Gateway Restore
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its gateway-rollback purpose, but it can run detached shell commands that overwrite live Slack/Discord gateway configs and depend on local scripts that were not provided for review.
Install or use this only if you control this gateway environment. Inspect the actual installed restore script and the $HOME/bin safe restart scripts, replace the /home/swabby path with the correct installed path, and confirm the target gateway and known-good backup before allowing a restore.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A vague or mistaken restore request could overwrite the live Slack gateway config and restart the gateway.
A broad natural-language trigger is treated as authorization to perform a high-impact gateway restore, with Slack as the default and no explicit confirmation step.
If the user asks to restore via natural language ... THEN run the script ... Parse the request: - "restore" / "rollback" → slack gateway
Require an explicit target such as 'restore Slack gateway' or 'restore Discord gateway' and ask for confirmation before changing live config.
The skill may execute local restart code that is different from or riskier than what the packaged artifacts show.
The central safety/restart behavior depends on local helper scripts outside the provided manifest, so their contents and provenance cannot be reviewed here.
RESTART_SCRIPT="$HOME/bin/safe-slack-restart.sh" ... RESTART_SCRIPT="$HOME/bin/safe-gateway-restart.sh" ... bash "$RESTART_SCRIPT" "restore to known-good config"
Include the restart helper scripts in the skill package or clearly require the user to inspect and trust those exact local scripts before use.
The agent could run a background restore from an unexpected local path and only show a temporary log afterward.
The natural-language workflow launches a detached shell process from a user-specific absolute path, which may not be the reviewed installed artifact and reduces direct supervision.
setsid bash /home/swabby/repos/swabby-brain/skills/gateway-restore/scripts/gateway-restore.sh [slack|discord] [--tag-current] > /tmp/restore-output.log 2>&1 &
Use the installed skill-relative script path, avoid detached execution unless necessary, and show the command and target for user approval first.
Using the skill changes local gateway integration state and could affect Slack or Discord gateway availability.
The script uses write access to OpenClaw Slack and Discord gateway configuration files, which can affect connected service behavior.
CONFIG="$HOME/.openclaw-slack/openclaw.json" ... CONFIG="$HOME/.openclaw/openclaw.json"
Use it only in the intended gateway environment and verify the known-good backup before restoring.