-alpha.2 The skill provides a legitimate safety mechanism for rolling back configuration changes to the OpenClaw gateway on macOS. It functions by creating a timestamped backup of the configuration file and scheduling a one-time recovery task via launchd (using auto-rollback.sh) that restores the backup if the gateway fails a local health check. The implementation uses standard system utilities (launchctl, curl, jq) in a transparent manner, includes proper cleanup logic, and lacks any indicators of data exfiltration or malicious intent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the rollback timer fires while Gateway is unhealthy, your OpenClaw configuration can be reverted automatically and Gateway restarted.
The generated rollback task can overwrite the OpenClaw config with a backup and restart Gateway. This is the intended safety function, but it is a real local mutation.
cp "\$BACKUP_FILE" "$CONFIG_FILE" || {
log "❌ Failed to restore backup"
exit 1
}
log "🔄 Restarting Gateway"
"\$OPENCLAW_CMD" gateway restartUse this only when you intentionally want rollback protection for openclaw.json changes, and run status or cancel after confirming Gateway is healthy.
A background macOS launchd job may remain scheduled until it runs, is cancelled, or is cleaned up by the BOOT.md health-check flow.
The script writes and loads a launchd plist that runs a rollback script later. This is temporary persistence and is disclosed by the skill.
cat > "$plist_file" <<EOF
...
<string>/bin/bash</string>
<string>$rollback_script</string>
...
launchctl load "$plist_file"Verify the pending job with the status command, cancel it after a successful restart if BOOT.md integration is not enabled, and inspect ~/.openclaw/ai.openclaw.rollback.plist if needed.